Verified Commit 4e44ac24 authored by Elias Ojala's avatar Elias Ojala
Browse files

Privacy: Initial commit

parents
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="/libs/normalize/normalize.css">
<link rel="stylesheet" href="/assets/fonts.css">
<style>
body {
margin: 20px;
font-family: 'Open Sans', sans-serif;
}
</style>
<title>lelux.fi - Privacy Policy</title>
</head>
<body>
<h1>Privacy Policy</h1>
<hr>
<h2>Legal structure</h2>
<p>Lelux.fi is run by a private person which is a citizen of <a href="https://en.wikipedia.org/wiki/Finland">Finland</a>.</p>
<h2>Legal orders</h2>
<p>Lelux.fi complies to legal orders according to Finnish law. We publish legal orders at <a href="/transparency/">our transparency page</a> unless prohibited to do so.</p>
<h2>Location of stored data</h2>
<p>Servers that store user data are located in:</p>
<ul>
<li>Finland</li>
<li>Luxembourg</li>
<li>France</li>
<li>Germany</li>
<li>United States*</li>
</ul>
<p>* Only authoritative nameservers and CDN nodes (see below)</p>
<h3>CDN</h3>
<p>We do not use third-party content delivery networks ("CDNs"), instead we use our custom self-hosted CDN, with nodes in following locations:</p>
<ul>
<li>Luxembourg</li>
<li>New York, NY, US</li>
<li>Las Vegas, NV, US</li>
</ul>
<p>Our CDN nodes do not log any requests at the edge. Logging that may be enabled for some domains is handled on the backend (see section <a href="#wwwlogs">Webserver logs</a> below).</p>
<p id="cdn-connection">Your client is currently connected to: <code id="cdn-node">loading</code><noscript>Requires JS</noscript>.</p>
<p>You <noscript>can</noscript><span class="jsonly">also may</span> check which server your client is connected to, by visiting <a href="https://cdn.lelux.fi/api/info"><code>https://cdn.lelux.fi/api/info</code></a>.</p>
<noscript>
<style>
#cdn-node, #cdn-connection, .jsonly {
display: none;
visibility: hidden;
}
</style>
</noscript>
<script src="/privacy/script.js"></script>
<h2>Service-specific policies</h2>
<ul>
<li><a href="https://updatewatch.lelux.fi/legal/privacy-policy.php">UpdateWatch</a></li>
<li><a href="/resolver/#privacy-policy">DNS resolvers</a></li>
</ul>
<h3>Open BitTorrent Tracker</h3>
<p>No logs (other than <a href="/tracker/#stats">statistics</a>) are made. Configuration files can be found from <a href="/tracker/conf/">here</a>.</p>
<a name="searx"></a><h3>Searx</h3>
<p>Data <strong>not</strong> collected:</p>
<ul>
<li>Your IP address (<a href="https://searx.lelux.fi/?q=ip&categories=general&language=en-US">not sent to Searx web server</a>)</li>
<li>Your search query<br />
Keep in mind though, that the engines may save your query, you can adjust engines on <a href="https://searx.lelux.fi/preferences">preferences</a> (<a href="https://haku.lelux.fi/preferences">fi</a>) page
The engines won't get your IP address though, only ours.</li>
<li>Access logs and error logs are disabled.</li>
</ul>
<h3>Gitea (<code>git.lelux.fi</code>)</h3>
<p>Data we collect:</p>
<ul>
<li>Data you give us, such as your email address, username, etc.</li>
<li>Your IP address (access & error logs)</li>
</ul>
<p>Please note that the email address you use for commits is public (available through <code>git log</code>).</p>
<h3>Free authoritative DNS</h3>
<p>The master and slave servers don't collect any access log data that we are aware of. Statistics data (amount of queries) may be collected.</p>
<a name="email"></a><h3>E-mail</h3>
<p>Our email server is located in Luxembourg, owned by <a href="https://frantech.ca/">Frantech</a> (based in Canada).</p>
<p>Email transmission logs are kept indefinitely.</p>
<a name="wwwlogs"></a><h3>Webserver logs</h3>
<p>Please use <a href="https://www.torproject.org/">Tor</a> or other network privacy tools (such as VPNs, proxies) to hide your IP address from my webservers if you are concerned about collection of IP addresses.</p>
<p><strong>No</strong> access logs or error logs are made for the following domains:</p>
<ul>
<li><code>lelux.fi</code></li>
<li><code>www.lelux.fi</code> (redirection)</li>
<li><code>myip.lelux.fi</code></li>
<li><code>wiki.lelux.fi</code></li>
<li><code>tracker.lelux.fi</code> (<a href="/tracker/conf/nginx.conf">conf</a>)</li>
<li><code>tracker6.lelux.fi</code> (<a href="/tracker/conf/nginx.conf">conf</a>)</li>
<li><code>searx.lelux.fi</code></li>
<li><code>haku.lelux.fi</code></li>
</ul>
<p>Anonymized access & error logs (+ no IP sent to backend) are enabled for the following domains:</p>
<ul>
<li><code>rwtxt.lelux.fi</code></li>
<li><code>imgproxy.lelux.site</code> (going to be changed!)</li>
<li><code>webproxy.lelux.site</code> (going to be changed!)</li>
</ul>
<p>Access and error logs are enabled for following domains:</p>
<ul>
<li><code>archive.lelux.fi</code> (reason: shared hosting, can't turn off)</li>
<li><code>git.lelux.fi</code> (going to be changed!)</li>
<li><code>updatewatch.lelux.fi</code> (going to be changed!)</li>
<li><code>freedns.lelux.fi</code> (control panel)</li>
</ul>
<h4>Exceptions</h4>
<p>CSP report endpoint (<code>report-uri.lelux.fi</code>) may log your IP and other metadata (such as browser, operating system, etc.).<br />
See <a href="https://report-uri.com/home/privacy_policy">Report URI's privacy policy</a> for more information.
Please block CSP reporting using <a href="https://github.com/gorhill/uBlock/wiki/Dashboard:-Settings#block-csp-reports">uBlock Origin</a> to prevent this.</p>
<p>Error logs may save your IP address.</p>
<h2>Deletion of data</h2>
<p>To delete your data, some services have built-in tools to delete it. You also may contact us at <a href="mailto:privacy+deletion@lelux.fi?subject=Deletion of stored data">privacy@lelux.fi</a>.</p>
<h2>Export your data</h2>
<p>Some services allow self-export of data. For other services, contact us at <a href="mailto:privacy+export@lelux.fi?subject=Export of stored data">privacy@lelux.fi</a>.</p>
<h2>Contact us</h2>
<p>If you have any questions about this Privacy Policy, please contact us at <a href="mailto:privacy+contact@lelux.fi?subject=Questions about Privacy Policy">privacy@lelux.fi</a>.</p>
<h2>Changes to Privacy Policy</h2>
<p>We reserve the right to change this Privacy Policy.</p>
<h2>Last modified</h2>
<p>2019-08-27</p>
<ul>
<li><a href="/privacy/history/">Revision history</a></li>
</ul>
<hr>
<a href="/">lelux.fi</a>
</body>
</html>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment