|
UNIX.COM General Data Privacy Regulations (GDPR) Compliance |
Version 0.84 - 8 May 2019
Overview The staff of UNIX.COM are a group of volunteers who are passionate about UNIX, Linux and other Unix-Like Operating Systems. We discuss computer science and related topics in a warm, friendly, professional environment, suitable for people at work, home and at school. Our intent at UNIX.COM is to assist, educate, and help all computer users in a free non-commercial, public environment. The main source of revenue for UNIX.COM is display advertising from unregistered users via our advertising partners BuySellAds, IDG, SOVRN and other companies which connect advertisers to end users. In general, we do not serve ads to regular users who contribute to the forums. From time to time, individuals voluntarily choose to provide financial support to the forums by a way of a donation or VIP subscription. Example uses of this revenue are the monthly fixed costs of our servers, network bandwidth, security, fraud detection and upgrades or repairs to our information technology when necessary.
UNIX.COM has long valued user data privacy and it is been our long-standing policy to not permit any personal or private data in public posts. Our Moderation team monitors all posts and attempts to immediately delete any content which appears to be private user data, such as email addresses or other personal identifiers. In addition, it has also been our long-standing policy at UNIX.COM to delete any content which is hateful or aggressive in nature. We do not tolerate hate speech or private data breeches at UNIX.COM. Summary If you only read the posts and forums on UNIX.COM and you do not post, we collect and retain standard Internet access information like your IP address and the URLs accessed. We may store this data on backup servers. This Internet access data is stored on the UNIX.COM server and this same Internet access data is not accessible by anyone except the UNiX.COM Moderators and Administrators. We may use this data from time-to-time to monitor UNIX.COM for fraud, abuse and to protect UNIX.COM from cyberattacks. Kindly note that we may use the term "UNIX.COM team or staff" to refer to both Administrators, who have complete access to the server, database, and underlying operating system and hardware, and Moderators, who have access to posts, user profile information, and limited web server log information. If you choose to post additional information, outlined below, that data will be retained on UNIX.COM servers, and will be available to the UNIX.COM team. Identification of Authors If you choose to actively participate and post at UNIX.COM you must create a member account. The purpose of member accounts are to differentiate the posts of one member from those of another (i.e. so our software will indicate that "Alice" posted one message, while "Bob" posted another) and to prevent spam. The only information that must be public is the account name, which you choose yourself. If you choose the name "Alice," for example, other members will see that identifier attached to your posts. You do not need to provide any personal information about yourself. Your account name can be arbitrary and does not need have contain any personal information. No other information about you (for example, your email address or IP addresses) is made public. The UNIX.COM team encourages you to carefully consider any personal information which you voluntarily choose to provide, either in your member profile, or in your posts. Personal information is not permitted in posts. Cookies UNIX.COM will set a number of cookies in your browser when you are logged in. These cookies do not contain any information about you, but do contain limited information about your activity on the site. These cookies are necessary so the forum software can display which threads and posts you have and have not already read. These cookies are only to assist and enhance your user experience. You can read the site without having logged in and no cookies will be set. Passwords All passwords should be strong (8+ characters, some caps, some special characters). No clear-text passwords are stored on UNIX.COM servers. Your password is stored in our database as a one-way cryptographic hash. This means that no one, including the UNIX.COM team, can recover your password from the one-way hash. Your password cannot be and never is made public or used for any purpose other than for protecting your user profile and posts. The UNIX.COM team will never ask you for your password. You may reset your password in the UserCP Data Logging Every time you visit a web page you send a lot of information to web servers. Most web servers routinely maintain access logs with a portion of this information. This Internet access information may be used to get an overall picture of what pages are popular, what other sites link to UNIX.COM, and what web browsers people are using. UNIX.COM also uses this information to protect you and UNIX.COM from fraud and abuse. Our web access logs are used to update UNIX.COM access statistics and the raw log data is never made public or shared with commercial third parties for any reason. Normally, our web server access logs are discarded after a few week, depending on if there has been suspicious activity or indication of fraud and abuse of this web site. Here's a sample of what is typically logged for a single page view: Code (Text): 64.164.82.142 - - [11/Oct/2012:02:02:11 +0000] "GET /index.html" 200 18084 " https://www.unix.com/index.html [ "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/85.7 (KHTML, like Gecko) Safari/85.5" Internet access data may be examined by UNIX.COM developers in the course of solving technical problems and in the analysis of attempted fraud and abusive behavior. The largest abuse cases on our site are software robots that do not conform to Internet standards and overwhelm the site. The IP addresses of users, derived either from Internet access logs or from user access records in the UNIX.COM database are frequently used to correlate usernames and network addresses to aid in investigating abuses of the site, including the suspected use of malicious "sockpuppets" / duplicate accounts, vandalism, harassment of UNIX.COM users, or other attempted disruptions of the UNIX.COM community. UNIX.COM uses Google Analytics for Traffic Analysis. Please see Google Analytics Solutions - Marketing Analytics & Measurement for more information. UNIX.COM ad partners use Google Adsense and similar ad publication services for ad publishing. Please see Google AdSense - Make Money Online through Website Monetization for more information. Policy on the Release of Data Derived from Internet Access Logs It is the policy of UNIX.COM that personally identifiable data collected in the server logs may be released by the UNIX.COM team in the following situations: 1. In response to a valid subpoena or other compulsory request from law enforcement. To date this type of request has never happened. 2. With permission of the affected user. To date this type of request has never happened. 3. To the owner of UNIX.COM, his legal counsel, or his designee, when necessary for investigation of abuse complaints. 4. Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues. 5. Where the user has been abusing the site or persistently behaving in a disruptive way which is harming other users of the site, data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers. 6. Where it is reasonably necessary to protect the rights, property or safety of the owner of UNIX.COM, UNIX.COM users or the public. The long-standing UNIX.COM privacy policy does not permit public distribution of such information under any circumstances. Private release of limited user information can happen under one of the rare exceptions described above. Sharing Private User Information with Third Parties UNIX.COM will not sell or share private information, such as email addresses or user access information, with third parties, unless it is required by law to release the information. UNIX.COM does not and will not share private user or site access information with third-parties for commercial reasons. However, your IP address and other standard Internet access information may be used by ad servers to target ads to unregistered users. UNIX.COM does not, as a general rule, serve commercial ads to registered users. Security of Information UNIX.COM makes no guarantee against unauthorized access to any private information you provide in your profile. By using this site you agree to manage your personal information in your UserCP. Your user profile information may be available to anyone with access to the servers, including the UNIX.COM team. SSL encryption is used to strongly encrypt all Internet transactions on this site. Active data, such as the member database, is stored on the server itself. Backup copies of the member database may be stored either on the UNIX.COM server, or on a personal computer owned by an Administrator in a different geographic area from the server itself. While we cannot guarantee that no unauthorized access will ever occur, we actively monitor UNIX.COM using Internet best-practices to prevent and detect data breeches. We also encourage users to carefully consider all personal information they choose to reveal, and the potential consequences of that information being made public by some form of intrusion or unauthorized access. You are not required to make personally identifying information public on UNIX.COM. We do require your email address (see below) but this information is not made public or shared commercially by UNIX.COM. Email Addresses A valid email address is required to create a new member account on UNIX.COM. This is a necessary site requirement to prevent spammers from creating fake member accounts and automatically spamming the site. We will neither contact you via this email address without your permission nor sell or share this information to a third party. When you sign up for a new member account, a confirmation email will be sent to the email address you provide. The purpose of this confirmation email is to attempt to ensure that you are an actual human being and not an automated spam robot. The server software includes features to automatically notify you by email when various events occur: for example, if a thread you've participated in is posted to by another member. If you do not wish to receive such emails, those features may be disabled in your "control panel." A valid email address is also required to recover your password in case you forget your password. User Data Data on users, such as the times at which they posted and the number of posts they have made, are publicly available. In contrast, information about threads and posts read by users is not publicly available. This information is stored both in the cookies in your browser (if you are logged in), and on the server in the form of web server logs. Neither form of site access information is publicly available. The only information which is made public is information you choose to make public in your UserCP. In addition, the UNIX.COM team uses "thank you" activity by other UNIX.COM users in combination with automated spam scoring software and UNIX.COM user ratings by the UNIX.COM team to promote users to higher level of forum access and UNIX.COM community responsibility. This information is not public and is only used by the UNIX.COM team to help manage the community. UNIX.COM Private Messaging Privacy The private messaging (PM) system at UNIX.COM may be scanned by system software and pattern matching algorithms to protect the site and other users against fraud, unauthorized transactions (such as money laundering), or other illegal activities. The site administrators may examine PMs flagged by our system software as illegal or in violation of the user agreement (the rules). View, Change and Delete Personal Data All registered UNIX.COM users may may view all their personal information in our database in their UserCP. Registered users can fully manage (change or delete) the personal information at any time in their UserCP. Removal of User Accounts, Posts and Name Changes Once created, user accounts should be considered permanent. GDPR has directed us to accept account deletion requests from EU members. This does not mean all references and posts are removed. We are able to anonymize posts from accounts that have been deleted. Post removal and visibility is at the discretion of UNIX.COM owners and moderators. If you have copyright concerns, see spam, malware or other abusive posts, please contact the UNIX.COM team immediately. VIP members may request a user name change. UNIX.COM does not guarantee that a name will be changed by a non VIP member. Abusive or hateful oriented user names may be changed or deleted by the UNIX.COM team solely at the discretion of the team. Right to be Informed For every substantial change made to the UNIX.COM privacy policy we will require each member to read and explicitly agree to it for continued participation. In the event of a data breech, all UNIX.COM users will be notified within 72 hours via their email address on file with UNIX.COM. We will also post this information to our Twitter Feed and Facebook Page.
General User and Date Privacy Questions?
Contact the UNIX.COM team here. |
Reporting Security Issues & "Bug Finders" Hall of Fame |
We recognize how important it is to help protect privacy and security. We understand that secure products and services are critical in establishing and maintaining trust with our users. We strive to consistently deliver secure and enjoyable experiences in all of our forum products and services.
Security includes everyone = our valued users, our developers, our moderators and admins, third party software developers and the security community. Working together we can all make the forums at unix.com and the Internet safer. Reporting Security Issues Security of our networks and services is important for us and for you. We take it seriously. If you are a forum user and have a security issue to report regarding your personal forum account, please contact the forum moderators. This includes password problems, login issues, suspected fraud and account abuse issues. If you have discovered a vulnerability in the forum code or have a security incident to report, email neo@unix.com . Upon receipt of your message we will acknowledge your report. We believe in responsible security disclosure practices. In accordance with this we appreciate reporters privately notifying us of vulnerabilities and setting reasonable time frames for response and disclosure based on the severity of the issue. We believe this method provides the most secure environment for our forum users and the Internet at large. We will respond as soon as we can to fix verifiable security issues. When notified of legitimate issues, we will acknowledge your report, begin investigating the issue and will work to correct any vulnerabilities quickly. We would like to thank the following people, who have requested we make the following information (including their email addresses) public, for their contribution in ensuring the security of forums and our applications: Hall of Fame
Honorable Mention
|
The UNIX and Linux Forums Rules |
The UNIX and Linux Forums Frequently Asked Technical Questions |
Board FAQ |
Here you can find answers to questions about how the board works. Use the links below or the search box above to find your way around. |