The Chess Variant Pages



Privacy Policy

Cookies

Cookies are bits of data that a website may store in your browser and retrieve when needed. We use cookies for the following purposes:

In addition to our cookies, advertisers may use their own cookies to track you across websites. We do not control or access these, though they may be present.

Database

We store the following details about members in the database:

We also store and display content provided by members. These include, but may not be limited to the following:

Game Courier Logs

Game Courier keeps track of games played on it in logs. These have three levels of privacy. They may be public, hidden, or completely private. Hidden logs are not displayed on the logs page, but they may still be read. The option is normally chosen when an invitation is issued, and the default value is public.

Since players may add comments after moves, and they may use this for personal conversations, one additional privacy measure has been taken. When no one is signed in, and the cookie for longterm storage of the userid doesn't match either player, comments on their own line will not be displayed. This should keep the text of casual conversations from being searchable on search engines and from being read by robots and spiders. The only comments that will be displayed will be inline comments that immediately follow moves, since these are normally used by Game Courier for displaying game related messages, such as "Check" or "Checkmate."

Sessions

When you are signed in, we keep certain information about you available in a session. This is stored on the server side and is not shared with anyone else. The browser stores a session cookie to tell us which session is yours, but it cannot read the contents of a session. We normally keep the following information about you in a session when you are signed in:

Note on Open ID

We used to have the means to let people sign in through Open ID, which would let you sign in with social media accounts or other Open IDs provided by other sources. But the script we were using for this eventually broke, and we have not set up a new script for signing in with Open ID. We do store the Open IDs of some members, and if the time comes when we can use Open ID again, these members will have an alternative way of accessing their account.

Shared Information

We do not sell information about vistors or members to anyone, but we do normally share the following information about members on the member's profile page:

When we display an email address, this is protected in two ways. For visitors who are not signed in, an email address will appear as a CAPTCHA freshly created with a random selection of fonts and Chess piece images. For example:

When a member is signed in, Cloudflare, which we use for DNS, will replace the email address with JavaScript that will display the email address to the human visitor without displaying it in the page's source code.

We do not display the email address of anyone who isn't a fully registered user. This includes authors and inventors who are not members, as well as new members who have not finished the registration process. We also allow members to choose to not have their email address displayed. For new members, this option is turned on by default. If you wish to display your email address, you should turn this option off. The same goes for Open IDs, though we presently have no ability to get them from new members.

Account Security

Once you are fully registered, your account will be protected by a password that only you should know. This password is stored in encrypted form in our database, and for new accounts, we use the PHP best practice of using password_hash() and password_verify() for passwords. This means that all passwords are encrypted one way, and no one can read or reconstruct your password from the database. Some older passwords are stored with weaker forms of encryption. If you haven't changed your password in a long time, it is recommended that you do so. It is up to you to keep your password secure.

In case you lose your password, you may prove your identity with email verification and change your password. If you don't get any email, you can email us from the address we have on file, and we can change your password for you.

If you have not yet completed registration, you may prove your identity by being at the IP address you were at when you began registration, and by accurately remembering the email address you used to sign up. This is a bit less secure than email verification, but it's useful when you signed up with an email address that is rejecting our email.

Email Preferences

Besides the aforementioned option to keep your email address private, you have additional options regarding how we use your email. These include:

For new members, these are all turned off by default. To receive any email notifications from us, you will have to turn on the preference to receive them.

Previous Privacy Policy

I am keeping this up temporarily until I can go through it more thoroughly to see if I missed anything above.

Private vs. Public Information

When you join, we require you to verify your identity with either an email address or an OpenID. We keep this information in our database in case you lose your password, so that you can use it to verify ownership of your account when you need to. By default, these will be displayed on your Person Information page. But you are given the option to keep each of these private, which will keep them from being displayed on your Person Information page. If you choose to keep your email or your OpenID private, we will not release them to anyone else without your prior permission unless forced to by law. If you choose to display your email address, it will be kept safe from spiders and robots by being displayed as a script-generated CAPTCHA, using random fonts, positions, angles, sizes, colors, and chess dingbats. A link is not provided to your email address unless someone enters it as the answer to the email CAPTCHA.

All other information you provide about yourself will be considered public. This includes, but is not limited to, information you post in page comments, Game Courier comments, and subject threads, as well as any content you contribute to the site.

Cookies

Two cookies are used to identify members. One is a session cookie. This just identifies a session stored on the server. When you are logged in, your personal details (name, userid, email, and OpenID) will be stored in a session. The other cookie records your userid, so that when you are not logged in, it is easier for you to log in right away. Neither cookie contains private information about you. Any private information is in the session, not the cookies.

We do not use these cookies to track your use of our site. We use them simply to provide you with more personalized content and to make it easier for you to use the site and provide feedback.

Crediting Your Posts and Contributions

When you post comments or add other content, you will be identified by your name linked to your Person Information page (if you are a member) or your OpenID (if you are logged in with an OpenID). If you post a comment anonymously, you may enter any name you wish, but in case the need for it ever arises, your I.P. address will be recorded in the database with your comment. This will not be displayed with your comment, but it will be stored in case we need it. If you post with your UserID or OpenID, your I.P. address will not be stored with your comment.


Written by Fergus Duniho.
WWW Page Created: Tue May 04, 2012.