Todos los Ășltimos sabados de cada mes a las 19h00 Hora Madrid
Discord

Next Jam:

Privacy

This page outlines the data which is collected and stored, how it is transmitted and stored, why it is stored and how you can control this. We're a tiny operation who fully support your ability to control your own data.

What we collect and store

  • For each user, the following user data is stored:
    • User ID (number used to identify each user internally)
    • User registration date and time
    • Username
    • User registration IP address
    • User registration User Agent (browser and operating system data)
    • Display name (set in Configuration)
    • Password validation information (salt, hashed password, number of hashing iterations)
    • Last login date and time
    • Last login IP address
    • Last login User Agent (browser and operating system data)
    • Email address (set in Configuration)
    • Twitter handle (set in Configuration)
    • Bio (set in Configuration)
    • Current role (user or administrator)
    • Last login IP address
  • For each suggested Tema, the following user data is stored:
    • Submission date and time
    • IP Address and User Agent of user who suggested it
    • Username of user who suggested it
    • Tema text (user entered)
  • For each suggested Tema vote, the following user data is stored:
    • Date and time when vote was cast
    • IP Address and User Agent of user who cast the vote
    • Username of user who cast the vote
    • Tema which was voted on
    • Cast vote (-1, 0, +1)
  • For each submitted Videojuego (sometimes called an entry), the following user data is stored:
    • Date and time when the Videojuego was submitted
    • IP Address and User Agent of user who submitted the Videojuego
    • Title of Videojuego (user entered)
    • Description of Videojuego (user entered)
    • Username of user who submitted the Videojuego
    • URLs to where the Videojuego is hosted (user entered; Web, Windows, Linux, Mac, Android, iOS, Source and Other)
    • Screenshot image for Videojuego (uploaded by user)
    • Videojuego color (selected by user)
  • For each poll vote, the following user data is stored:
    • The option which was voted for
    • The username of the user who voted
  • For each satisfaction vote, the following user data is stored:
    • Date and time when the vote was cast
    • IP Address and User Agent of user who cast the vote
    • The question identifier which was voted on (for example JAM_160 when casting a satisfaction vote for Jam 160)
    • The option which was voted for
    • The username of the user who voted
  • For each user session, the following user data is stored:
    • The ID of the logged in user
    • Date and time when the session started
    • Hashed session ID
  • For each administrative action (scheduling Jams, changing user roles, deleting Temas, etc.), the following user data is stored:
    • Date and time when the log was created
    • IP Address and User Agent of administrator who triggered the event
    • The username of the administrator who triggered the event
    • The username of the subject the event relates to
    • A human readable descriptor of the event, which may include user data relevant to the event. The specific user data may be any of the following: User ID, Date and time of any kind, Username, IP Address, User Agent, User-entered content, Password hashes, Email address, Twitter handle, Role or anything else from this privacy document.
  • For each administion candidate vote the following user data is stored:
    • Date and time the vote was cast
    • IP Address and User Agent of administrator who cast the vote
    • The username of the administrator who cast the vote
    • The username of the person being voted on
    • The type of vote cast: Sponsor (administrator suggests the user as an admin candidate), for, neutral, against, veto

How data is transmitted and stored

All data is transmitted encrypted via HTTPS. This includes passwords and session IDs. Session IDs are stored in cookies.

All data is stored in plaintext, except passwords and session IDs. These are salted, peppered and hashed with SHA256 between 10000 and 20000 times (random number for each user). The result is stored. This same process is done again whenever a password or session ID is provided and the result is checked against the stored hashed values. As far as we're aware, this method means a breech of our database would not result in username/password combinations being obtainable through brute-forcing with current technology. Weak passwords are however easily obtainable no matter what encryption we use.

Why data is stored

  • User IDs and usernames are stored to determine which user is related to each bit of content.
  • Event dates and times, IP Addresses and User Agent information is stored to identify users in cases of abuse and user's level of activity.
  • Usernames, password validation information, session IDs and the user's role are stored to authenticate and authorize users.
  • Email addresses, Twitter handles, Bio, Tema text, Cast vote, Videojuego title, Videojuego description, Videojuego URLs, Videojuego image, Videojuego color, Voted for option and any other user-entered fields are considered voluntarily entered. Removing these fields (e.g. submitting them as blank) will (unless otherwise stated upon submission) remove them from public visibility, the old versions may however remain in logs or administrator-only tools. See "How can you control your data" for more details.
  • For Tema votes, poll votes and satisfaction votes, the cast votes are directly tied to the user who cast them. This is done to ensure each user can only cast one vote and to indicate to the user what they voted for. In the case of Tema votes, it is so we can color the currently-voted-for option. This is also done to mittigate cases of vote abuse or to check what different groups of users voted for - for example select only what recent participants voted for. This does mean that there is enough data available to check what each user individually has voted for (Temas, polls and satisfaction).
  • The data in the administration log is stored to identify abuse, determine administrator activity and to reverse accidental or malicious changes.
  • The data in the administration candidate vote is stored to help determine which candidates should be given the administration role.

How you can control your data

If you wish to get a copy of all the data we have on you, please click the link labeled "User Data" in the menu, or visit us on Discord by clicking the button in the page's header and ask for an administrator. We'll need to authenticate you first though.

If you wish us to delete the data we have, please visit us on Discord by clicking the button in the page's header and ask for an administrator. We'll need to authenticate you first though.

Validate these claims

This software is open-source. Please feel free to validate these claims by examining the code for yourself. The code is linked in the page's footer.