Minetest Privacy Policy
- rubenwardy
- Moderator
- Posts: 6972
- Joined: Tue Jun 12, 2012 18:11
- GitHub: rubenwardy
- IRC: rubenwardy
- In-game: rubenwardy
- Location: Bristol, United Kingdom
- Contact:
Minetest Privacy Policy
Hi everyone,
We've created a privacy policy for the Minetest application. This applies to both desktop and mobile builds.
Read it here: https://www.minetest.net/app-privacy-policy/
Please comment below or in private if you have any questions or concerns
We've created a privacy policy for the Minetest application. This applies to both desktop and mobile builds.
Read it here: https://www.minetest.net/app-privacy-policy/
Please comment below or in private if you have any questions or concerns
-
- Member
- Posts: 105
- Joined: Wed Mar 03, 2021 07:15
- GitHub: qwerty123a2
- In-game: joe and joergeg
Re: Minetest Privacy Policy
whats personnel info. Can you add what actually sfarn5 has access to.
If my post says something, it is a opinion and not fact unless i say so
- LMD
- Member
- Posts: 1386
- Joined: Sat Apr 08, 2017 08:16
- GitHub: appgurueu
- IRC: appguru[eu]
- In-game: LMD
- Location: Germany
- Contact:
Re: Minetest Privacy Policy
sfan5 only has access to what your browser / Minetest choose to send. This of course includes your IP address and usually your User Agent (which often includes information such as which Minetest version / Browser version / OS). I wouldn't really call this "personal information".
- rubenwardy
- Moderator
- Posts: 6972
- Joined: Tue Jun 12, 2012 18:11
- GitHub: rubenwardy
- IRC: rubenwardy
- In-game: rubenwardy
- Location: Bristol, United Kingdom
- Contact:
Re: Minetest Privacy Policy
The personal information is in the "what information" section, and is basically just IP address in this case, I'll add a note to clarify this (it's not really personal information in this situation)
- Festus1965
- Member
- Posts: 4181
- Joined: Sun Jan 03, 2016 11:58
- GitHub: Festus1965
- In-game: Festus1965 Thomas Thailand Explorer
- Location: Thailand ChiangMai
- Contact:
Re: Minetest Privacy Policy
Mal für Deutschland:
https://wwwschutz.de/blog/urteil-ip-adr ... ene-daten/
https://privacylaw.proskauer.com/2016/1 ... sometimes/
https://wwwschutz.de/blog/urteil-ip-adr ... ene-daten/
Bereits 2017 entschied der BGH, dass IP-Adressen als personenbezogene Daten anzusehen sind. Aus dieser Einschätzung erwachsen für die Betreiber von Webseiten eine ganze Reihe großer Herausforderungen.
So that is also for the EU !IP-Adressen als personenbezogene Daten
Gemäß § 3 Abs. 1 des Bundesdatenschutzgesetzes (BDSG) sind personenbezogene Daten "Einzelangaben über persönliche oder sachliche Verhältnisse einer bestimmten oder bestimmbaren natürlichen Person (Betroffener)." Eine ähnliche Regelung findet sich in Art. 2 Buchstabe a der EG-Datenschutzrichtlinie 95/46/EG, den der EuGH hier auszulegen hatte.
https://privacylaw.proskauer.com/2016/1 ... sometimes/
The problem is the saving, storage of this data - not the usage, as then no internet works at all.EU Court Rules that Dynamic IP Addresses are Personal Data…Sometimes
By Courtney M. Bowman on November 8, 2016
On October 19, the Court of Justice of the European Union (CJEU) ruled that dynamic IP addresses may qualify as “personal data” under EU privacy law. As we covered here on the blog a few months ago, this decision is significant because it clarifies that companies that collect, store, process, and/or transfer dynamic IP addresses belonging to EU users ...
Human has no future (climate change)
If urgend, you find me in Roblox (as CNXThomas)
If urgend, you find me in Roblox (as CNXThomas)
- Festus1965
- Member
- Posts: 4181
- Joined: Sun Jan 03, 2016 11:58
- GitHub: Festus1965
- In-game: Festus1965 Thomas Thailand Explorer
- Location: Thailand ChiangMai
- Contact:
Re: Minetest Privacy Policy
the main personal info meaning as of this problem is
to be able to detect one single special person out of the collected data:
* the IP-address itself will not do this - as randomly chosen out of range used for several costumer at that ISP
* but a time stamp to an IP address then allows to research the user via ISP request, what is limited to judge, etc.
* if there are more data collected that together even without an timestamp are leading to ONE absolute single PC config then this should also go to personal data rule, think about cookies etc.
ok, if a server admin complain about an Thai IP-address it MIGHT look like it can 'only' be me, but that is human thinking, and even also same ISP and range makes it NOT sure yet !
Human has no future (climate change)
If urgend, you find me in Roblox (as CNXThomas)
If urgend, you find me in Roblox (as CNXThomas)
Re: Minetest Privacy Policy
You should not "etc" here.Platform, OS, device, etc
Moved to.. where? As the service is currently under EU laws, I think it would be better to state that it will stay in EU, or else people can imagine that someday it will be moved to Singapore, and that's a whole different story.By using this service, you give permission for the data to be moved as needed.
This is too vague. I have a pretty good idea of what you mean by "log rotation", and indeed this scheme limits the size of the logs, not their time span. A little extra (daily cron job ;-) to delete log files with an access time older that 3 months would allow you to state clearly that they have a max retention time like in the rest of the document.Logged HTTP requests are stored using log rotation, meaning that any requests will be forgotten within a few weeks.
That's for the fun of nitpicking anyway. Nice to see MT is getting more and more serious.
My game? It's Minefall.
- ROllerozxa
- Member
- Posts: 157
- Joined: Sun Apr 25, 2021 12:25
- GitHub: ROllerozxa
- IRC: ROllerozxa
- In-game: ROllerozxa
- Location: Sweden
- Contact:
Re: Minetest Privacy Policy
Yes, probably should be more specific. While browser user agents in general are unpredictable in the data they may contain (imagine leaking IMEIs via user agents!), for the Minetest client (which this privacy policy is intended to cover) they are more predictable. Just from some UAs I could obtain real quick:
Code: Select all
Linux:
Minetest/5.7.0-rollerozxa-952c90b69 (Linux/6.3.1-arch1-1 x86_64)
Windows:
Minetest/5.6.1 (Windows/10.0.18362 x86_64)
Android:
Minetest/2023.4.9 (Linux/4.19.157-perf aarch64)
- mtvisitor
- Member
- Posts: 157
- Joined: Sun Jul 10, 2022 08:54
- IRC: mtvisitor
- In-game: mtvisitor
- Location: East China
Re: Minetest Privacy Policy
Congratulations for the version 1.0 in revision.
Crane Zhou | My mt. world, my mt. dream | No money, no happy.
- Linuxdirk
- Member
- Posts: 3218
- Joined: Wed Sep 17, 2014 11:21
- In-game: Linuxdirk
- Location: Germany
- Contact:
Re: Minetest Privacy Policy
It still says "etc" and "a few weeks", though.
- rubenwardy
- Moderator
- Posts: 6972
- Joined: Tue Jun 12, 2012 18:11
- GitHub: rubenwardy
- IRC: rubenwardy
- In-game: rubenwardy
- Location: Bristol, United Kingdom
- Contact:
Re: Minetest Privacy Policy
Here's a PR to update based on feedback: https://github.com/minetest/minetest.github.io/pull/282
Please take a look and make sure you get any comments in soon, as I don't want to update the privacy policy too often (as it requires making a post on the forums each time)
Please take a look and make sure you get any comments in soon, as I don't want to update the privacy policy too often (as it requires making a post on the forums each time)
By a few weeks, I meant 3 weeks. I use time-based logged rotation, logs are deleted after 10 days. I'll edit this to say "Logged HTTP requests are automatically deleted within 2 weeks."Astrobe wrote: ↑Mon May 15, 2023 08:55This is too vague. I have a pretty good idea of what you mean by "log rotation", and indeed this scheme limits the size of the logs, not their time span. A little extra (daily cron job ;-) to delete log files with an access time older that 3 months would allow you to state clearly that they have a max retention time like in the rest of the document.
- Linuxdirk
- Member
- Posts: 3218
- Joined: Wed Sep 17, 2014 11:21
- In-game: Linuxdirk
- Location: Germany
- Contact:
Re: Minetest Privacy Policy
But what did “etc.” stand for? It was removed without replacement. And with the removal of “etc.” it was also removed that the device is logged.
According to the updated policy instead of the platform, the OS, the device, and whatever “etc” was referring to, now only the platform and OS are logged?
As a legal text it should be as exact as possible.
According to the updated policy instead of the platform, the OS, the device, and whatever “etc” was referring to, now only the platform and OS are logged?
As a legal text it should be as exact as possible.
- rubenwardy
- Moderator
- Posts: 6972
- Joined: Tue Jun 12, 2012 18:11
- GitHub: rubenwardy
- IRC: rubenwardy
- In-game: rubenwardy
- Location: Bristol, United Kingdom
- Contact:
Re: Minetest Privacy Policy
etc stood for nothing, it was redundant. The device (ie: model) is also not logged. See ROllerozxa's post for examples, perhaps I should add one to the policy:Linuxdirk wrote: ↑Fri Jun 02, 2023 02:44But what did “etc.” stand for? It was removed without replacement. And with the removal of “etc.” it was also removed that the device is logged.
According to the updated policy instead of the platform, the OS, the device, and whatever “etc” was referring to, now only the platform and OS are logged?
As a legal text it should be as exact as possible.
11.22.33.44 content.minetest.net - [02/Jun/2023:10:05:00 +0200] "GET /packages/Wuzzy/glitch/releases/18414/download/?reason=new HTTP/2.0" 302 233 "-" "Minetest/5.7.0 (Linux/6.1.31-1-MANJARO x86_64)" 0.014
- Linuxdirk
- Member
- Posts: 3218
- Joined: Wed Sep 17, 2014 11:21
- In-game: Linuxdirk
- Location: Germany
- Contact:
Re: Minetest Privacy Policy
Ah, then it’s better now :)
An example (with a non-existent package and username of course) to clarify what exactly is logged would be good for further understanding, yes.
An example (with a non-existent package and username of course) to clarify what exactly is logged would be good for further understanding, yes.
Re: Minetest Privacy Policy
Glad to help here.rubenwardy wrote: ↑Thu Jun 01, 2023 23:16Here's a PR to update based on feedback: https://github.com/minetest/minetest.github.io/pull/282
Please take a look and make sure you get any comments in soon, as I don't want to update the privacy policy too often (as it requires making a post on the forums each time)
Another unclear term I overlooked is "platform". Based on Rollerozxa's comment and yours, I can only guess that it is the "processor type" (aarch64, x86_64...).
My game? It's Minefall.
- MCL
- Member
- Posts: 654
- Joined: Mon Aug 20, 2018 00:44
- GitHub: MCLx86
- IRC: migdyn
- In-game: singleplayer
- Contact:
Re: Minetest Privacy Policy
I don't get what the point of this is.
2014-02-14 - 2024-02-14 TEN YEARS OF MCL
- rubenwardy
- Moderator
- Posts: 6972
- Joined: Tue Jun 12, 2012 18:11
- GitHub: rubenwardy
- IRC: rubenwardy
- In-game: rubenwardy
- Location: Bristol, United Kingdom
- Contact:
Re: Minetest Privacy Policy
It's a legal requirement
https://support.google.com/googleplay/a ... etysection
https://gdpr-info.eu/
- MCL
- Member
- Posts: 654
- Joined: Mon Aug 20, 2018 00:44
- GitHub: MCLx86
- IRC: migdyn
- In-game: singleplayer
- Contact:
Re: Minetest Privacy Policy
Oh, so it's for Google Play; makes sense nowrubenwardy wrote: ↑Mon Sep 18, 2023 23:10It's a legal requirement
https://support.google.com/googleplay/a ... etysection
https://gdpr-info.eu/
2014-02-14 - 2024-02-14 TEN YEARS OF MCL
- Nininik
- Member
- Posts: 527
- Joined: Thu Apr 06, 2023 01:55
- GitHub: nininik0
- IRC: nininik
- In-game: nininik
- Location: CA, Team thunderstrike headquarters
- Contact:
Re: Minetest Privacy Policy
I kinda feel unsafe about the ip part....
↯Glory to Team Thunderstrike!↯
↯T.T.S.↯
↯T.T.S.↯
- ROllerozxa
- Member
- Posts: 157
- Joined: Sun Apr 25, 2021 12:25
- GitHub: ROllerozxa
- IRC: ROllerozxa
- In-game: ROllerozxa
- Location: Sweden
- Contact:
Re: Minetest Privacy Policy
Any website you connect to will have access to the IP address you connected with. That's just how the Internet works.
- Festus1965
- Member
- Posts: 4181
- Joined: Sun Jan 03, 2016 11:58
- GitHub: Festus1965
- In-game: Festus1965 Thomas Thailand Explorer
- Location: Thailand ChiangMai
- Contact:
Re: Minetest Privacy Policy
NO, only the IP gives not the full location, and special NOT the user.
It only leads to a IP-range rented by a ISP and used for much more people contract there, switching them all 24 hours (at most ISP).
So I get country (that I might see also by minetest client settings) or the favorite language and the area, most near the towns, the ISP has its registered company location. NOT more.
You need at least also the time that IP was connected, THEN you get the user you need the allowance (via court) to ask the ISP for the contract partner = the person, the house.
And this is why storing only 3 of 4 octets like 192.168.1.x is enough also for a minetest server security, as there are so less minetest player that the change to hit two player NOT from same family with just one octet missing is near 0, when block that range as of bad bahavior, stealing etc.
= Even European law is enforced but nothing lost in our servers security.
AND still same kind of detecting : without the timestamp you only get the ISP and the ISP location with still possible thousands of users.
AND even WITH the timestamp or range you don't get the user (contractor) just for fun.
Told you by former IT-Security teacher in German Armee 1994-1997, and still updating some of the subjects.
Human has no future (climate change)
If urgend, you find me in Roblox (as CNXThomas)
If urgend, you find me in Roblox (as CNXThomas)
- rubenwardy
- Moderator
- Posts: 6972
- Joined: Tue Jun 12, 2012 18:11
- GitHub: rubenwardy
- IRC: rubenwardy
- In-game: rubenwardy
- Location: Bristol, United Kingdom
- Contact:
Re: Minetest Privacy Policy
This is incorrect. IP can give you the nearest city at best, a completely wrong location at worst
- MCL
- Member
- Posts: 654
- Joined: Mon Aug 20, 2018 00:44
- GitHub: MCLx86
- IRC: migdyn
- In-game: singleplayer
- Contact:
Re: Minetest Privacy Policy
That is not entirely correct, as in some rare cases a geolocation lookup can return coordinates within a 2 minute drive of where you are located.rubenwardy wrote: ↑Thu Sep 21, 2023 10:44This is incorrect. IP can give you the nearest city at best, a completely wrong location at worst
2014-02-14 - 2024-02-14 TEN YEARS OF MCL
- Festus1965
- Member
- Posts: 4181
- Joined: Sun Jan 03, 2016 11:58
- GitHub: Festus1965
- In-game: Festus1965 Thomas Thailand Explorer
- Location: Thailand ChiangMai
- Contact:
Re: Minetest Privacy Policy
EV 15y car with 45 km/h max (1.5 km) or Lamborghini with 300 km/h (10 km) - joke.
And it depends also of the dentisy of the people living there. For a farmer alone different as for a location center town.
Anywhere, even if I know the ISP, how should I see that from outside ? maybe follow the open cable from last 'named' location.
So far I don't know a event, someone was found like that.
The more easy it seam to be combine several known facts for this 'person' and search social media ?
Human has no future (climate change)
If urgend, you find me in Roblox (as CNXThomas)
If urgend, you find me in Roblox (as CNXThomas)
Who is online
Users browsing this forum: No registered users and 1 guest