Bitcoin Forum
June 16, 2019, 05:57:31 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
About privacy

This is a best-effort attempt at describing our current practices regarding privacy-relevant concerns, and is not an agreement.

It's possible to use bitcointalk.org without submitting any personal info. Use Tor + a throwaway email + a new pseudonym, etc. If you care about preventing personal information from being collected on bitcointalk.org, then preventing this collection is your responsibility.

Normal practices

This section describes our normal practices. A later section will describe exceptional variations.

Sharing

We never sell non-public user information to anyone.

In order to operate the site, the following data sharing occurs:

First, our moderators, administrators, system administrators, software developers, and others who perform services for us each have access to a different subset of user account data in order to perform their work. As a general principle, access is provided on a "need-to-know" basis.

Second, our tech-related service providers necessarily have access to user data, and could collect/store data beyond what bitcointalk.org itself does. Example service providers may or may not include, and are not limited to: Amazon Web Services, Google Cloud Platform, Google ReCAPTCHA, Cloudflare, DigitalOcean, and Vultr. We do not use any third-party tracking technology such as Google Analytics or advertisement-related tracking cookies, though Google ReCAPTCHA (used on only certain pages) and Cloudflare in particular may do significant tracking. Refer to their respective privacy policies.

Retention

Here are various pieces of data and how retention works for them:
ThingRetentionPossible user actions to maximize privacy
DraftsUntil deleted -
Page-by-page access logs and most other detailed loggingA few weeksUse Tor; visit sensitive pages only when not logged in
PMsUntil the sender and all recipients delete the PM, plus about 6 monthsAlways encrypt sensitive PMs. Note also that PMs are often emailed in cleartext to the recipients by bitcointalk.org.
Log of all viewed topicsUntil deleted + about 6 monthsRegularly use the link which marks individual sections or the entire forum as read. This deletes all past individual-topic logs on the marked-read boards. Or view sensitive topics only while logged off.
User IP logsSee the separate section on this belowUse Tor; opt into limited retention
Error and ban logsAbout 18 months -
Lists of detected possible altsAbout 30 months -
Various other settings such as profile fields, watchlist, etc.Kept on the live server until changed/deleted. Likely to be caught in backups and then possibly saved indefinitely.Don't express sensitive info in settings
Deleted posts and trust ratings, as well as their edit historiesKept on the live server for a couple of years; then probably kept indefinitely in backupsDon't publicly post things that you might not want to exist forever
Payment info such as Bitcoin addressesIndefiniteUse private payment technology such as the Wasabi wallet
Security, recovery, and moderation logsIndefinite -
Poll votesIndefinite -
Some IP info related to banned usersIndefiniteUse Tor; don't get banned
ReportsIndefinite -
Email addresses, including all past email addressesIndefiniteUse a new email account, an email forwarding service, or similar. Do not use a "disposable" email account, as email resets to publicly-accessible disposable emails is a common cause of accounts getting stolen. It is also currently possible to use a fake email like asdf@invalid.bitcointalk.org, and we may allow signing up without an email address in the future. However, if your account has never had a valid email address, then it will be extremely difficult to recover the account if it is ever stolen.
Communication with staffPossibly indefinite -

You cannot delete your account.

IP-address retention
IP address retention works in this way:
ThingNormal retentionLimited retentionRetention for guests
Full IP6 months3 monthsA few weeks
Partial IP2 yearsN/AN/A
City geolocation6 years3 monthsN/A

You can opt into limited retention in your account settings. This will apply only to logs created after you change the setting, and doing so will make it much more difficult for you to recover your account if it is ever lost.

Between 6 and 24 months, the IP linearly loses least-significant bits over time. For example, the IP 123.234.210.221 would lose 8 bits and become the prefix 123.234.210.0/24 approximately 10.5 months after it was logged. For IPv6, the least-significant 66 bits are dropped after 6 months, and then the remaining bits are dropped linearly over the 1.5-year period.

The city geolocation locates you to the nearest large city according to your IP address.

Exception: if you click on a "ping link" as part of a manual account recovery process, the IP log created by this action has possibly-indefinite retention.

Variation

Variation from the above normal procedure may occur, for example, due to these causes:
  • Bitcointalk.org is in US jurisdiction, and is subject to US subpoenas, wiretap orders, preservation orders (which would negate the above retention rules), and similar. Furthermore, our service providers could also be subject to similar orders without our knowledge. Note that we consider PMs to require a warrant in order to be released.
  • At our sole discretion, we may voluntarily assist law enforcement worldwide. Generally we do this only when we perceive that the target user has probably committed a serious and non-victimless crime.
  • At our sole discretion, we may (noncommercially) share or extend retention on any of a specific user's userdata even without law-enforcement involvement. This is very rare.
  • While we don't intentionally set up systems to do so, data may end up laying around for longer than the above-specified retention limits accidentally. For example, a sysadmin might copy the access logs in order to analyze an ongoing DDoS attack and then forget to delete them for a while.
  • Data created prior to May 2019 could exist beyond its above-stated retention in offline backups. We have a long-term goal of cleaning this up, but it will take a long time.
  • Computer security can never be guaranteed.
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!