Suggestions for changes to the Privacy Policy

Here is the current version:

We take our duty to process your personal data very seriously. This policy explains how we collect, manage, use and protect your personal data. We may change this policy from time to time to reflect the latest view of what we do with your information. Please check back frequently to see if we have made any changes.[1]

What does this policy cover?

This privacy policy applies only to your use of our forum. Our forum may contain links to other websites posted by members via images, content such as videos, links to other websites which are not hosted by the forum. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

What information does the organisation collect?

Visitors to the forum

When you visit the forum, whether you have an account or not, the forum uses server logs and other methods to collect data about what pages you visit and when.

This data is used to:

  • optimise the forum, so that it’s quick and easy to use
  • diagnose and debug technical errors
  • defend the forum from abuse and technical attacks
  • compile statistics on forum and topic popularity
  • compile statistics on the kinds of software and computers visitors use

Information from users with accounts

To create an account you have to provide:

Email address, Username & Password

You may also sign up using a Facebook/Google/GitHub/Twitter account and email address. We will ask permission to access basic information from those accounts, such as your name, profile picture and email address. You can choose to stop sharing that information with us at any time by removing the forum’s access to that account.

You have the option to provide additional information in your profile e.g. full name, date of birth, an avatar which may include a photograph, biography etc.

We collect the content of your posts, plus data about bookmarks, likes, and links you follow in order to share that data with others, through the forum.

We collect data about private messages that you send through the forum. We make private messages available to senders and their recipients, and also to forum administrators.[2]

When registered and posting, we record the IP address that the post originated from, the device and browser used and location data. We retain server logs which include the IP address of every request to our server.

Why we collect this information

We collect information to: create your account, identify you on the forum (specifically your user name), use your email address to communicate with you (if you’ve said that’s okay) and to maintain logs for security reasons and for legal documentation.

Why does the organisation process personal data?

To perform a contract - We require a user name and email address to enter into the Terms of Service agreement with us.

Consent - If you choose to provide additional information on your profile this is processed on the basis of consent. You have the ability to access, modify, and delete it at any time.

Legitimate Interests - any other personal information processed is on necessary for the purposes of legitimate interests. For example, for security purposes, we must keep logs of IP addresses that access the forum.

If you would like to request erasure of data we process on the basis of consent, or object to our processing of personal information, please contact an administrator.

How you can access and control the information we collect

If you’re already a forum member, you may access, update, alter, or delete your basic user profile information by editing your user profile. You can control the information we collect about you by limiting what information is in your profile by updating out of date information.

Data retention and deletion of data

We will retain Personal Information for as long as your account is active. We may retain certain Personal Information indefinitely, unless you delete it or request its deletion.

If you would like to delete your account, you may do so by sending a request to an administrator. After an account has been deleted, data, such as posts, likes and comments, will remain on the forum. However, personal information will be deleted or de-identified.

We retain server logs for a period of 30 days after which they are automatically destroyed.
We retain backups of the forum for a period of 30 days after which they are automatically destroyed.

How SAFE Network Forum secures your information

We take all measures reasonably necessary to protect Personal Information from unauthorised access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information.

Backups taken are encrypted.

Where your information is stored

Data may be stored in multiple jurisdictions, such as the United States and the European Union. The companies who host the forum and store backups both participate in the EU-US Privacy Shield and the Swiss-US Privacy Shield. You can find the Privacy Shield list online at

Your rights

As a data subject, you have a number of rights. You have:

  • The right to be informed about our collection and use of personal data;
  • The right of access to the personal data we hold about you;
  • The right to rectification if any personal data we hold about you is inaccurate or incomplete;
  • The right to be forgotten – i.e. the right to ask us to delete any personal data we hold about you;
  • The right to restrict (i.e. prevent) the processing of your personal data;
  • The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation);
  • The right to object to us using your personal data for particular purposes; and
    Rights with respect to automated decision making and profiling.

If you would like to exercise any of these rights, please contact an administrator.

What if you do not provide personal data?

You are under no statutory obligation to provide basic personal data. However, if you do not, you will not be able to participate in any conversations on the forum or download our products.

Does SAFE Network Forum share data about me with others?

SAFE Network Forum does not sell or give information about you to other companies or services. However, SAFE Network Forum does use services from other companies, the companies behind those services may collect data about you on their own, for their own purposes. Some of these services may be used to collect information about your online activities across different websites.

Amazon Web Services (AWS) AWS Privacy To store backups
Akismet Privacy Policy – Automattic Reduces spam posts
Civilized Discourse Construction Kit, Inc. Privacy policy | Discourse - Civilized Discussion Hosts the forum
Slack Privacy Policy | Legal | Slack Enabling chat features

How do I make a complaint?

You have the right to make a complaint about anything regarding processing, storage, or retention of your data. We would hope to resolve any complaint internally and if you would like to lodge a complaint with us in the first instance please contact an administrator.


What are cookies?

Cookies are small text files that are placed on your computer, smartphone or other devices when you visit our forum. A cookie file is stored on your device and allows us to recognise you and make your visit easier and more useful to you when you revisit our website.

Types of cookies

Strictly Necessary Cookies

These cookies are essential in order to enable you to move around the website and use its features. Without these cookies, services such as remembering your login details cannot be provided.

_t User authentication token cookie. This cookie expires 1440 hours (60 days) from being set

Session cookies are temporary cookies which only exist during the time you use the website (or more strictly, until you close the browser after using the website). Session cookies allow users to be recognized within a website so any page changes or item or data selection you do is remembered from page to page.

_forum_session This cookie expires when you close your browser

Please note, our forum may contain links to other websites posted by members via images, content such as videos, links to other websites which are not hosted by the forum. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

It’s pretty good right? I put in bold, italicised and numbered the things I think should be reworded/changed.

I have to get to work right now, I just wanted to get this thread started. I will make my suggestions on changes/additions later in the day.

Instead of putting the burden on the user I think the burden should be put on the forum to announce any changes. This can be done via forum statistics updates or even via a post here in Meta.

In my opinion this should be changed to specifically say that even though the forum admin has the ability to read user’s direct messages, he/she does not unless requested by legal authorities. It should also state something along the lines of:

Sorry I don’t have time to write up something proper that can be, after review, be used directly. Either way those are my suggestions/opinions.

I would also like to see a topic/thread about “general privacy practices”. It would be, in my opinion, better coming officially from the forum. Sharing steps users can take to protect their identity, vpn’s etc…recommendations and links regarding desktop and mobile OS’s. This could start as a thread but grow into something more official. I may start one when I can make time.

Any thoughts on the suggestions I have made regarding the privacy policy? And my apologies for throwing in the “general privacy practices” in there as its off-topic from the OP but I didn’t want to start a thread (time limitations) and thought feedback first might be better.