Our Site
Rather than a policy about how we're going to protect the data we gather about you, we've got a simpler plan: We'll try as hard as we can to not gather data about you. We'd also like to help you defuse and poison other tracking services.
Log Data
This site is hosted on AWS CloudFlare in the EU with logging disabled. We see and retain no identifying data when you access the site. Amazon may maintain some records as necessary for their network operations.
Cookie Policy
We don't use cookies or anything like cookies to track you.
We use cookies to prevent request forgery. These don't contain any identifying information. These double-submit cookies, are random cookies that reset each time you visit the page. This prevents another site from tricking you into submitting data to our site, because they can't read the random value in the cookie.
For long-term data storage we use HTML5 localStorage and other similar client-side storage. This gives you the benefits of cookies, but your data is never sent to the server, so there's nothing to secure.
Email to us may be stored in or route through Google Mail.
Security
We don't track any personal data via this site, so we have no special databases to secure.
Our primary site, which you are reading now, is served exclusively via HTTPS. We would like to offer HTTPS for all our subdomains, but the CA racket means we can't afford it. In the future we hope CAs are replaced by something like Convergence so cheap security is available for everyone, but right now it doesn't work reliably.
Third-Party Links
Because this is the web, we link to other sites. Some of our games are only available from other sites, because trading money for games requires handling at least a little personal data. We'd rather that be done by people good at doing it.
Most of these sites don't care about your privacy. Sometimes at least they'll be providing you a useful service in exchange for surveilling you, but usually they're willing to sell you out to a dozen firms via Google in exchange for a pretty bar graph.
We think it's awful, too. Sorry.
To protect yourself on these sites, we recommend you use tools to help you browse the web safely and securely. One easy and reliable one is Disconnect. PRISM Break has more suggestions, though it's unfortunately-named because this problem neither begins nor ends with the PRISM program or state surveillance.
Other Stuff We Don't Do That You Should Push Other Sites To Also Not Do
- We don't use Google's fonts; we host them ourselves. Most Wordpress sites are helping Google track their readers and they don't even know it. At the very least, demand a cut of Google's revenue if you're going to work for them.
- We don't put stock "share" buttons on our site. Aside from being useless eyesores these buttons are used by social media companies to track you on other sites. Tools like EFF's Privacy Badger and Disconnect can help block these on other sites.
- We don't minify or obfuscate most files — HTML, CSS, or JavaScript — we serve. This means it's easy for you to check what we're doing with just your browser.
Changes
We may update this Privacy Policy from time to time. Since this document is stored in our site's Git repository, you can easily track these changes.