Add support pages.
[] / privacy.html
1 <!DOCTYPE html>
2 <html>
3 <head>
4 <meta charset="utf-8">
5 <meta name=viewport content="width=device-width, initial-scale=1">
6 <link rel="stylesheet" href="/css/main.css" type="text/css">
7 <title>Privacy Policy ~ Yukkuri Games</title>
8 </head>
9 <body>
10 <header>
11 <a href="/">
12 <img src="/logotype_horizontal_1.png" class=logo alt="(◕ ヮ ◕)">
13 <img src="/logotype_horizontal_2.png" class=optional
14 alt="Yukkuri Games">
15 </a>
16 <h1>Privacy Policy</h1>
17 </header>
18 <main>
19 <h2>Our Site</h2>
20 <p>
21 Rather than a policy about how we're going to protect the data
22 we gather about you, we've got a simpler plan: Our privacy
23 policy is that personal privacy is mostly good, so we'll try
24 as hard as we can to <em>not</em> gather data about you.
25 We'd also like to help you defuse and poison other tracking
26 services.
27 </p>
28 <h3>Log Data</h3>
29 <p>
30 We do basic logging of HTTP requests in order to help maintain
31 our site - fix broken links, block spammers, and so on. These
32 logs look like
33 </p>
34 <pre> - - [03/Sep/2014:13:45:06 +0000] "GET /heroik/heroik.html HTTP/1.1" 200 1616 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:32.0) Gecko/20100101 Firefox/32.0"</pre>
35 <p>
36 They contain your IP, the URL you visited, when you visited
37 it, what browser you were using, and (sometimes) where you
38 came from. This is stuff your browser sends to every site you
39 visit, always. If you think it's too much information, most
40 browsers have some way to stop sending so much - for example,
41 in Firefox you can set <code>network.http.sendRefererHeader</code> to
42 <code>false</code> and install <a href="">User Agent Switcher</a>.
43 </p>
44 <h3>Mail</h3>
45 <p>
46 We host our own email service. Email sent to yuu at
48 <a href="">does not go through GMail on our end</a>.
50 </p>
51 <h3>Cookie Policy</h3>
52 <p>
53 We don't use cookies or anything like cookies to track you.
54 </p>
55 <p>
56 We use <em>extremely</em> short-lived cookies to prevent
57 request forgery. These don't contain any identifying
58 information and they self-destruct after a few seconds.
59 </p>
60 <p>
61 For long-term data we use HTML5
62 <a href="">localStorage</a>
63 and other similar <em>client-side storage</em>. This gives you
64 the benefits of cookies, plus your data is never sent to the
65 server, so there's nothing to secure.
66 </p>
67 <h3>Security</h3>
68 <p>
69 We don't track any user data via this site, so we have no
70 special databases to secure.
71 </p>
72 <p>
73 If you are concerned about your connection being intercepted
74 by someone else, <a href="">we offer
75 HTTPS for our main domain</a>. We would like to offer it
76 for more, but the CA racket means we can't afford it.
77 In the future we hope CAs are replaced by something like
78 <a href="">Convergence</a> so cheap
79 security is available for everyone, but right now it doesn't
80 work reliably.
81 </p>
82 <h2>Third-Party Links</h2>
83 <p>
84 Because this is the web, we link to other sites. Some of our
85 games are only available from other sites, because trading
86 money for games requires handling at least a little personal
87 data. We'd rather that be done by people good at doing it.
88 </p>
89 <p>
90 Most of these sites don't care about your privacy. Sometimes
91 at least they'll be providing you a useful service in exchange
92 for surveilling you, but usually they're willing to sell you
93 out to a dozen firms via Google in exchange for a pretty bar
94 graph.
95 </p>
96 <p>
97 We think it's awful, too. Sorry.
98 </p>
99 <p>
100 To protect yourself on these sites, we recommend you use
101 tools to help you browse the web safely and securely. One
102 straightforward and reliable one is
103 <a href="">Disconnect</a>.
104 <a href="">PRISM Break has more suggestions</a>,
105 though it's unfortunately-named because this problem <a href="">neither
106 begins nor ends with the PRISM program or state surveillance</a>.
107 </p>
108 <h2>Other Stuff We Don't Do That You Should Push Other Sites To Also Not Do</h2>
109 <ul>
110 <li>
111 We don't run Google Analytics or Cloudfront Analytics or
112 Cloudflare Clicky or any of that garbage. Even if a site
113 needs to collect data for its own operation, these services
114 also feed that data into even larger and more troubling
115 corporate databases.
116 </li>
117 <li>
118 We don't use Google's fonts; we host them ourselves. <a href="">Most Wordpress blogs are helping Google track their readers and they don't even know it.</a> At
119 the very least, demand a cut of Google's revenue if you're
120 going to work for them.
121 </li>
122 <li>
123 We don't put stock "share" buttons on our site. Aside from
124 being useless eyesores <a href="">these
125 buttons are used by social media companies to track you on
126 other sites</a>. Tools like <a href="">EFF's Privacy Badger</a> and <a href="">Disconnect</a> can
127 help block these on other sites.
128 </li>
129 <li>
130 We don't minify or obfuscate most files &mdash; HTML, CSS,
131 or JavaScript &mdash; we serve. This means it's easy for you
132 to check what we're doing with just your browser.
133 </li>
134 </ul>
135 <h2>Changes</h2>
136 <p>
137 We may update this Privacy Policy from time to time. Since
138 this document is <a href="">stored in our site's Git repository</a>, you can easily track these changes.
139 </p>
140 </main>
141 </body>
142 </html>