What Information is Collected
- HTTP requests are logged, with the following information:
- IP address
- Page URL
- Response status code
- Preferred language/locale. This defaults to the browser's locale, but can be changed by the user
With an account:
- Email address
- Passwords (hashed and salted using BCrypt)
- Profile information, such as website URLs and donation URLs
- Comments, threads, and reviews
- Audit log actions (such as edits and logins) and their time stamps
ContentDB collects usernames of content creators from the forums, as this is required to index forum topics.
Packages, including releases, screenshots, and any meta information, are not considered personal information.
Please avoid giving other personal information as we do not want it.
How this information is used
- Logged HTTP requests may be used for debugging ContentDB.
- Email addresses are used to:
- Send notifications - the user may configure this to their needs, including opting out.
- The admin may use ContentDB to send emails when they need to contact a user.
- Passwords are used to authenticate the user.
- The audit log is used to record actions that may be harmful.
- Preferred language/locale is used to translate emails and the ContentDB interface.
- Other information is displayed as part of ContentDB's service.
Who has access
- Only the admin has access to the HTTP requests. The logs may be shared with others to aid in debugging, but care will be taken to remove any personal information.
- Encrypted backups may be shared with selected Minetest staff members (moderators + core devs). The keys and the backups themselves are given to different people, requiring at least two staff members to read a backup.
- Email addresses are visible to moderators and the admin. They have access to assist users, and they are not permitted to share email addresses.
- Hashing protects passwords from being read whilst stored in the database or in backups.
- Profile information is public, including URLs and linked accounts.
- The visibility of comments depends on the visibility of threads. They are either public, or visible only to the package author and editors.
- The complete audit log is visible to moderators. Users may see their own audit log actions on their account settings page. Owners, maintainers, and editors may be able to see the actions on a package in the future.
- Preferred language can only be viewed by this with access to the database or a backup.
- We may be required to share information with law enforcement.
The ContentDB production server is currently located in Germany. Backups are stored in the UK. Encrypted backups may be stored in other countries, such as the US or EU.
By using this service, you give permission for the data to be moved as needed.
Period of Retention
The server uses log rotation, meaning that any logged HTTP requests will be forgotten within a few weeks.
Usernames may be kept indefinitely, but other user information will be deleted if requested. See below.
Please raise a report if you wish to remove your personal information.
ContentDB keeps a record of each username and forum topic on the forums, for use in indexing mod/game topics. ContentDB also requires the use of a username to uniquely identify a package. Therefore, an author cannot be removed completely from ContentDB if they have any packages or mod/game topics on the forum.
If we are unable to remove your account for one of the above reasons, your user account will instead be wiped and deactivated, ending up exactly like an author who has not yet joined ContentDB. All personal information will be removed from the profile, and any comments or threads will be deleted.