Privacy statement

A shameful attempt at ass-covering

Summary

Brutaldon tries to collect as little information about you as possible. The information that it collects in order to log you in to your instance and to implement client features is stored as transiently as possible.

Information that is stored until a database wipe

If you use the old login form (instance, email, password), which is only recommended if you running your own copy of brutaldon behind a firewall, the email you use to sign in will be stored along with an access token and the name of the instance you connected to. Your password will never be stored. We will never share your email with anyone for any reason, unless legally forced to do so. We will never send you email except in the case of an unforseen emergency requiring us to.

If you use the normal login form, your email will not be stored, only your instance name and access token.

You can always revoke an access token through the web interface of your instance.

Information that is stored only during your session

Data stored in your session is deleted when you log out, or periodically by the server.

Data stored in the session includes:

  • A reference to your information in the database.
  • All of your public Mastodon profile information. This is needed for some client functionality.
  • A couple of Mastodon settings: your default post privacy, and whether your media default to sensitive.