Privacy Policy
Last Updated: December 28, 2019
Your privacy matters to us. We believe in transparency; therefore, we've developed a Privacy Policy that covers how we collect, use, disclose, transfer, and store your personal information when you use our services.
What we collect
Information you provide to us
We collect information you provide to us directly when you use our services. This includes:
Account information. To create an account, you must provide a username, valid email address and password. We also store your account preferences and settings.
Profile information. You may provide your real name or a pseudonym, and other personal information (such as website URL, social media handles, and a short biography) in connection with your account. This information is publicly displayed on your profile page.
Other information. You may choose to provide other information directly to us. For example, we may collect information when you fill out a form, request support or otherwise communicate with us.
Information we collect automatically
When you access our services, we may also automatically collect information about you. This includes:
Log and usage data. We may log when you access and use DareNET services. This may include your IP address, client version string, user-agent string, browser type, operating system, links clicked, the requested URL, and hardware settings.
Information collected from cookies. We may receive information from cookies, which are pieces of data your browser stores and sends back to us when making requests. We use this information to improve your experience and improve the quality of our services. For more information on how you can disable cookies, please see "Your Choices" below.
Location information. We may receive and process information about your location, such as when you choose to share such information on our services, or we may derive your approximate location from other information about you, including your IP address.
How we use information about you
We use information about you to:
- Provide, maintain and improve our services;
- Develop new services;
- Help protect the safety of DareNET and our users, which includes blocking suspected spammers, addressing abuse, and enforcing the DareNET Terms of Service, Community Guidelines and our other policies;
- Send you technical notices, security alerts, and other support and administrative messages. Because this information is important to your interaction with DareNET, you may not opt out of receiving these communications;
- Provide support; and
- Monitor and analyze trends, usage, and activities in connection with our services
How information about you is shared
When you use our services, certain information may be shared with other users and the public. For example:
- When you submit content (such as profile information or chat on public channels) to a DareNET service, any visitors to and users of our services will be able to see that content, including the username associated with the content.
- When you send private messages, or chat on private/secret channels, the recipients of those messages will be able to see the content of your messages, your username, and the date and time the message was sent.
Otherwise, we will never share or reveal your personal information to a third party unless:
- We are compelled by law, or
- We believe it necessary to prevent death or serious physical harm to someone
If we believe a legal warrant to be too broad, we will seek to narrow it. We will notify users about a legal warrant for their personal information unless we are prevented from doing so by law.
Chat logs
We do not keep records of your conversations, nor do we provide a chat logging service; however, please be aware that most IRC clients provide logging capabilities. Anyone in the channels you are in might do so and publish those conversation logs (and some channels may be actively logged by bots or users on those channels). If you have questions about this, we encourage you to ask other users in the channel you're concerned about. In general, you should assume that everything you say on IRC that is not in a private message will be recorded and possibly published somewhere. In the case of private messages and channels, you're depending on your trust with the person(s) you're sending a message to will not share it.
Your choices
As a DareNET user, you have choices about how to protect and limit the collection, use, and disclosure of information about you.
Accessing and changing your information
You can access and change certain information through the DareNET services.
To change or remove your profile information, visit the settings page.
To view or change IRC-specific account settings, see /msg N HELP SET
on IRC.
To view or change IRC-specific channel settings, see /msg C HELP SET
on IRC.
Deleting your account
You may permanently delete your account at any time from the settings page.
Controlling the use of cookies
DareNET's websites may use "cookies". We treat information collected by cookies as non-personal information; however, to the extent that Internet Protocol (IP) addresses or similar identifiers are considered personal information by local law, we also treat these identifiers as personal information. Similarly, to the extent that non-personal information is combined with personal information, we treat the combined information as personal information for the purposes of this Privacy Policy.
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject first- and third-party cookies. Please note that if you choose to remove first-party cookies, this could affect the availability and functionality of some features on our websites.
Retaining your information
We keep your account information until you delete your account with us. When you delete your account, your personal information is purged from our active data storage within seven days, and from all backups after a maximum of 90 days.
We keep any log and website analytics information for approximately one week.
Information security
We take precautions to protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration, and destruction. For example:
- We encrypt many of our services using TLS and make use of modern 256-bit crypto
- We encourage all of our users to connect to our IRC network using a TLS-enabled connection
- We review our information collection, storage and processing practices
- We also enforce technical and administrative access controls to limit which of our staff have access to non-public personal information
Compliance & cooperation
We regularly review this Privacy Policy and make sure that we process your information in ways that comply with it.
Data transfers
We maintain servers around the world and your information may be processed on servers located outside of the country where you live. Data protection laws vary among countries, with some providing more protection than others. Regardless of where your information is processed, we apply the same protections described in this policy.
The majority of our service providers are self-certified under the EU-US and Swiss-US Privacy Shield Framework, while others are reliant on the European Commission's model contract clauses.
Additional information for California residents
If the California Consumer Privacy Act (CCPA) applies to your information, we provide these disclosures so you can exercise your rights to receive information about our data practices, as well as to request access to and deletion of your information. You can also read more about our data retention periods, and the processes we follow to delete your information under the "Retaining Your Information" section above.
DareNET does not sell your personal information. We only share your information as described in this policy. DareNET processes your information for the purposes described in this policy. These purposes include:
- Protecting against security threats and abuse. DareNET uses and may disclose information to detect, prevent and respond to security incidents, and for protecting against other malicious activity. For example, to protect our services, DareNET may receive or disclose information from DNS blacklists about IP addresses that malicious actors have compromised.
- Maintaining our services. DareNET uses information to ensure our services are working as intended, such as tracking outages or troubleshooting bugs and other issues that you report to us.
- Research and development. DareNET uses information to improve our services and to develop new services, features and technologies that benefit our users.
If you have additional questions or requests related to your rights under the CCPA, you can contact DareNET.
Additional information for EEA residents
Users in the European Economic Area (EEA) have the right to request access to, rectification of, or erasure of their personal information; to data portability in certain circumstances; to request restriction of processing; to object to processing; and to withdraw constent for processing where they have previously provided consent. These rights can be exercised using the information provided under "Your Choices" above or using the contact information provided at the end of this document.
As required by applicable law, we collect and process information about individuals in the EEA only where we have a legal basis for doing so. Our legal basis depends on the services you use and how you use them. We process your information on the following legal basis:
- You have consented for us to do so for a specific purpose;
- We need to process the information to provide you the service, including to operate the service, provide support and personalized features and to protect the safety and security of the service;
- It satisfies a legitimate interest (which is not overridden by your data protection interests), such as preventing fraud, ensuring network and information security, enforcing our rules and policies, protecting our legal rights and interests, research and development, and promoting our services;
- We need to process your information to comply with our legal obligations.
You aren't required to provide any information to us, but, if you don't, you won't be able to use certain features of our services. If you no longer wish to use DareNET services, then you may delete your account.
We have also committed to extending these rights to users outside of the EEA.
Children
DareNET services are not offered to children whose age makes it illegal to process their personal information or requires parental consent for the processing of their personal information under COPPA, GDPR or other local law.
We do not knowingly collect personal information from children under 13 years or under the applicable age limit (the “Age Limit”). If you are under the Age Limit, please do not create an account, use our services, and do not provide any personal information to us.
If we learn that we have collected the personal information of a child under the Age Limit, we will take reasonable steps to delete the personal information. This may require us to delete the DareNET account for that child.
Changes to this policy
We may change this Privacy Policy from time to time. If we do, we will let you know by revising the date at the top of the policy. If we make a change to this policy that, in our sole discretion, is material, we will provide you with additional notice (such as adding a statement to /blog, the front page or sending you a notification). We encourage you to check back regularly and review any updates. The most current version will always be available at https://www.darenet.org/privacy.
Contact us
If you have any questions about our Privacy Policy, please contact us at privacy@darenet.org or through our contact form.