SD privacy
This page outlines the privacy conditions specifically provided by Smallsite Design for sites built with it.
Site owners should provide a
Of course, site owners being able to create their own content means that they have the potential to infringe on others' privacy. If the site owner has enabled the Report a privacy or IP infringement on page option on their
1 Cookies△
Cookies are information provided by a site to be stored on the computer running the browser.
- a.No cookies or other files are used when viewing public pages.
- b.No cookies or other files are used at the
Manage: Log in page with theUser ID field.
Do not proceed beyond that page if you do not consent to cookies. - c.A cookie with a 30 minute expiry is used at all other
Manage pages, including theLog in page with thePassword field, and should be automatically deleted by your browser 30 minutes after it is last updated. - d.The cookie does not contain any personal information, but is a token encrypted and hashed by AES-256-GCM that is used to authenticate and secure a user's login and session.
2 Statistics△
Statistics help a site owner understand how their site is used.
- a.Smallsite Design only provides one, but probably the most important. If JavaScript is enabled in your browser, after 30 seconds of viewing a page, the current timestamp, page identifier and locale are sent to the site for reading statistics. Other than the later timestamp, no additional data is collected beyond what was used to render the page initially. No personal or other information is recorded for these statistics. It is enabled by default, but the site owner can disable it.
- b.Most site hosting providers include several statistics packages that track visitor data, like IP addresses, session duration, and country viewed from. However the site owner may have turned them off. The site's
Policies page should indicate the specific personal data collected from visitors. None of these statistics are accessed by Smallsite Design.
3 External sites△
Links to other sites are treated differently.
- a.Are shown like External link.
- b.Open the target page separately from the current page.
- c.Do not direct search engine bots to the target page.
External sites might not respect your privacy nor security. Visit them at your own risk.
4 User data△
Users are those engaged by the site owner to manage the site or contribute content.
- a.
User ID – usually their initials. - b.
Full name – which can be cited as the author of an article in its footer. - c.
Known as – used as a salutation for email notifications sent to the user. - d.
Email – address to which notifications are sent. - e.
URL – optional internet address that an author citation in the an article footer can be linked to.
- a.Users accounts require a minimum of a 20 character Password which they can change at any time.
- b.A manager can reset a user's password, resulting the user being sent an email with a temporary 20 character password that expires in eight minutes, but requires them to create a new one at their next login.
- c.Passwords are stored as hashed with a salt, and updated every login with a new salt, so that even if a site is breached, it is cryptographically difficult for the password to be revealed.
- d.The exception is passwords for guest accounts that, being meant for demonstration or training sites with no private information, are usually not updated, allowing for multiple simultaneous logins for viewing available pages, but not altering them.
See Security and passwords for how Smallsite Design improves the security and effectiveness of passwords.
- a.The user data is only used for the purposes indicated.
- b.None of the user data is exposed to the public, except for the purposes indicated.
- c.A manager can alter or delete any user's data, or delete their account at any time, according to the needs of the site.
- d.The user can alter any of their data (except the
URL ) or delete their account at any time, but the changes may be delayed until the next manager log in. - e.While a writer can delete their
URL , only a manager can set or change it for them, as it is at the manager's discretion which sites they tacitly endorse. - f.After a user account deletion, any author attributions remain unchanged so that the author's moral rights may be fulfilled. However, a manager can alter or delete them at any time.
- g.Smallsite Design pages have settings that prevent them from being hosted by another site so that it can track a user's login actions for the purpose of stealing their credentials or viewing the site's non-public information.