To the main heading_
Smallsite Design logo (SD) 390x390px

Smallsite Design

Help for building a site, not just pages

SD privacy

!

This page outlines the privacy conditions specifically provided by Smallsite Design for sites built with it.

Site owners should provide a Policies page detailing how they handle information provided to them. However, Smallsite Design takes specific actions in relation to cookies, statistics, external links, and user data to improve the privacy of sites using it.

Of course, site owners being able to create their own content means that they have the potential to infringe on others' privacy. If the site owner has enabled the Report a privacy or IP infringement on page option on their Contact page, let them know of any privacy infringements they make.

1   Cookies

Cookies are information provided by a site to be stored on the computer running the browser.

In relation to Smallsite Design's use of cookies or other files to be stored by the browser:
  1. a.No cookies or other files are used when viewing public pages.
  2. b.No cookies or other files are used at the Manage: Log in page with the User ID field.
    Do not proceed beyond that page if you do not consent to cookies.
  3. c.A cookie with a 30 minute expiry is used at all other Manage pages, including the Log in page with the Password field, and should be automatically deleted by your browser 30 minutes after it is last updated.
  4. d.The cookie does not contain any personal information, but is a token encrypted and hashed by AES-256-GCM that is used to authenticate and secure a user's login and session.

2   Statistics

Statistics help a site owner understand how their site is used.

In relation to the gathering of statistics:
  1. a.Smallsite Design only provides one, but probably the most important. If JavaScript is enabled in your browser, after 30 seconds of viewing a page, the current timestamp, page identifier and locale are sent to the site for reading statistics. Other than the later timestamp, no additional data is collected beyond what was used to render the page initially. No personal or other information is recorded for these statistics. It is enabled by default, but the site owner can disable it.
  2. b.Most site hosting providers include several statistics packages that track visitor data, like IP addresses, session duration, and country viewed from. However the site owner may have turned them off. The site's Policies page should indicate the specific personal data collected from visitors. None of these statistics are accessed by Smallsite Design.

3   External sites

Links to other sites are treated differently.

Links to other sites:
  1. a.Are shown like External link.
  2. b.Open the target page separately from the current page.
  3. c.Do not direct search engine bots to the target page.

External sites might not respect your privacy nor security. Visit them at your own risk.

4   User data

Users are those engaged by the site owner to manage the site or contribute content.

The user data required is:
  1. a.User ID – usually their initials.
  2. b.Full name – which can be cited as the author of an article in its footer.
  3. c.Known as – used as a salutation for email notifications sent to the user.
  4. d.Email – address to which notifications are sent.
  5. e.URL – optional internet address that an author citation in the an article footer can be linked to.
Smallsite Design handling of passwords is:
  1. a.Users accounts require a minimum of a 20 character Password which they can change at any time.
  2. b.A manager can reset a user's password, resulting the user being sent an email with a temporary 20 character password that expires in eight minutes, but requires them to create a new one at their next login.
  3. c.Passwords are stored as hashed with a salt, and updated every login with a new salt, so that even if a site is breached, it is cryptographically difficult for the password to be revealed.
  4. d.The exception is passwords for guest accounts that, being meant for demonstration or training sites with no private information, are usually not updated, allowing for multiple simultaneous logins for viewing available pages, but not altering them.

See Security and passwords for how Smallsite Design improves the security and effectiveness of passwords.

The specific actions available for processing this data are:
  1. a.The user data is only used for the purposes indicated.
  2. b.None of the user data is exposed to the public, except for the purposes indicated.
  3. c.A manager can alter or delete any user's data, or delete their account at any time, according to the needs of the site.
  4. d.The user can alter any of their data (except the URL) or delete their account at any time, but the changes may be delayed until the next manager log in.
  5. e.While a writer can delete their URL, only a manager can set or change it for them, as it is at the manager's discretion which sites they tacitly endorse.
  6. f.After a user account deletion, any author attributions remain unchanged so that the author's moral rights may be fulfilled. However, a manager can alter or delete them at any time.
  7. g.Smallsite Design pages have settings that prevent them from being hosted by another site so that it can track a user's login actions for the purpose of stealing their credentials or viewing the site's non-public information.
Links   Subsite links

Powered by: Smallsite Design©Patanjali SokarisPrivacy   Manage\