Consumer Rights Wiki:Privacy policy: Difference between revisions

← Older edit Newer edit →

VisualWikitext

@@ Line 40: / Line 40: @@
 * '''Username''' - Stored indefinitely, or until account deletion request
 * '''Email address''' - Stored indefinitely, or until account deletion request
-* '''Hashed password''' - Stored indefinitely, or until account deletion request
+* '''Hashed and salted password''' - Stored indefinitely, or until account deletion request
 ===3.2 Contribution Data===
@@ Line 78: / Line 78: @@
 ! Justification
 |-
-| Account data (username, email, password)
+| Account data (username, email, hashed and salted password)
 | Indefinitely until deletion request
 | Necessary to perform contract
@@ Line 238: / Line 238: @@
 Our primary database, file storage, and backup services are provided by DigitalOcean. All user accounts, contribution data, and system backups are stored on DigitalOcean infrastructure.
-Processed data categories: All user account data (usernames, emails, hashed passwords), complete contribution history and edit data, uploaded files and media, database queries and storage, full system backups (daily and monthly), server usage metrics, processor and memory usage data, storage capacity data.
+Processed data categories: All user account data (usernames, emails, hashed and salted passwords), complete contribution history and edit data, uploaded files and media, database queries and storage, full system backups (daily and monthly), server usage metrics, processor and memory usage data, storage capacity data.
 Purpose of processing: primary database hosting for all user data, file and media storage, automated backup services for disaster recovery, and related services necessary for website operation and data persistence.
@@ Line 276: / Line 276: @@
 We implement appropriate technical and organizational measures to protect personal data, including:
-* Encryption of passwords
+* Hashing and salting of passwords
 * Regular security updates
 * Access controls and authentication