No products in the cart.
This is a best-effort attempt at describing our current practices regarding privacy-relevant concerns, and is not an agreement.
It’s possible to use ampae.com without submitting any personal info. Use Tor + a throwaway email + a new pseudonym, etc. If you care about preventing personal information from being collected on ampae.com, then preventing this collection is your responsibility.
This section describes our normal practices. A later section will describe exceptional variations.
We never sell non-public user information to anyone.
In order to operate the site, the following data sharing occurs:
First, our moderators, administrators, system administrators, software developers, and others who perform services for us each have access to a different subset of user account data in order to perform their work. As a general principle, access is provided on a “need-to-know” basis.
Second, our tech-related service providers necessarily have access to user data, and could collect/store data beyond what ampae.com itself does. Example service providers may or may not include, and are not limited to: Amazon Web Services, Google Cloud Platform, Google ReCAPTCHA, Cloudflare, DigitalOcean, and Vultr. We do not use any third-party tracking technology such as Google Analytics or advertisement-related tracking cookies, though Google ReCAPTCHA (used on only certain pages) and Cloudflare in particular may do significant tracking. Refer to their respective privacy policies.
Here are various pieces of data and how retention works for them:
|Thing||Retention||Possible user actions to maximize privacy|
|Page-by-page access logs and most other detailed logging||A few weeks||Use Tor; visit sensitive pages only when not logged in|
|PMs||Until the sender and all recipients delete the PM, plus about 6 months||Always encrypt sensitive PMs. Note also that PMs are often emailed in cleartext to the recipients by ampae.com.|
|Log of all viewed topics||Until deleted + about 6 months||Regularly use the link which marks individual sections or the entire forum as read. This deletes all past individual-topic logs on the marked-read boards. Or view sensitive topics only while logged off.|
|User IP logs||See the separate section on this below||Use Tor; opt into limited retention|
|Error and ban logs||About 18 months||–|
|Lists of detected possible alts||About 30 months||–|
|Various other settings such as profile fields, watchlist, etc.||Kept on the live server until changed/deleted. Likely to be caught in backups and then possibly saved indefinitely.||Don’t express sensitive info in settings|
|Deleted posts and trust ratings, as well as their edit histories||Kept on the live server for a couple of years; then probably kept indefinitely in backups||Don’t publicly post things that you might not want to exist forever|
|Payment info such as Bitcoin addresses||Indefinite||Use private payment technology such as the Wasabi wallet|
|Security, recovery, and moderation logs||Indefinite||–|
|Some IP info related to banned users||Indefinite||Use Tor; don’t get banned|
|Email addresses, including all past email addresses||Indefinite||Use a new email account, an email forwarding service, or similar. Do not use a “disposable” email account, as email resets to publicly-accessible disposable emails is a common cause of accounts getting stolen. It is also currently possible to use a fake email like [email protected], and we may allow signing up without an email address in the future. However, if your account has never had a valid email address, then it will be extremely difficult to recover the account if it is ever stolen.|
|Communication with staff||Possibly indefinite||–|
The city geolocation locates you to the nearest large city according to your IP address.
You cannot delete your account.
The Children’s Online Privacy Protection Act (“COPPA”) protects the online privacy of children under 13 years of age. We do not knowingly collect or maintain personal information from anyone under the age of 13, unless or except as permitted by law. Any person who provides personal information through the Website represents to us that he or she is 13 years of age or older. If we learn that personal information has been collected from a user under 13 years of age on or through the Website, then we will take the appropriate steps to cause this information to be deleted. If you are the parent or legal guardian of a child under 13 who has become a member of the Website or has otherwise transferred personal information to the Website, please contact ampae.com using our contact information to have that account terminated and information deleted.
Variation from the above normal procedure may occur, for example, due to these causes:
- At our sole discretion, we may voluntarily assist law enforcement worldwide. Generally we do this only when we perceive that the target user has probably committed a serious and non-victimless crime.
- At our sole discretion, we may (noncommercially) share or extend retention on any of a specific user’s userdata even without law-enforcement involvement. This is very rare.
- While we don’t intentionally set up systems to do so, data may end up laying around for longer than the above-specified retention limits accidentally. For example, a sysadmin might copy the access logs in order to analyze an ongoing DDoS attack and then forget to delete them for a while.
- Computer security can never be guaranteed.