Next Jam starts in...

461 Jams
4870 Games
1225 Developers

Privacy

This page outlines the data which is collected and stored, how it is transmitted and stored, why it is stored and how you can control this. We're a tiny operation who fully support your ability to control your own data.

What we collect and store

  • For each user, the following user data is stored:
    • User ID (number used to identify each user internally)
    • User registration date and time
    • Username
    • User registration IP address
    • User registration User Agent (browser and operating system data)
    • Display name (set in User Settings)
    • Password validation information (salt, hashed password, number of hashing iterations)
    • Last login date and time
    • Last login IP address
    • Last login User Agent (browser and operating system data)
    • Email address (set in User Settings)
    • Twitter handle (set in User Settings)
    • Twitch username (set in User Settings)
    • Bio (set in User Settings)
    • Current role (user or administrator)
    • User preferences (set in User Settings)
    • User permissions (allowlist and denylist - set by site admins)
    • Last time user performed an admin action
  • For each suggested Theme, the following user data is stored:
    • Submission date and time
    • IP Address and User Agent of user who suggested it
    • User ID of user who suggested it
    • Theme text (user entered)
  • For each Theme vote, the following user data is stored:
    • Date and time when vote was cast
    • IP Address and User Agent of user who cast the vote
    • User ID of user who cast the vote
    • Theme which was voted on
    • Cast vote (-1, 0, +1)
  • For each Theme idea (set on the Theme voting page), the following user data is stored:
    • Date and time when idea was saved
    • IP Address and User Agent of user who saved the idea
    • User ID of user who saved the idea
    • Theme the idea is associated with
    • Idea text (user entered)
  • For each submitted Game (sometimes called an entry), the following user data is stored:
    • Date and time when the Game was submitted
    • IP Address and User Agent of user who submitted the Game
    • Title of Game (user entered)
    • Description of Game (user entered)
    • User ID of user who submitted the Game
    • Screenshot image for Game (uploaded by user)
    • Game color (background and text - user entered)
  • For each submitted Game (sometimes called an entry), one or more platform entries exist. For example if an entry has a URL set for three platforms, that entry will have three entries in this table - one for each platform. Platforms left blank won't result in an entry in this table.
    • Game this platform entry is associated with
    • Platform this platform entry is associated with
    • URL which where this platform entry can be downloaded (user entered)
  • For each poll vote, the following user data is stored:
    • Option which was voted for
    • User ID of the user who voted
  • For each satisfaction vote, the following user data is stored:
    • Date and time when the vote was cast
    • IP Address and User Agent of user who cast the vote
    • Question identifier which was voted on (for example JAM_160 when casting a satisfaction vote for Jam 160)
    • Option which was voted for
    • User ID of the user who voted
  • For each user session, the following user data is stored:
    • User ID (of logged in user the session is for)
    • Date and time when the session started
    • Hashed session ID (token)
  • For each administrative action (scheduling Jams, changing user roles, deleting Themes, etc.), the following user data is stored:
    • Date and time when the log was created
    • IP Address and User Agent of administrator who triggered the event
    • User ID of the administrator who triggered the event
    • User ID of the subject the event relates to
    • Type of log (for example JAM_ADDED, THEME_SOFT_DELETED, etc.)
    • A human readable descriptor of the event, which may include user data relevant to the event. The specific user data may be any of the following: User ID, Date and time of any kind, Username, IP Address, User Agent, User-entered content, Password hashes, Email address, Twitter handle, Role or anything else from this privacy document.
  • For each administration candidate vote the following user data is stored:
    • Date and time the vote was cast
    • IP Address and User Agent of administrator who cast the vote
    • User ID of the administrator who cast the vote
    • User ID of the candidate being voted on
    • The type of vote cast: Sponsor (administrator suggests the user as an admin candidate), for, neutral, against, veto
  • For each asset the following user data is stored:
    • Date and time the asset was first added
    • IP Address and User Agent of administrator who added the asset
    • User ID of the asset author (set by administrator)
    • Asset title (set by administrator)
    • Asset description (set by administrator)
    • Asset type (for example image, sound, ... set by administrator)
    • Asset content (plain text or URL to asset, set by administrator)
  • For each site configuration option the following user data is stored:
    • Date and time the config value was last changed
    • User ID of the administrator who last changed the config value
    • Value of the specific configuration option (set by administrator)
  • For each Jam, the following user data is stored:
    • Date and time when the Jam was scheduled
    • IP Address and User Agent of the user who scheduled the Jam
    • Theme (set by administrator)
    • User ID of the user who streamed
    • Twitch username of the user who streamed
    • URL to the default icon for this Jam and submitted to it (unless a custom image is provided by the Developer
  • For each notification, the following user data is stored:
    • Date and time when the notification was scheduled
    • IP Address and User Agent of the user who scheduled the notification
    • Notification title text (set by administrator)
    • Notification body text (set by administrator)
    • Notification icon URL (set by administrator)
    • Notification icon link URL (set by administrator)

How data is transmitted and stored

All data is transmitted encrypted via HTTPS. This includes passwords and session IDs. Session IDs are stored in cookies.

All data is stored in plaintext, except passwords and session IDs. These are salted, peppered and hashed with SHA256 between 10000 and 20000 times (random number for each user). The result is stored. This same process is done again whenever a password or session ID is provided and the result is checked against the stored hashed values. As far as we're aware, this method means a breech of our database would not result in username/password combinations being obtainable through brute-forcing with current technology. Weak passwords are however easily obtainable no matter what encryption we use.

Why data is stored

  • User IDs and usernames are stored to determine which user is associated with each bit of content.
  • Event dates and times, IP Addresses and User Agent information is stored to identify users in cases of abuse and user's level of activity.
  • Usernames, password validation information, session IDs and the user's role are stored to authenticate and authorize users.
  • Email addresses, Twitter handles, Twitch username, Bio, Theme text, Cast vote, Game title, Game description, Game URLs, Game image, Game color, Voted for option and any other user-entered fields are considered voluntarily entered. Removing these fields (e.g. submitting them as blank) will (unless otherwise stated upon submission) remove them from public visibility, the old versions may however remain in logs or administrator-only tools. See "How you can control your data" for more details.
  • For Theme votes, poll votes, satisfaction votes and admin candidate votes, the cast votes are directly tied to the user who cast them. This is done to ensure each user can only cast one vote and to indicate to the user what they voted for. In the case of Theme votes, it is so we can color the currently-voted-for option. This is also done to mittigate cases of vote abuse or to check what different groups of users voted for - for example select only what recent participants voted for. This does mean that there is enough data available to check what each user individually has voted for (Themes, polls, satisfaction and admin candidates).
  • The data in the administration log is stored to identify abuse, determine administrator activity and to reverse accidental or malicious changes.
  • The data in the administration candidate vote is stored to help determine which candidates should be given the administration role.

How you can control your data

If you wish to get a copy of all the data we have on you, please click the link labeled "User Data" in the menu, or visit us on Discord by clicking the button in the page's header and ask for an administrator. We'll need to authenticate you first though.

If you wish us to delete the data we have, please visit us on Discord by clicking the button in the page's header and ask for an administrator. We'll need to authenticate you first though.

Validate these claims

This software is open-source. Please feel free to validate these claims by examining the code for yourself. The code is linked in the page's footer.