"We", "our" and "us" refers to WhateverItWorks.org, WhateverItWorks.net, WhateverItWorks.us, WhateverItWorks.uk, and WhateverItWorks.cool maintainers and/or
developers. "You" refers to you as the user of our services.
WhateverItWorks is committed to giving users more control over their digital life. This is why we take steps to help ensure we are providing a private and secure experience while you browse your favorite social media. This policy outlines important details such as what we store, what you will need to consult third parties for, and situations where we cannot protect you.
This policy applies to all WhateverItWorks sites, found at https://whateveritworks.org, https://whateveritworks.net, https://whateveritworks.us, https://whateveritworks.uk, https://whateveritworks.cool and all their subdomains. Some sections of this policy may be specific to one of our services, in which case it is specified. By using our services, you are agreeing to this policy.
Last updated: July 22, 2023
While visiting our sites: The logging done on our sites is minimal to keep the experience
private. For example, our NGINX (A service that we use on our server) logs are kept disabled.
However, this may not always be the case. In the event of a critical system error or an attack
on our services, such as a DDoS, it may be necessary to temporarily enable logs to diagnose and
remedy the issue. In scenarios such as these, logs will be purged as soon as the issue is dealt
with. If you are found to be engaging in activities that harm our services, such as spamming,
DDoS or brute-force attacks, your IP address may be stored permanently to protect us, our
services and other users of our services. View the "Law Enforcement" section of this policy to
see how we may be forced to enable them in other situations. An NGINX log, in the duration that
its stored, may include your IP address, user agent, and a timestamp along with your web
request. See the "Third-parties providing Technical Services" section of this policy.
Information you provide to us: Usernames are stored for the services they apply to. Your e-mail address is received by us when you choose to contact us via e-mail. Your Session, Signal, Matrix, XMPP, and or any other Messenger "ID" is received by us when you choose to contact us via our contact methods. No other identifiable information is provided by you to us.
Information we share: Your information is not shared with other entities, except in the cases outlined in the "Third-parties providing Technical Services", "Third-parties providing Payment Services", and "Law Enforcement" sections of this policy.
We rely on Backblaze, Scaleway, and Wasabi for data backups for restoration of the services.
We take the steps that we deem reasonable to protect your data from unauthorized access and distribution, and from loss of data. For example, we use TLS v1.2/v1.3 to transmit data to you in an encrypted format, and we use end-to-end encryption + encryption at rest to ensure your data is safe and sound. With also provided passwords are hashed with Bcrypt or Argon2id for the services that require user accounts.
On the services that you can delete your user account, database backups will continue to hold your information for up to 14 days.
We do not knowingly collect personal information from anyone under 13 years of age. If you are aware of someone under the age of 13 using our services, please report them to firstname.lastname@example.org (GPG/PGP Public Key: here). If we are able to find any information relating to that person, it will be removed.