Digilog

Privacy Policy

Last Updated: February 8, 2026

1. Introduction

Welcome to Digilog ("we," "our," or "us"). We are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your personal information. This Privacy Policy explains our practices regarding data collected through our BBS-inspired community platform.

By using Digilog, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you register for an account, we collect:

  • Username: Your chosen display name
  • Email address: For account verification and communication
  • Password: Stored as a cryptographic hash (we never store plain-text passwords)
  • Registration date: Timestamp of account creation

2.2 Content You Post

We store all content you voluntarily post on our platform:

  • Message board posts and replies
  • Message subjects and bodies
  • Timestamps of all posts
  • Thread relationships (replies to other messages)

2.3 Usage Data

We automatically collect certain technical information:

  • IP Address: Logged with messages and contact form submissions for security and abuse prevention
  • Login activity: Last login timestamps
  • Reading activity: Read pointers to track which messages you've seen (for the "new since last visit" feature)
  • Session data: Temporary session cookies to keep you logged in

2.4 Contact Form Submissions

When you use our contact form, we collect:

  • Your name and email address
  • Subject and message content
  • IP address and submission timestamp

3. How We Use Your Information

We use collected information for the following purposes:

  • Account Management: To create and maintain your user account
  • Core Functionality: To display your posts, track read status, and enable community features
  • Communication: To respond to your contact form inquiries via email
  • Security: To prevent abuse, spam, and unauthorized access
  • Technical Operation: To maintain session state and provide smooth user experience
  • Legal Compliance: To comply with applicable laws and respond to lawful requests

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties.

We may share information only in the following circumstances:

  • Public Content: Your username and posts are publicly visible to all site visitors
  • Email Communication: We use ProtonMail SMTP to send contact form notifications and account-related emails
  • Legal Requirements: If required by law, court order, or governmental request
  • Security Threats: To protect against fraud, abuse, or security threats

5. Cookies and Tracking

We use minimal cookies for essential functionality only:

  • Session Cookie: A temporary cookie to maintain your logged-in state (expires when you close your browser or after 24 hours)
  • CSRF Token: Security token to prevent cross-site request forgery attacks

We do NOT use:

  • Third-party analytics (no Google Analytics, etc.)
  • Advertising cookies
  • Social media tracking pixels
  • Behavioral tracking or profiling

6. Data Retention

We retain your information as follows:

  • Account Data: Retained as long as your account is active
  • Posts and Messages: Retained indefinitely unless deleted by you or a moderator
  • Deleted Messages: Soft-deleted messages are retained in our database for 90 days before permanent removal (unless manually purged by administrators)
  • Contact Form Messages: Retained for 1 year
  • IP Address Logs: Retained for 90 days
  • Session Data: Automatically expires after 24 hours

7. Your Rights and Choices

You have the following rights regarding your personal data:

  • Access: You can view your account information and posts at any time
  • Correction: Contact us to update incorrect information
  • Deletion: You may request account deletion by contacting us (note that public posts may remain visible)
  • Data Export: Request a copy of your data by contacting us
  • Opt-Out: You can stop using the service at any time by deleting your account

To exercise these rights, please contact us via the contact form or email nick@nburchett.com.

8. Security

We implement reasonable security measures to protect your information:

  • Passwords are hashed using industry-standard bcrypt algorithm
  • Database credentials are stored securely and not exposed to the public
  • CSRF protection on all forms
  • Regular security updates and monitoring
  • IP-based abuse detection

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. Children's Privacy

Digilog is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

10. International Users

Digilog is hosted in the United States. If you are accessing our service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using our service, you consent to this transfer.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by:

  • Posting a notice on the site dashboard
  • Updating the "Last Updated" date at the top of this policy

Your continued use of Digilog after changes are posted constitutes acceptance of the updated policy.

12. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Summary

What we collect: Account info, your posts, IP addresses, basic usage data

What we don't do: Sell your data, use analytics trackers, show ads, or track you across the web

Your control: You can delete your account and request data export at any time