Last Updated: January 13th, 2022
This page details the data we collect, what we do with collected data, how long we keep that data, and how you can request the deletion of said data.
Long story short, we keep data collection to a minimum and keep it as impersonal as possible. The only personally identifiable information we collect is email addresses. Providing an email address is always optional, and the email address is encrypted before being stored. However, we rely on third parties to power or enhance your experience on Workshop.codes, and those third parties aren't fully controlled by us.
When you visit Workshop.codes you are given a token to identify you (hereafter referred to as the visitor token). The visitor token is completely anonymous, cannot be used to identify you personally, and expires after 4 hours of inactivity. Visitor tokens are saved in our database for a maximum of 1 month. An anonymized IP address is saved along with this token. For more information about how we anonymize IP addresses, please read the Ahoy README.
We also track certain actions you perform on Workshop.codes (hereafter referred to as action data). Action data are tied to your visitor token and contain no information that could personally identify you. Action data are stored in our database for a maximum of 1 month. We use action data for analytics that are shown to users of this website. For example, action data might be used to show how many visits a specific page has received. Analytics utilizing action data are always shown in aggregate, meaning users cannot identify the visitor tokens involved in action data, let alone the users to which action data are tied.
When you create an account, only the information we ask for is saved. Your username is public. Your password is encrypted before being stored. The use of an email address is completely optional, and provided email addresses are encrypted before being stored. The encryption of email addresses and passwords prevents this data from being read in the event of a data breach without the attacker also compromising the systems which encrypt said data.
Data that are removed from our live database may still exist in backups for up to 6 months.
Workshop.codes follows a standard procedure of using log files. These files log visitors when they visit websites. Most hosting companies do this as a part of the hosting services' analytics. The information collected by log files include internet protocol (IP) addresses, date and time, and referring/exit pages. These are not linked to any information that is personally identifiable. These log files are not saved by us personally but may be saved by third parties.
For more general information on cookies, please read What Are Cookies. You may also choose to disable cookies through your browser's settings. For more specific instructions on disabling cookies, please consult the documentation for your browser or perform a Google search.
|_gat_gtag_[xxx]||Used by Google Analytics to throttle request rate.|
|_ga||Used by Google Analytics to distinguish users.|
|_gid||Used by Google Analytics to distinguish users.|
|_overwatch_workshop_session||Used by Workshop.codes for various functions, including identifying users between requests via a random identifier whether they are logged in or not. This cookie does not contain any personal information or hardware information, and is destroyed once you close your browser.|
|remember_token||Used by Workshop.codes to remember logged-in users between sessions. This cookie is only created after checking "Remember Me" when logging in and is completely optional.|
|Blizzard Entertainment||Provide alternative login method||Request for authorization on behalf of end user||https://www.blizzard.com/en-us/legal/a4380ee5-5c8d-4e3b-83b7-ea26d01a9918/blizzard-entertainment-online-privacy-policy|
|Bonsai||Execute search queries||Implicit and explicit search queries, post data and post metadata||https://bonsai.io/privacy|
|Bugsnag||Log information about application errors||Request metadata*||https://docs.bugsnag.com/legal/privacy-policy/|
|Cloudflare||Security and networking||Request metadata*, request and response data||https://www.cloudflare.com/privacypolicy/|
|Discord, Inc.||Provide alternative login method||Request for authorization on behalf of end user||https://discord.com/privacy|
|Google Analytics||Site traffic analytics||Request metadata*, browser-stored cookies||https://policies.google.com/privacy|
|Heroku||Website hosting||Request metadata*, request and response data||https://www.heroku.com/policy/security|
|Scout APM||Monitor request performance||Request metadata*||https://scoutapm.com/privacy|
|Twillo SendGrid||Send emails||Decrypted email addresses, post data and post metadata||https://www.twilio.com/legal/privacy|
* e.g. full IP address, browser user agent, requested path
If for any reason you wish to delete your account, you can do so from your account settings page. This will delete your account along with any associated data. Your account's data may still exist in backups of our database and in log files for up to 6 months after deletion of your account.
Please contact the third parties listed above individually if you would like to request that they delete any data, as deleting your account may not trigger a request or process resulting in the deletion of your data on third party platforms.
If you cannot access your account, would like us to remove data not related to your account, or have further questions or comments, you may contact us via the #website-discussion channel in the Elo Hell Workshops Discord or by any other means listed in the footer below.