Privacy & Acceptable Use Policy
Last updated: 2026-03-28
This document describes how data is collected and processed across all services hosted under tiararodney.com, and sets out the terms under which access to those services is granted.
No service serves a commercial interest. No service uses third-party analytics, tracking pixels, or advertising networks.
Data processing location
All data is stored and processed exclusively on infrastructure located within the European Union. No data is transferred to, or processed in, jurisdictions outside the EU, with the sole exception of third-party providers described in the Third-party data sharing section below.
Scope and access
All services hosted under tiararodney.com are private services, regardless of their exposure on the internet. GDPR and similar public-service data-protection frameworks do not apply.
Access is extended on an invite-only basis to family, colleagues, acquaintances, or any individual who may have a reasonable interest in contacting the site owner. By accessing any service described in this document you acknowledge and accept this policy in its entirety and are hereby granted an invitation.
Acceptable use
By using these services you agree to the following:
- No abuse. Do not attempt to disrupt, degrade, or interfere with any service, host, or network resource.
- No unauthorised access. Do not attempt to access accounts, data, or administrative interfaces that have not been explicitly made available to you.
- No automated scraping. Do not use bots, crawlers, or scripts to bulk-download content without prior written permission.
- Respect other users. Communication through chat or comments must remain civil. Harassment, spam, and illegal content are prohibited.
- No redistribution. Do not republish data obtained from these services (including health and fitness data published on tiararodney.com) without the site owner’s consent.
Violation of any of the above may result in immediate revocation of access without notice.
Public services (no account required)
tiararodney.com
- Statically served; no cookies, no JavaScript tracking, no server-side session state
- Logs record IP addresses and are rotated automatically
- The site intentionally publishes health data of the site owner
blog.tiararodney.com
- Statically served; no JavaScript tracking, no server-side session state
- Cookies are used only for statefulness of the commenting system (comments.tiararodney.com)
- Logs record IP addresses and are rotated automatically
Authenticated services
accounts.tiararodney.com
Identity provider. Stores:
- Email address (required, unique)
- Username
- Hashed password (for local accounts)
- Social-login links (Google, Microsoft, Apple, Facebook, X)
Session state is stored server-side in cache. No analytics or error reporting is enabled.
Social-login providers pass the following claims:
preferred_username, email, name.
chat.tiararodney.com
Chat service. Stores:
- User roster (contact list)
- User accounts (managed by accounts.tiararodney.com)
- Full message archive
- End-to-end encryption keys (enabled by default)
- File uploads (10 MB limit; deleted after 7 days)
- Offline messages (delivered via email if configured)
Authentication tokens are stored in browser sessionStorage and
cleared on logout. Session timeout is 30 minutes.
comments.tiararodney.com
Comment system. Stores:
- Comment text and thread structure
- User profile
bugs.code.tiararodney.com
Bug tracker. Stores:
- Bug reports, comments, and attachments
- User accounts (managed by accounts.tiararodney.com)
User email addresses are aliased throughout the UI. Self-registration is disabled; accounts are created through the identity provider only.
Development services
The following services support development workflows and do not store user-generated content beyond authentication data managed by accounts.tiararodney.com.
| Service | Purpose |
|---|---|
| pypi.code.tiararodney.com | Python package index |
| crates.code.tiararodney.com | Rust crate registry |
| specs.code.tiararodney.com | Static documentation |
| dockerhub.oci.code.tiararodney.com | Container registry mirror |
| ghcr.oci.code.tiararodney.com | Container registry mirror |
All services may send transactional email (account confirmations, password resets, notifications) via SMTP. Email addresses are shared with the configured SMTP relay for delivery purposes only.
Encryption
All public traffic is served over HTTPS with automatically renewed certificates. HTTP requests are redirected to HTTPS. Internal traffic between hosts is encrypted via VPN. Chat messages support end-to-end encryption.
Data retention
| Data | Retention |
|---|---|
| Web server access logs | Rotated automatically (system default) |
| Chat file uploads | 7 days |
| Chat message archive | Indefinite |
| Bug reports | Indefinite |
| Comments | Indefinite |
| Authentication sessions | Server-managed |
Third-party data sharing
No data is sent to third-party services except:
- The SMTP relay, for transactional email delivery
- Social-login providers (Google, Microsoft, Apple, Facebook, X) during authentication flows, only when initiated by the user
No other data is shared with, sold to, or made accessible to third parties.
Contact
For questions about this policy or to request removal of your data, contact the site owner directly.