Sign up

Table of contents

1. Privacy policy
2. Terms of service

Privacy policy #

Code::Stats stores user data to provide its services. This document describes the data storage and usage policies.

Name and contact details of the personal data register holder

Organization

Tmi AhlCode

Finnish business ID

3133797-6

Email address

ceo ⓐⓣ ahlcode.fi

Inquiries about the register and the data contained should be directed to the above addresses.

Name of the register

Code::Stats (later "the service") user database.

Location of the register

The user database is stored on a cloud server hosted by Hetzner Online GmbH in Finland.

The purpose of data collection

Data is collected about the users of the service to enable and improve the service's functionality. User data is not used for any other purpose.

Data contained in the register

The service collects the following personal data from the users:

• Username and password for authentication purposes. Stored as long as the user does not delete their account.
• Email address (optional) for notifying the user about important announcements related to the service and for account recovery in the case of a lost password. Stored as long as user doesn't delete their account or remove the email in preferences.
• Second email address (optional) to use for displaying Gravatar in user profile and related places. Not used for any other purpose. Stored as long as user doesn't delete their account or remove the email in preferences.
• IP addresses and browser user agent strings from both authenticated and unauthenticated users are stored in the server request logs for 4 weeks. They are used for statistical purposes and abuse prevention.

Data sources

All data is provided by the user and their client software. No data is collected from other sources.

Sharing of data with 3^rd parties

Data is never shared with 3^rd parties, except in the following cases:

• to send an email to a user from the service (the email address and the contents of the email must be transferred to the email delivery service),
• to store backups with a backup storage provider described later in this document, or
• to comply with an official, legal, written order from the Finnish authorities to release customer data (so far this has not happened).

Transfer of data to outside the EU or ETA

Data will not be moved outside the EU or ETA, except in the following cases:

• to send an email to a user from the service (the email address and the contents of the email must be transferred to the email delivery service).

Security of the register

Logins and communication with the server are secured with SSH. On the server, the database is protected by a further login known to only the register holder. Passwords in the database are hashed using Bcrypt with a randomized salt to prevent their decryption in case of a data breach. If a strong password is used, it cannot be feasibly decrypted.

Physical security of the server in the datacenter is managed by Hetzner Online GmbH.

Register data requests

All users of the register have a right to get a copy of the data stored about them. To get a copy, use the data export feature in the preferences page when logged into your account. If you are not logged in, send a free form written request to the data register holder described above.

Deletion of data and stopping of data processing

If you wish to delete all your personal data from the register, use the account deletion feature in the preferences page. Your data will be deleted from the database immediately, and from any backups within 5 weeks.

When you delete your account, your data is no longer processed by the service, except for the IP addresses and user agent strings collected in the server logs as mentioned earlier, and any unscrubbed analytics data as noted below.

Note about backups

The service's filesystem is backed up daily. The backups are created and stored by Hetzner. Backups older than a week are automatically deleted.

Note about analytics

The service uses Tilastokeskus to store simple analytics data about its users. The data is stored on the same server and is not transferred to any outside party.

The stored data includes the following:

• IP address (for abuse prevention)
• Autogenerated session ID (stored in cookie, lasts for 15 minutes after last request)
• User-Agent header sent by browser
• Request URL
• Referer header sent by browser
• Screen resolution
• Timezone offset from UTC
• City and country based on GeoIP data

After 90 days, stored requests in the analytics data will be scrubbed to remove private information. This removes the IP address, full User-Agent header, and city from the data.

If you wish to prevent the storage of your request information in the analytics data, use an extension such as uBlock Origin to block requests to /tilastokeskus/* on this website.

Note about advertisements

The service may contain advertisements. These advertisements are provided by EthicalAds. EthicalAds does not track you, and the ads are targeted based on the page content and geolocation. Please see EthicalAds' privacy policy for more information.

Advertisement providers are never given access to the data register itself.

Note about email

Emails from the service are sent using Mailgun by Rackspace Inc, a US based company. This means user details contained in the emails (such as the user's email address) are sent to the email service as a necessary part of the email delivery process. If you do not wish to have your email address sent to either of these services, you can remove your email address in the preferences.

For more information, please see Mailgun's GDPR page.

Note about Gumroad

The paid account features of the service use Gumroad as the payment provider. Gumroad collects data to deliver its services. This data includes, among others (quoted from Gumroad privacy policy):

• transactional information based on your activities on the Site as a buyer (such as item and content you purchase)
• payment information, such as credit card number
• your contact information (such as your name, user ID, email-address, and shipping, billing and other information you provide to purchase an item or receive delivery of an item)

When you click a link on the service to navigate to purchasing a paid account license on Gumroad, your usage of Gumroad will be subject to their privacy policy. For more information, please see Gumroad's privacy policy.

Changes to the privacy policy

This page holds the most up to date version of the privacy policy. We ask that you check this page for changes regularly. In the case of major changes to the policy, all users that have given their email address will be notified by email beforehand.

This privacy policy was last changed on the 8^th of November 2022.

Terms of service #

Code::Stats (later "the service") is a free service. Using it is a privilege, not a right. There is no SLA promised or implied.

The rules of using the service:

1. Don't hammer or attempt to DoS the API or the server or you will be banned.
2. Don't try to insert fake XP for yourself through the API.
3. Don't be mean to other people.
4. Do check the source code of the service and the plugins and suggest improvements.
5. Have fun.

Sign up

Username (required)

Must not contain the following characters: /#%?&=+ . You're free to use Unicode characters but complex character sequences may make the profile unreachable.

Password (required)

Email address

Email is only used for important notifications about the service, not for promotions or spam.

Note that an email address is required for account recovery in case you lose your password.

I am 16 years of age or older and able to consent to the terms above I have read and understood the privacy policy and terms of service above, and I accept them

Register!