If you have a security issue you believe needs immediate attention, please do not publicly disclose it without first giving a chance for the Privly developers to fix it. You can email us directly at privly [at] privly.org for critical issues, or enter less critical issues into the bug form. At the time of this writing, there were no known security issues.
This section is dedicated to describing the parties with any level of access to information transmitted by this content server, or inferable from those transmissions. We are actively working to reduce the necessary disclosures of this list.
The Privly Foundation: Code Updates, System Administration:
You are currently trusting Privly's system administration capabilities. Active system administrators include Sean McGregor (the content server). We are working to reduce all trust and reliance on content hosts by developing the client-side encryption capabilities of Privly.
Rackspace: Virtual Private Server Host:
Our host could likely gain root access on our server.
GoDaddy: DNS, privlyalpha.org Registrar:
The Alpha version of the server has DNS through GoDaddy, and the domain is registered through their servers. We need a critical evaluation of all the DNS and domain registrars available.
thoughtbot and Airbrake: Error Logging Service:
We use the Airbrake error logging service for recording and managing errors in the content server. In some instances this could lead to Airbrake obtaining information available to Privly. We will consider switching to a self-hosted solution when we transition to the Beta version.
Browser Distributors: Extension Distribution:
The Privly extensions are distributed by their respective browser authors. We trust them to distribute unmodified versions of Privly. If you don't trust Mozilla, Opera, or Google to distribute the original extension, you should download the extension's source code directly from the appropriate Privly repository.
Our Users: Understanding:
Privly is a new concept under active development. We can build Privly, but unless our users understand Privly capabilities, they will not be able to protect their content with Privly.
Make Privacy Automatic
We will eventually store everything as cipher-text (encrypted), and execute all encryption services on the browser. We don't want to be able to read anything. Your content will be as secure as your password.
It is Your Data
We will not archive your content after you delete it, and we will never crawl your content.
Everything is Opt-In
When we add capabilities, access to existing content will not change unless the content-owner explicitly changes the settings.
Reading Content is Also Private
Content owners do not know which links you read. Privly will only collect user data (example: geography) that helps us deliver content more effectively.
Above all we want to enable privacy across the internet. We will keep development and policies open and responsive to the users, so get involved!
Please read this Agreement carefully before accessing or using the Website. By accessing or using any part of the web site, you agree to become bound by the terms and conditions of this agreement. If you do not agree to all the terms and conditions of this agreement, then you may not access the Website or use any services. If these terms and conditions are considered an offer by PrivlyAlpha, acceptance is expressly limited to these terms. The Website is available only to individuals who are at least 13 years old.
- Privly Incorporation Status and Donations Priv.ly is an unincorporated group without any corporate structure. Until Privly is incorporated as a non-profit organization as recognized by IRC 501(C)(3), and changes these terms, the following terms shall take precedence above all other:
- The website is offered "as is," without rights to continuity of service, guaranteed uptime, or technical support. By using the website you are agreeing to use the website at your own risk, without liability to Privly, or liability to any individuals involved with Privly in an official capacity.
- No group or individual is empowered to make exceptions to the Terms of Service. The terms are ammended by publishing a new version of the terms to the website
- All donations are taxable.
- Your PrivlyAlpha Account and Site. If you create an account on the Website, you are responsible for maintaining the security of your account, and you are fully responsible for all activities that occur under the account and any other actions taken in connection with the account. You must not post content to your account in a misleading or unlawful manner, including in a manner intended to trade on the name or reputation of others. You must immediately notify PrivlyAlpha of any unauthorized uses of your account or any other breaches of security. PrivlyAlpha will not be liable for any acts or omissions by You, including any damages of any kind incurred as a result of such acts or omissions.
- Responsibility of Contributors. If you post material to the Website, or otherwise make (or allow any third party to make) material available by means of the Website (any such material, “Content”), You are entirely responsible for the content of, and any harm resulting from, that Content. That is the case regardless of whether the Content in question constitutes text, graphics, an audio file, or computer software. By making Content available, you represent and warrant that:
By submitting Content to PrivlyAlpha, you grant PrivlyAlpha a world-wide, royalty-free, and non-exclusive license to reproduce, modify, adapt and publish the Content solely for the purpose of displaying your content to authorized individuals. If you delete Content, PrivlyAlpha will use reasonable efforts to remove it from the Website, but you acknowledge that caching or references to the Content may not be made immediately unavailable.
- the Content does not contain or install any viruses, worms, malware, Trojan horses or other harmful or destructive content;
- the Content is not spam, is not machine- or randomly-generated, and does not contain unethical or unwanted commercial content designed to drive traffic to third party sites or boost the search engine rankings of third party sites, or to further unlawful acts (such as phishing) or mislead recipients as to the source of the material (such as spoofing);
- the Content is not libelous or defamatory (more info on what that means), does not contain threats or incite violence towards individuals or entities, and does not violate the privacy or publicity rights of any third party;
- your login is not named in a manner that misleads your readers into thinking that you are another person or company. For example, your login name is not the name of a person other than yourself or company other than your own;
- your content is not getting advertised via unwanted electronic messages such as spam links on newsgroups, email lists, journals and web sites, and similar unsolicited promotional methods;
Without limiting any of those representations or warranties, PrivlyAlpha has the right (though not the obligation) to, in PrivlyAlpha’s sole discretion terminate or deny access to and use of the Website to any individual or entity for any reason, in PrivlyAlpha’s sole discretion. PrivlyAlpha will have no obligation to provide a refund of any amounts previously paid.
- Responsibility of Website Visitors. PrivlyAlpha has not reviewed, and cannot review, all of the material, including computer software, posted to the Website, and cannot therefore be responsible for that material’s content, use or effects. By operating the Website, PrivlyAlpha does not represent or imply that it endorses the material there posted, or that it believes such material to be accurate, useful or non-harmful. You are responsible for taking precautions as necessary to protect yourself and your computer systems from viruses, worms, Trojan horses, and other harmful or destructive content. The Website may contain content that is offensive, indecent, or otherwise objectionable, as well as content containing technical inaccuracies, typographical mistakes, and other errors. The Website may also contain material that violates the privacy or publicity rights, or infringes the intellectual property and other proprietary rights, of third parties, or the downloading, copying or use of which is subject to additional terms and conditions, stated or unstated. PrivlyAlpha disclaims any responsibility for any harm resulting from the use by visitors of the Website, or from any downloading by those visitors of content there posted.
- Content Posted on Other Websites. We have not reviewed, and cannot review, all of the material, including computer software, made available through the websites and webpages to which Priv.ly links, and that link to Priv.ly. PrivlyAlpha does not have any control over those non-PrivlyAlpha websites and webpages, and is not responsible for their contents or their use. By linking to a non-PrivlyAlpha website or webpage, PrivlyAlpha does not represent or imply that it endorses such website or webpage. You are responsible for taking precautions as necessary to protect yourself and your computer systems from viruses, worms, Trojan horses, and other harmful or destructive content. PrivlyAlpha disclaims any responsibility for any harm resulting from your use of non-PrivlyAlpha websites and webpages.
- Copyright Infringement and DMCA Policy. PrivlyAlpha has a separate DMCA policy.
- Intellectual Property. This Agreement does not transfer from PrivlyAlpha to you any PrivlyAlpha or third party intellectual property, and all right, title and interest in and to such property will remain (as between the parties) solely with PrivlyAlpha. All trademarks, service marks, graphics and logos used in connection with Priv.ly, or the Website are trademarks or registered trademarks of PrivlyAlpha or PrivlyAlpha’s licensors. Other trademarks, service marks, graphics and logos used in connection with the Website may be the trademarks of other third parties. Your use of the Website grants you no right or license to reproduce or otherwise use any PrivlyAlpha or third-party trademarks.
- Changes. PrivlyAlpha reserves the right, at its sole discretion, to modify or replace any part of this Agreement. It is your responsibility to check this Agreement periodically for changes. Your continued use of or access to the Website following the posting of any changes to this Agreement constitutes acceptance of those changes. PrivlyAlpha may also, in the future, offer new services and/or features through the Website (including, the release of new tools and resources). Such new features and/or services shall be subject to the terms and conditions of this Agreement.
- Termination. PrivlyAlpha may terminate your access to all or any part of the Website at any time, with or without cause, with or without notice, effective immediately. If you wish to terminate this Agreement or your Priv.ly account (if you have one), you may simply discontinue using the Website. All provisions of this Agreement which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.
- Disclaimer of Warranties. The Website is provided “as is”. PrivlyAlpha and its suppliers and licensors hereby disclaim all warranties of any kind, express or implied, including, without limitation, the warranties of merchantability, fitness for a particular purpose and non-infringement. Neither PrivlyAlpha nor its suppliers and licensors, makes any warranty that the Website will be error free or that access thereto will be continuous or uninterrupted. You understand that you download from, or otherwise obtain content or services through, the Website at your own discretion and risk.
- Limitation of Liability. In no event will PrivlyAlpha, or its suppliers or licensors, be liable with respect to any subject matter of this agreement under any contract, negligence, strict liability or other legal or equitable theory for: (i) any special, incidental or consequential damages; (ii) the cost of procurement or substitute products or services; (iii) for interruption of use or loss or corruption of data; or (iv) for any amounts that exceed the fees paid by you to PrivlyAlpha under this agreement during the twelve (12) month period prior to the cause of action. PrivlyAlpha shall have no liability for any failure or delay due to matters beyond their reasonable control. The foregoing shall not apply to the extent prohibited by applicable law.
- Indemnification. You agree to indemnify and hold harmless PrivlyAlpha, its contractors, and its licensors, and their respective directors, officers, employees and agents from and against any and all claims and expenses, including attorneys’ fees, arising out of your use of the Website, including but not limited to out of your violation this Agreement.
- Open Source. You agree to indemnify and hold harmless PrivlyAlpha, its code contributers, its contractors, and its licensors, and their respective directors, officers, employees and agents from and against any and all claims and expenses, including attorneys’ fees, arising out of the publishing of PrivlyAlpha's source code or the acceptance of code contributions from outside parties.
- Miscellaneous. This Agreement constitutes the entire agreement between PrivlyAlpha and you concerning the subject matter hereof, and they may only be modified by a written amendment signed by an authorized executive of PrivlyAlpha, or by the posting by PrivlyAlpha of a revised version. Except to the extent applicable law, if any, provides otherwise, this Agreement, any access to or use of the Website will be governed by the laws of the state of California, U.S.A., excluding its conflict of law provisions, and the proper venue for any disputes arising out of or relating to any of the same will be the state and federal courts located within 90 miles of Corvallis, Oregon. The prevailing party in any action or proceeding to enforce this Agreement shall be entitled to costs and attorneys’ fees. If any part of this Agreement is held invalid or unenforceable, that part will be construed to reflect the parties’ original intent, and the remaining portions will remain in full force and effect. A waiver by either party of any term or condition of this Agreement or any breach thereof, in any one instance, will not waive such term or condition or any subsequent breach thereof. You may assign your rights under this Agreement to any party that consents to, and agrees to be bound by, its terms and conditions; PrivlyAlpha may assign its rights under this Agreement without condition. This Agreement will be binding upon and will inure to the benefit of the parties, their successors and permitted assigns.
(Note, these Terms of Service are available under a Creative Commons Sharealike license thanks to WordPress.org)
The Privly extensions and content server are licensed under the MIT License. The Privly source code is hosted at github.com
How can I use the name "Privly"?
The Privly Foundation encourages developers to use the name Privly in ways that do not confuse the public about the source of privacy software and services. If you are building open-source non-commercial software or services that incorporate or work with The Privly Project's code, you may use the name "Privly" in an accurate description of your work. We ask you to include a link to the official Privly website https://priv.ly so users can verify the original source of Privly for themselves, and a note indicating that your project is not sponsored by The Privly Foundation. For example, "This product is produced independently from the Privly™ privacy software and carries no guarantee from The Privly Foundation about quality, suitability or anything else."
Can I use the Privly logo?
If you're making non-commercial use of Privly software, you may also use the Privly logo (as an illustration, not as a brand for your products). Please don't modify the design or colors of the logo. You can use items that look like the Privly logo to illustrate a point (e.g. the Privly logo in composition with a browser, for instance), so long as they're not used as logos in ways that would confuse people.
Can I use the word "Privly" as part of the name of my product or my domain name?
We recommend that you don't do this, but rather find a name that will accurately identify your products or services. Remember that our goal is to make sure that people aren't confused about whether your product or project is made or endorsed by The Privly Project. Creating a new brand that incorporates the Privly brand is likely to lead to confusion.
Does this mean you're enforcing trademark rights?
The Privly Foundation is a non-profit corporation organized to research and develop the Privly privacy software and network. We don't want to be trademark bullies, but we will use trademark to protect the public's ability to recognize Privly Project software. Trademark law helps us to assure that the name is used only in connection with genuine Privly privacy software and for accurate description of software and services. After all, to protect their privacy securely, computer users must be able to identify the software they are using, so they can account properly for its strengths and weaknesses. We work with developers to improve the software and actively encourage researchers to document attacks to help us strengthen its privacy protection further. We distribute the software itself freely, but require correct attribution.
What if I produce non-open source, commercial products based on Privly?
Contact the Privly Foundation.
What is the difference between Privly and Priv.ly?
Priv.ly hosts a list of Privly compliant hosts, and is used for marketing Privly. The Privly name is pending a formal trademark, and Priv.ly is a "Domain Hack" of the Privly trademark and enjoys the same protections as Privly.
About this Document
This document was repurposed from TOR's FAQ, which is licensed under the Creative Commons Attribution 3.0 United States License.
The Privly Foundation abides by the federal Digital Millennium Copyright Act (DMCA) by responding to notices of alleged infringement that comply with the DMCA and other applicable laws. As part of our response, we may remove or disable access to material residing on a site that is controlled or operated by The Privly Foundation that is claimed to be infringing, in which case we will make a good-faith attempt to contact the person who submitted the affected material so that they may make a counter notification, also in accordance with the DMCA.
The Privly Foundation does not control content hosted on third party websites, and cannot remove content from sites it does not own or control. If you are the copyright owner of content hosted on a third party site, and you have not authorized the use of your content, please contact the administrator of that website directly to have the content removed.
Before serving either a Notice of Infringing Material or Counter-Notification, you may wish to contact a lawyer to better understand your rights and obligations under the DMCA and other applicable laws. The following notice requirements are intended to comply with the Privly Foundation’s rights and obligations under the DMCA and, in particular, section 512(c), and do not constitute legal advice.
Notice of Infringing Material
To file a notice of infringing material on a site owned or controlled by the Privly Foundation, please provide a notification containing the following details:
- Reasonably sufficient details to enable us to identify the work claimed to be infringed or, if multiple works are claimed to be infringed, a representative list of such works (for example: title, author, any registration or tracking number, URL);
- Reasonably sufficient detail to enable us to identify and locate the material that is claimed to be infringing (for example a link to the page that contains the material);
- Your contact information so that we can contact you (for example, your address, telephone number, email address);
- A statement that you have a good faith belief that the use of the material identified in (2) is not authorized by the copyright owner, its agent, or the law;
- A statement, under penalty of perjury, that the information in the notification is accurate and that you are authorized to act on behalf of the owner of the exclusive right that is alleged to be infringed.
- Your physical or electronic signature.
Then send this notice to:
DMCA Agent: Sean McGregor
8885 Rio San Diego Drive, Suite 300
San Diego, CA 92108
Attn: DMCA Agent, the Privly Foundation
If material that you have posted to a site controlled or operated by the Privly Foundation has been taken down, you may file a counter-notification that contains the following details:
- Identification of the material that has been removed or to which access has been disabled and the location at which the material appeared before it was removed or disabled;
- A statement, under penalty of perjury, that you have a good faith belief that the material was removed or disabled as a result of mistake or misidentification of the material in question;
- Your name, address and telephone number;
- A statement that you consent to the jurisdiction of the Federal District Court for judicial district in which your address is located or, if your address is outside of the USA, for any judicial district in which the Privly Foundation may be found and that you will accept service of process from the person who submitted a notice in compliance with the section (c)(1)(C) of the DMCA, as generally described above;
- Your physical or electronic signature.
Then send this notice to:
DMCA Agent: Sean McGregor
8885 Rio San Diego Drive, Suite 300
San Diego, CA 92108
Attn: DMCA Agent, the Privly Foundation
You may be able to find examples of counter-notifications at www.chillingeffects.org/dmca/counter512.pdf. Please note, however, that this is no substitute for legal advice and you should obtain legal advice to better understand your rights and obligations under the DMCA and applicable laws.
About this Document
This document was repurposed from Creative Commons' DMCA statement, which is licensed under the Creative Commons Attribution 3.0 United States License.