Important: If you were redirected here by a popup that said something along the lines of "Posts on Mastodon are not end-to-end encrypted. Do not share any sensitive information over Mastodon.": This is correct. Posts on the Fediverse, no matter how private your post visibility settings, can always be seen by anyone with database access to the servers the post federates to. The same is the case on basically any other social network. Do not use Fediverse instances (including CatCatNya~) to share sensitive information with anyone, unless you trust the admins of all instances involved that they'll never read the contents of the database or have a data breach.



This privacy policy explains how personal data is collected and used for all services hosted under the CatCatNya~ domain, catcatnya.com.

In the following text, pronouns such as “us”, “we”, “our” and the like describes the maintainers of all services hosted on CatCatNya~. At the time of writing, this applies to one person: Jeremy Kescher.

Topics

What data do we collect?

We collect the following data, depending on the services you use:

  • Personal identification information (Name, email address, phone number)

    We require an email address on sign-up, as well as a username. The latter may also collected when you interact with posts that have federated to us, from an otherwise unrelated third-party instance we federate with.
    We do not currently collect phone numbers.

  • Service access information (IP addresses, User-Agent strings, date and time)

    We collect all of the above if you access CatCatNya~ while logged into an account.

How do we collect your data?

You directly provide us with all data we collect. We collect and process data when you:

  • Authenticate (login or register) on CatCatNya~
  • Voluntarily complete an online form or send us an email
  • Voluntarily upload files or other content
  • (Limited to service access information) Access content on CatCatNya~ as an authenticated user
  • Are on another instance and federate with ours

How will we use your data?

We collect data so we can:

  • Provide you with notifications to the services you use
  • Verify that you are not a simple web bot that creates a bunch of spam accounts on our services
  • Make use of federation to send content generated by users on our instance, as well as receive those of users on other instances.

Additionally, the following usage applies to third-party services:

  • Federation with other ActivityPub-capable software.

    In this case, we only send and/or receive your user generated content, metadata of your profile (limited view of followers/follows, your bio and profile fields), your username and your display name.

How do we store your data?

We securely store your data at a datacenter in Vienna, Austria. We have security measures in place that prevent unauthorized access to our servers. Additionally, fully encrypted backups are taken daily and stored in several locations in Austria.

  • We will keep your personal identification information for as long as needed to verify your identity for and/or authenticate with our services, or as long as your user-generated content is not deleted by either you, us or the admins of your external instance. For verification purposes alone, this means until right after you have clicked a confirmation link in an email (unless it expires before that, which causes immediate deletion). For authentication purposes, this means until you delete the associated account(s) on our services, or the content is marked as deleted on either our or your external instance. Once this time period has expired, we will delete your data by purging it from our databases immediately. Note that if used for authentication purposes, this data may stay in backups for up to 7 days before being finally purged. If it's user-generated content, either from you or a third-party instance, it may stay in backups for up to 30 days (a limitation imposed by Mastodon).
  • We will keep your service access information for about 24 hours, but a maximum of 48 hours if you create and/or use an account at our instance. Once this time period is expired, this information is purged by an hourly scheduled cleanup job.

What are your data protection rights?

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request copies of your personal data.

The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request to complete the information you believe is incomplete.

The right to erasure – You have the right to request that we erase your personal data.

The right to restrict processing – You have the right to request that we restrict the processing of your personal data.

The right to object to processing – You have the right to object to processing of your personal data.

The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: privacy@kescher.at

Cookies

Cookies are text files placed on your computer by a website. Most cookies are used for authentication and storing client-side settings. On CatCatNya~, that is their sole purpose. On many websites, these have been, and still are, used for tracking you. This is not the case - we do not track.

For further information, visit allaboutcookies.org.

How do we use cookies?

We use cookies to keep you signed in to our services and store session secrets and some session-specific settings that are required for this. There are no uses for cookies for us beyond that. We will never track you beyond verifying your authentication.

What types of cookies do we use?

There are a number of different types of cookies, however, we only use those that are classified under Functionality: We use them to recognize your authentication on a service and remember your preferences. This includes trivial settings such as theme settings and your preferred language. All of these cookies are first-party cookies - no third-party cookies are used.

How to manage cookies

You can set your browser not to accept cookies, and the website mentioned in the “Cookies” section tells you how to remove cookies from your browser. However, you will not be able to use the web interface with an account at our service, and will have to use a separate client app instead.

Privacy policies of other websites

Our services may contain hyperlinks to other services. Our privacy policy applies only to our services, so if you click on a link to another service, you should read their privacy policy.

Changes to our privacy policy

We keep our privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 2022-06-27.

How to contact us

If you have any questions about our privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, you are welcome to contact us.

Email us at: privacy@kescher.at

How to contact the appropriate authorities

Should you wish to report a complaint or if you feel that we have not addressed your concern in a satisfactory manner, you can contact the Austrian Data Protection Authority.

Email: dsb@dsb.gv.at

Address:

                    Österreichische Datenschutzbehörde
                    Barichgasse 40-42
                    1030 Vienna
                    Austria / Europe
                    
                            

Telephone: +43 1 52 152-0

CatCatNya~

We are CatCatNya~, a left-wing instance by cats, for cats (and more!).