Welcome to Codidact Meta!
Codidact Meta is the meta-discussion site for the Codidact community network and the Codidact software. Whether you have bug reports or feature requests, support questions or rule discussions that touch the whole network – this is the site for you.
Post History
#2: Post edited
- We've made a small update to our privacy policy related to a third-party library. While editing, we also restored a link that had been accidentally left out of the original document, causing some confusion.
- In order to accept donations, we use a third-party payment system, Stripe. When we added this support, we failed to realize that Stripe, to combat fraud, must collect some information about activity on our site. They're looking for things like a client trying rapid-fire purchases from storefronts.
- Stripe collects this information through the library that allows us to process payments at all. We initially loaded that library on all community pages on our network, without realizing the privacy implications. We have now restricted the code so that it only loads that library on donation-specific pages. That is, if you click on the "donate" button, the pages from there until you finish or abort the payment use Stripe's library. If you merely visit a page that has a "donate" button, such as the main list in a category, you are not sharing anything with Stripe.
- Stripe describes the data it collects in its [documentation on fraud detection](https://stripe.com/docs/disputes/prevention/advanced-fraud-detection). The section on privacy says:
- > Data privacy
- >
> This advanced fraud detection signal data is never used for advertising and won’t be rented, sold, or given to advertisers, as outlined in our privacy policy. Stripe only uses this data for fraud detection and security purposes, and retains it for as long as it’s useful for the purposes of fraud detection and security.- >
- >Internally, this data is subject to strict access control policies enforced by Stripe, and restricted to a small number of Stripe employees working on fraud prevention and security.
- We'd like to thank the user who alerted us to the Stripe data collection on non-donation pages, and the developers who limited its reach. We apologize for missing this implication earlier.
- For a diff showing the changes, see [this commit](https://github.com/codidact/docs/commit/0236a95071f7b287725e5a7f84b3a57b4a6348e5).
- We've made a small update to our privacy policy related to a third-party library. While editing, we also restored a link that had been accidentally left out of the original document, causing some confusion.
- In order to accept donations, we use a third-party payment system, Stripe. When we added this support, we failed to realize that Stripe, to combat fraud, must collect some information about activity on our site. They're looking for things like a client trying rapid-fire purchases from storefronts.
- Stripe collects this information through the library that allows us to process payments at all. We initially loaded that library on all community pages on our network, without realizing the privacy implications. We have now restricted the code so that it only loads that library on donation-specific pages. That is, if you click on the "donate" button, the pages from there until you finish or abort the payment use Stripe's library. If you merely visit a page that has a "donate" button, such as the main list in a category, you are not sharing anything with Stripe.
- Stripe describes the data it collects in its [documentation on fraud detection](https://stripe.com/docs/disputes/prevention/advanced-fraud-detection). The section on privacy says:
- > Data privacy
- >
- > This advanced fraud detection signal data is never used for advertising and won’t be rented, sold, or given to advertisers, as outlined in our [privacy policy](https://stripe.com/privacy). Stripe only uses this data for fraud detection and security purposes, and retains it for as long as it’s useful for the purposes of fraud detection and security.
- >
- >Internally, this data is subject to strict access control policies enforced by Stripe, and restricted to a small number of Stripe employees working on fraud prevention and security.
- We'd like to thank the user who alerted us to the Stripe data collection on non-donation pages, and the developers who limited its reach. We apologize for missing this implication earlier.
- For a diff showing the changes, see [this commit](https://github.com/codidact/docs/commit/0236a95071f7b287725e5a7f84b3a57b4a6348e5).
#1: Initial revision
Changes to the Codidact Privacy Policy
We've made a small update to our privacy policy related to a third-party library. While editing, we also restored a link that had been accidentally left out of the original document, causing some confusion. In order to accept donations, we use a third-party payment system, Stripe. When we added this support, we failed to realize that Stripe, to combat fraud, must collect some information about activity on our site. They're looking for things like a client trying rapid-fire purchases from storefronts. Stripe collects this information through the library that allows us to process payments at all. We initially loaded that library on all community pages on our network, without realizing the privacy implications. We have now restricted the code so that it only loads that library on donation-specific pages. That is, if you click on the "donate" button, the pages from there until you finish or abort the payment use Stripe's library. If you merely visit a page that has a "donate" button, such as the main list in a category, you are not sharing anything with Stripe. Stripe describes the data it collects in its [documentation on fraud detection](https://stripe.com/docs/disputes/prevention/advanced-fraud-detection). The section on privacy says: > Data privacy > > This advanced fraud detection signal data is never used for advertising and won’t be rented, sold, or given to advertisers, as outlined in our privacy policy. Stripe only uses this data for fraud detection and security purposes, and retains it for as long as it’s useful for the purposes of fraud detection and security. > >Internally, this data is subject to strict access control policies enforced by Stripe, and restricted to a small number of Stripe employees working on fraud prevention and security. We'd like to thank the user who alerted us to the Stripe data collection on non-donation pages, and the developers who limited its reach. We apologize for missing this implication earlier. For a diff showing the changes, see [this commit](https://github.com/codidact/docs/commit/0236a95071f7b287725e5a7f84b3a57b4a6348e5).