Skip to content

Privacy Policy

Cannlytics takes your privacy seriously. To better protect your privacy we provide this privacy policy notice explaining the way your personal information is collected and used.

What information do we collect?

  • Basic account information: If you register on this server, you may be asked to enter a username, an e-mail address, and a password. You may also enter additional profile information such as a display name and biography, and upload a profile picture and header image. The username, display name, biography, profile picture, and header image are always listed publicly.
  • Certificates, sharing, and other information: You may choose to list your analyses, analytes, and organizations publicly. Your data may contain media attachments, such as pictures and videos. Public media is available publicly. When you feature analyses or analytes, the main data points are also publicly available information. Your certificates and results are delivered to your contacts, in some cases this means that they are delivered to different servers and copies are stored there. When you delete analyses, analytes, organizations, certificates, and results, this information is likewise delivered to your contacts who have been shared data. The action of creating an account is always public.
  • Direct and shared-only files and data: All data and files are stored and processed on the server. Shared-only data and files are delivered to your contacts and users who you have shared them with, and direct certificates and results are delivered only to users selected when sent. In some cases this means that your results and files are delivered to different servers and copies are stored there. We make a good faith effort to limit the access to those results and files only to authorized persons, but other servers may fail to do so. Therefore it's important to review servers that your contacts use. You may toggle an option to approve and reject new contacts and users to receive results and files manually in the settings. Please keep in mind that the operators of the server and any receiving server may view such messages, and that recipients may screenshot, copy or otherwise re-share them. Do not share any dangerous or illegal information over Cannlytics.
  • IPs and other metadata: When you log in, we record the IP address you log in from, as well as the name of your browser application. All the logged in sessions are available for your review and revocation upon request. The latest IP address used is stored for up to 12 months. We also may retain server logs which include the IP address of every request to our server.

What do we use your information for?

Any of the information we collect from you may be used in the following ways:

  • To provide the core functionality of Cannlytics. You can only interact with other people's shared data and manage your own data when you are logged in. For example, you may share results and certificates with other people and view their sample and transfer data.
  • To aid moderation of the community, for example comparing your IP address with other known ones to determine ban evasion or other violations.
  • The email address you provide may be used to send you information, notifications about other people interacting with your content or sending you messages, and to respond to inquiries, and/or other requests or questions.

How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. Among other things, your browser session, as well as the traffic between your applications and the API, are secured with SSL, and your password and API keys are hashed using a strong one-way algorithm.

What is our data retention policy?

We will make a good faith effort to:

  • Retain server logs containing the IP address of all requests to this server, in so far as such logs are kept, no more than 90 days.
  • Retain the IP addresses associated with registered users no more than 12 months.

You can request an archive of your data and files, including your certificates, media attachments, profile picture, and header image.

You may irreversibly delete your account at any time.

Do we use cookies?

Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow). These cookies enable the site to recognize your browser and, if you have a registered account, associate it with your registered account.

We use cookies to understand and save your preferences for future visits.

Do we disclose any information to outside parties?

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our site, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety.

Your public data and files may be downloaded by other servers in the network. Your public and followers-only posts are delivered to the servers where your followers reside, and direct messages are delivered to the servers of the recipients, in so far as those followers or recipients reside on a different server than this.

When you authorize an application to use your account, depending on the scope of permissions you approve, it may access all of your data and files. Applications can never access your e-mail address or password.

Site usage by children

If this server is in the EU or the EEA: Our site, products and services are all directed to people who are at least 21 years old. If you are under the age of 21, per the requirements of the GDPR (General Data Protection Regulation) do not use this site.

If this server is in the USA: Our site, products and services are all directed to people who are at least 21 years old. If you are under the age of 21, per the requirements of COPPA (Children's Online Privacy Protection Act) do not use this site.

Law requirements can be different if this server is in another jurisdiction.

Changes to our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page.

This document is CC-BY-SA. It was last updated July 21, 2021.

Adapted from the Mastadon.social privacy policy.

Originally adapted from the Discourse privacy policy.