Introduction

Privacy is a human right, and as a result, I try my best to respect it without hindering my products and services. Here, I’ll explain any phoning-home behavior, data distribution, or data collection that might be done. Don’t worry: it’s very little. Below you can explore how I try to respect your privacy while providing (mostly) free services.

Note: this does not apply to collborative projects, such as Eclipse, which has its own (similar) privacy practices.

Article 1: Released Projects

Any project made by Shuga, including those released under more licenses, may be subject to the following conditions:

• It might communicate to the shuga.co (or its legacy forms, j-co.ga and heyitsshu.ga) to exchange data such as images, fonts, stylesheets, or other data.

  Example: BetterGFMotes (depreciated in favor to BetterPonymotes) might need to fetch some emote images.

• It might communicate with an external API, usually locally on your machine, to retrieve relevant data.

  Example: ShugaBot’s /nps, /btc, and /meme commands

• Most projects will do their routine locally (on-device) and not send generated products to a remote server

  Example: fontPages’s font generation

• No projects should phone home for the sole purpose of tracking or data collection.

Article 2: Website

As previously mentioned, shuga.co might be communicated to. On top of visiting the site normally, I might do some light analytical collection when this happens. This is due to CloudFlare’s analytics, which uses your IP (Internet Protocol) address and the resource attempted to be fetched to collect anonymous, aggregated data. This data is used to protect shuga.co from denial-of-service attacks. Collected data includes:

• Country of request origin

• How many threats are flagged in a given country

• How much traffic was served over HTTPS

• User agents for suspected bots and crawlers

  Note: any information in user agents of bots might be logged. Keep this in mind if you need to scrape shuga.co.

• What file type was accessed (whether it was a .JS file, a web page, or a .PNG)

• How many requests are made by all users combined

• How many requests are made by unique persons

This data is made accessable for up to thirty (30) days. After that, I lose access to it.

In addition, data might be stored on your device this includes:

• Cookies: CloudFlare will put a cookie associated with any Shuga site.

• Cookies and localStorage: Some data might be stored to improve your user experience.

  Example: Saving in OpenSkin Editor

Article 3: Third Parties and Social Media

• Shuga reserves the right to share any aggregated data generated by CloudFlare as explained above with third parties without any compensation. None of this data is personally identifiable.

  Example: Tweeting an image of how many requests I got in a period of time, or statistics that show what counties use specific services.

• Shuga does not have any data stored on any specific users of my services. Most of my projects will store any data locally on-device. I do not have access to that.

  Exception: Any data put into your user-agent might be shared if it has been identified as a bot or crawler. This is saved for thirty (30) days.

• Shuga frequently uses third-party APIs, CDNs, and utilities. This includes anything from the National Park Service API (as seen on ShugaBot) to Google Fonts (as used on this page). Shuga does not track you with these APIs, but they may be subject to their own privacy policies.

Article 4: Freelancing, Commissions, and Private Messaging

Please note that that freelancing services are no longer being offered as of June 2019.

• Shuga reserves the right to store any generated works or transferred communications indefinitely.

  Example: storing final products of commissioned works on the Shuga server for re-downloading

• Final products created as the result of a commissioned work may be shared on social media by Shuga.

  If you do not like this, you can request that you do not want the final product shared (opt-out).

• Messages sent as a part of paid work will not be shared without the commissioner’s permission. However, if you message me in a less formal or personal manner, these messages may be shared, including your username.

  If you do not like this, you can request that a conversation be confidential (opt-out).

• All created products will be stored, associated with your name or Twitter handle, in an organized folder on Shuga’s computer.

• Completed works, which are served on https://shuga.co/comm, will store files with filenames that are entirely consiting of, or are appended by, a random string of characters.

• Further information on client work may be found on the current version of the Shuga pricing poster, located at https://shuga.co/pricing.png.

Article 5: Requesting Your Data

If you wish, you can request a copy of all of your data. To do so, contact [email protected], and I will send you a copy of your data in five to seven business days.

You can expect the following to be returned:

• Any ordered works you commissioned

• Twitter conversation logs

  Notice: Group conversation logs may be deleted. Any deleted communications will not be sent.

• Discord conversation logs

  Notice: This only includes personal communications. I do not solely operate any servers, but do moderate some.

• Any email messages sent to Shuga, including headers

  Notice: Any deleted communications will not be sent.

• User agents that might belong to a scraper or boy you run

  Notice: This will only be done if your scraper or bot has been flagged as such by CloudFlare and it has been less than thirty (30) days since its last flagging.

• Any ordered works you commissioned

Article 6: Law Enforcement Data Requests

I reserve the right to give any data I have to law enforcement, given that a proper warrant was issued.

Shuga is based in the United States of America, as is CloudFlare and GitHub (who operates the shuga.co servers).

As of 2019-07-25, Shuga has not shared any data with authorities.

Conclusion

I try to minimize as much tracking as possible. I do not use Google Analytics. I do not have databases. I do not have any walled gardens that require a log-in to access. This helps us save operation costs and help you control your data.

If anything in this document seems inaccurate due to a forgotten legacy project, a bug, or an oversight, please contact us at [email protected] or heyitsshuga [at] shuga [dot] co if you plan on using PGP.

I reserve the right to update this at any time. All Privacy Policy updates will be published on the official Shuga Twitter page.