Privacy policies basically amount to statments of intent. The idea of online privacy is pretty meaningless—unless you've got some way to make sure your providers, carriers, and governments aren't collecting everything you do, good luck with privacy before we even get to things like Google, Facebook, advertising networks, and malware. But here are the privacy implications this site and my Second Life thingamajigs anyway.
Last updated May 19, 2018.
Public pages and services on this Web site don't log anything. Not even the standard "Web log" info like your IP address, browser info, and the items you've accessed. No cookies are set or retreived, nor do we use technologies like pixelbugs. No access information is shared with any hosting providers, advertising networks, or third parties.
If you log in to this Web site with a username and password (e.g., you're helping me write questions for Teh Globe or something) then the site sets a cookie and logs standard HTTP access information, including the IP number from which you're connecting, the items you've accessed, and your browser info. Honestly, I'll probably never look at it unless there's a problem but it is being collected, compressed into a passworded archive every week, then tucked away.
Teh Globe collects no direct information about any Second Life users. In-world, Teh Globe keeps track of who's playing at any given moment to award points and whatnot, but that information only exists during the course of a game and is neither stored nor transmitted in any way.
Teh Globe communicates with my offworld databases and services to retrieve questions and other data. Again, no information about players is transmitted or collected.
Teh Globe does use Shared Media/media-on-a-prim in Second Life. If the media exists on lounetizen.com, no information about the requests is logged (just as with public Web access, above). If the media is on another site (most likely Wikipedia) access is subject to the privacy and access policies of those sites. Currently Wikipedia is the only site other than lounetizen.com from which Teh Globe will load remote media.
Kyrie logs no information about questions, responses, or requests from users—that information is treated the same as public Web access, above.
A few of Kyrie's features require persistent per-user settings: right now those are limited to news subscriptions and customised teleport locations. Those settings are encrypted in-world using AES encryption, and that encrypted information is stored offworld. When Kyrie needs the info, it retrieves the encrypted data and decrypts it within Second Life: the clear data is never transmitted to/from Second Life.
Even if encrypted user data is somehow accessed illegitimately or stolen, it would take an attacker quite a lot of brute-force computing power to decrypt it, and even then all they're going to get is a short list of news sources and custom teleport locations a user may have set up. And, unless that information is especially revealing, they won't have any idea whose information it is: no usernames or other identifiers are associated with it. Even as the developer, I can't unwind the data to figure out what belongs to who.
Kyrie's "greeting" function (that enables it to comment on avatars and their outfits) relies on a custom database of anonymised avatar and attachment information (see "LouBot," below). No information in that database can be associated with a specific Second Life user, and attachment names are not stored in clear text. There is no public access to the database, and Kyrie itself does not contain a scanner that feeds the database.
I operate a bot account on the Second Life grid under the name LouBottin. The bot's profile clearly identifies it as an automated avatar and provides contact information for me.
Put into words, the data collection may seem like a lot, but the amount of information accessed by LouBot is a tiny fraction of the information sent to every Second Life viewer when a resident enters a region normally. In other words, far, far more data is available to any avatar in the same location at any time.
LouBot operates autonomously (there's no one "driving" the avatar) and LouBot will not respond to local chat or IMs, although it is rare LouBot will be operating if I am not also online. LouBot tries to stay out of the way: it makes every effort to teleport into sims at a very high altitude and "drift" above the 4096 meter altitude limit on building. However, set landing points, no-fly options, and other factors can prevent that from happening. LouBot does its best to detect and honour security devices/security orbs. If LouBot gets in your way, please feel free to ban it: there are plenty of other sims where it can go. I am happy to exclude specific sims from LouBot's wanderings. If there is a problem with LouBot, please try contacting me directly.
Several products use a custom updater system to get new versions to users if I ever have to issue an update for a product. Those updaters rely on an in-world server; the only data that goes offworld is (encrypted) product and version information, and Lou Netizen's avatar info. No user or customer info leaves the Second Life grid.
The Dice Popper and RPG Dice Popper do not use offworld services and have no privacy implications outside Second Life.
The ALS Pocketwatch and Monocles do not use offworld services and have no privacy implications outside Second Life.