NATION

PASSWORD

Privacy Policy

Last updated: June 1, 2018

This policy explains how NationStates uses information that it collects from you.

NationStates aims to comply with US privacy law as well as the European Union's General Data Protection Regulation (GDPR).

What information does NationStates collect from people who visit our website?

We may collect:

When does NationStates collect information?

Your IP address is recorded whenever you visit any page.

Your UserAgent is recorded when you log in.

Your e-mail address is collected if you choose to supply one during registration (i.e. nation creation) or if you enter one later via your Settings.

Cookies are used when a registered user logs into the site.

Why does NationStates collect this information and how is it used?

We use this information:

  1. To provide basic site functionality

    Cookies are essential to maintaining a login session. They must be enabled so the site can remember that you are logged in. Our cookies don't contain any private information and only store the name and/or session key of nations you have logged in. They also support "autologin" / "Remember me" functionality, which is an optional setting that allows you to skip entering a password each time you visit the site.

    If you provide an e-mail address, this is used to verify that address, to support password recovery ("Forgot my password"), and (optionally) to send you a reminder if your account is scheduled to be deleted for inactivity.

    Beyond this, site moderators may use the information to unravel disputes over account ownership, or to help verify the legitimacy of a request to reactivate an old account.

  2. To protect the community

    Site moderators frequently block or ban people for violating site rules, such as attempting to spam, harass players, or post obscene content. For such bans to work, we must be able to identify those people as they attempt to return to the site. We do this by comparing information such as IP addresses to that which we have recorded as belonging to banned users.

    Similarly, moderators may use this information to identify the source of problems when a person uses multiple accounts to conceal their activity.

    In these cases, we retain relevant information as long as we believe the problem user represents a danger to the community, as indicated by the severity of the behavior and the frequency with which the person attempts to circumvent our bans. We will remove the information within eight years of the most recent contact.

  3. To uphold a "one player, one World Assembly nation" rule

    The World Assembly is an optional organization within the site that relies on a principle of one vote per member. In order to enforce this, we use collected information to perform algorithmic matching in order to detect when one person appears to be cheating by operating multiple World Assembly nation accounts.

  4. To manage Store disputes

    We don't retain any personal information associated with store transactions. But if you make a purchase using PayPal or Stripe, those organizations will record data. You can find the privacy policy of PayPal here and Stripe here. A NationStates super-admin can use those sites to look up details of NS transactions, which may include some personal information such as your name, location, and purchase method. If you ask those organizations to delete your personal information, we can no longer see it.

  5. To perform basic analytics

    We use aggregated data to generate internal and Google Analytics reports on the numbers of people using the site, their geographic spread, the relative popularity of different browsers, devices, and operating systems, and so on. More on Google Analytics.

  6. To serve advertising

    We are ad-supported and allow third-party ad networks such as Google AdSense to place advertisements on the site. We do not share any of your information with these networks. However, they are capable of independently recording your IP Address and using cookies to track how often you view their ads.

  7. To allow account recovery

    NationStates was founded in 2002 and has a rich community history. To allow users to return to the site and revive their nations even years later, and for this purpose only, we retain e-mail addresses for up to eight years. After this, all information is scrubbed, and the account can only be reactivated by password.

  8. To provide backups

    Our systems are regularly backed up against data loss, and these backups may include information such as e-mails and IP addresses associated with nations. Backups aren't accessed at all under normal circumstances, and cannot be viewed by moderators. They are purged after three years.

Who can see my information?

Site moderators can view IP Addresses, UserAgents, and e-mail addresses associated with an account. When they view such information, their actions are logged.

How does NationStates protect visitor information?

NationStates employs SSL (aka HTTPS) so that all communication between your device and our servers are encrypted.

User passwords are encrypted and never stored in plain text.

Moderators and administrators are trained in dealing with personal information, and whenever a moderator accesses such information, this access is logged in a way that is visible to all other moderators and administrators.

Does NationStates use cookies?

Yes. Cookies are small files that a site or service provider transfers to your computer's hard drive through your browser (if you allow) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Each browser is a little different, so look at your browser's Help menu to learn the correct way to modify your cookies.

If you disable cookies, it is impossible to remain logged in. You can only browse the site anonymously.

Right to Erasure

You may request that we erase from your account all information we have collected from you: your IP addresses, e-mail addresses, and UserAgents. You can also request to view all the information we have collected without erasing it. In either case, please use the Private Info page. If you have questions, you can also file a Getting Help Request.

If you operate multiple accounts, you must make one request per nation.

It may take a few days to erase all your information.

We may refuse requests in special cases where information must be retained for essential operation of the site; for example, if a person who is banned from the site wants their identifying information erased.

Third Party Disclosure

Under normal circumstances, NationStates doesn't sell or transfer any of your information to outside parties. However, we may do so when we believe it is necessary in order to comply with the law, respond to a real-world threat or personal emergency, or protect ours or others' rights, property, or safety.

In the event that ownership of NationStates transfers to a third party in the future, said party will be bound by these same conditions, and be required to notify users in advance should they wish to alter them.

In-Site Disclosure

We don't disclose your personally identifiable information via forum post or any other kind of in-site communication to other users. For example, moderators are not permitted to inform users of another user's IP address or e-mail address.

A user may sometimes post their own information (IP address or e-mail address) in order to seek technical help. This is not recommended, and we instruct users to use a private channel instead (the Getting Help page).

Non-Personally Identifiable Information

We may disclose non-personally identifiable information we collect; in particular, under some circumstances we may disclose publicly that particular nations are connected—operated by the same person—while not personally identifying the owner.

This is done in order to enforce site rules and etiquette, e.g. to combat "puppet wanking," when a person posts from multiple accounts in order to promote the false impression that many people agree with them.

Submitted Content

Users can voluntarily post content to NationStates in a variety of ways, such as:

All such content can be viewed by moderators and/or administrators.

With particular reference to telegrams, NationStates assumes a high but incomplete level of privacy. Our policy:

Google AdSense

NationStates uses Google AdSense to display ads to most visitors. You can view Google's main Privacy Policy and their more specific Advertising Privacy Policy. Google lets you change your ad preferences via Google Ad Settings.

NationStates has implemented the following:

You should know that:

General Data Protection Regulation (GDPR)

We support the GDPR. In particular, as of May 25, 2018, you can request a list of the information we have collected about you, and request that this information be erased (see: Right to Erasure).

California Online Privacy Protection Act

CalOPPA is the first state law in the US to require commercial websites and online services to post a privacy policy. The law aims to reach beyond California to require any person or company that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. More information is available here.

In accordance with CalOPPA, NationStates agrees that:

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under 13, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the US consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.

NationStates does not specifically market to children under 13.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In line with Fair Information Practices, NationStates will take the following responsive action, should a data breach occur: users will be notified via a message posted on the site within seven business days.

NationStates also agrees to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial e-mail, establishes requirements for commercial messages, gives recipients the right to have e-mails stopped from being sent to them, and spells out tough penalties for violations.

NationStates does not send any advertising or promotional e-mail messages. If you supply your e-mail address, it may be used:


If at any time you would like to unsubscribe from receiving future e-mails, you can
:

Contacting Us

If there are any questions regarding this privacy policy, or you require help, you may contact us:

Terms & Conditions

If this document has left you wanting more, you may enjoy our thrilling Terms & Conditions.