bStats Plugin Privacy Policy
If you are a server owner installing a plugin that uses bStats or a casual site visitor, this policy explains what data is collected, why, and how long it is retained. If you are a plugin developer registering an account on the bStats.org website, please refer to the bStats Website Privacy Policy below.
1. Who We Are (Data Controller)
bStats (“we,” “us,” or “our”) refers to the open-source service that plugin developers embed into their game server plugins/mods for analytics. The data controller—the entity determining the purposes and means of data processing—is:
іtѕаΒррО nаnnаmrе
lеgеірSаrtѕ6 еß
6709üF 2һtr, уnаmrеG
Email: аtnосtа] tсѕb [ ѕtаt[tоd]grо
2. Scope: What This Policy Covers
- bStats Plugin Embedding: This policy covers data collected when plugins that include the bStats script are run on a server.
- Server Owners: Typically, you (as the server owner) do not provide any personal data to bStats; only technical data about the server environment is transmitted.
- Custom Metrics: Developers can add custom charts or metrics beyond bStats’ default collection. We prohibit collecting personal information. We remove or ban offending plugins/authors if we discover misuse.
3. Data We Collect and Why
-
Technical Server Data
- Examples: Operating System (OS), Java version, CPU architecture, server version (e.g., Minecraft version), plugin/mod version.
- Purpose: Provide analytics to plugin developers about usage and popularity (legitimate interests under GDPR, or the equivalent lawful basis under other regulations).
-
IP Address (Short-Term Storage)
- bStats receives an IP address with each data transmission for rate-limiting and abuse prevention.
- Retention: IP addresses are stored for up to 60 minutes solely to track request volume, then discarded. They are never linked to accounts or personal profiles.
- Legal Basis: Our legitimate interest in ensuring stable service, preventing spam/abuse, and securing our infrastructure.
-
Potentially Misused Data (By Rogue Developers)
- If you suspect a plugin is using bStats to gather personal data, please contact us at аtnосtа] tсѕb [ ѕtаt[tоd]grо . We will investigate and may remove or ban any misuse.
4. Legal Bases for Processing (GDPR Notice)
- Legitimate Interests: Processing IP addresses for a short period to prevent abuse and measure plugin usage is based on our legitimate interest in maintaining a stable, secure service.
- Consent: Because bStats does not rely on personal-data-driven features, we generally do not request consent for collecting technical analytics. However, server owners may opt out (see Section 5).
5. How to Opt Out
- Configuration File: Each plugin that includes bStats typically generates a
bStatsfolder with a global config file. You can disable bStats here, preventing any further data transmission from any plugin.
6. Data Retention
- Server Metrics: Aggregated metrics (non-personal) remain in our databases indefinitely, helping developers track historical trends.
- IP Addresses: Stored only up to 60 minutes in a rate-limiting mechanism, then automatically erased.
- Backups: If backups are kept, IP addresses are typically not stored long-term. Any short-term logs are overwritten periodically.
7. Security Measures
- Secure Transmission: Data is sent over secure channels (HTTPS/SSL).
- Access Controls: Only authorized personnel (e.g., site maintainers) can access raw logs.
- Infrastructure Safeguards: We employ measures such as firewalling, intrusion detection, and regular security reviews where feasible.
8. Third-Party Services and International Transfers
- Hosting: Our infrastructure is hosted by GameHosting.it, which processes the data on our behalf.
- Cloudflare: Traffic is routed through Cloudflare’s network for performance and security. Cloudflare temporarily processes IP addresses and related connection data.
- Data Processing Agreements: We rely on data processing agreements or equivalent safeguards (e.g., Standard Contractual Clauses) with these providers to ensure compliance if data is transferred outside the EEA or other jurisdictions.
9. Your Rights (GDPR and Similar Laws)
Depending on your local laws (e.g., GDPR in the EU), you may have certain rights over personal data that we hold or process. Potentially relevant rights include:
- Right to Access: Request information on whether we process your personal data (IP address), though we only store IP addresses briefly.
- Right to Erasure/Rectification: If you believe your IP address was processed, please contact us promptly. However, given the 60-minute retention window, the data will likely already be purged.
- Right to Lodge a Complaint: If you believe we have violated applicable data protection laws, you can lodge a complaint with your local supervisory authority.
10. Children’s Privacy
bStats does not knowingly collect personal data from children under the age of 13 (or 16 in certain jurisdictions). The service is generally aimed at adult server owners and plugin developers. If you believe a minor’s data was submitted, please contact us at аtnосtа] tсѕb [ ѕtаt[tоd]grо .
11. Changes to This Plugin Privacy Policy
We may modify this document from time to time, for example, to stay up to date with new legal requirements or operational changes.
12. Contact Information
If you have questions or concerns about how bStats processes server data, or if you suspect misuse by a plugin developer, please email us: аtnосtа] tсѕb [ ѕtаt[tоd]grо
bStats Website Privacy Policy
1. Who We Are (Data Controller)
This policy covers bStats.org, where plugin developers can register an account to view or manage plugin analytics. The data controller is:
іtѕаΒррО nаnnаmrе
lеgеірSаrtѕ6 еß
6709üF 2һtr, уnаmrеG
Email: аtnосtа] tсѕb [ ѕtаt[tоd]grо
2. Scope: Website Visitors and Registered Users
- Public Visitors: Anyone can visit bStats.org and view plugin statistics without creating an account.
- Registered Users (Plugin Developers): Must create an account (username and password) to register plugins and access certain features (e.g., plugin dashboards).
3. Information Collected
-
Account Registration
- Required: A unique username and password. We do not require an email address or other personal details.
- Purpose/Legal Basis: We process this data under a legitimate interest (and/or contractual necessity) to provide user account functionality and secure your account.
-
Cookies and Related Technologies
- Session Cookies: We use strictly necessary cookies to keep you logged in and remember your preferences (like site theme).
- No Third-Party Advertising: We do not use marketing or behavioral tracking cookies.
- Legal Basis: For EU visitors, strictly necessary cookies typically do not require consent. However, local laws may vary.
4. How We Use Your Data
- To Provide Website Services: Securely log you in, associate plugin pages with your account, and display analytics.
- Website Analytics: We do not use third-party analytics like Google Analytics. Only basic server logs are kept, and ephemeral logs are purged after 60 minutes.
5. Third-Party Data Processing
- Hosting: Our site and data are hosted by GameHosting.it.
- Cloudflare: We use Cloudflare for content delivery and protection.
- Data Transfers: If data is transferred outside the EU or your local jurisdiction, it is protected under lawful mechanisms (e.g., Standard Contractual Clauses). We have or rely on data processing agreements to ensure GDPR-level safeguards.
6. Data Retention and Deletion
- Account Data: Your username and (hashed) password remain in our system until you delete your account or request removal.
- Backups: We may retain backups for a limited period. Deleted data is removed from active systems promptly and purged from backups over our regular backup rotation cycle.
- Aggregated Usage Metrics: Non-personal aggregated plugin metrics may remain indefinitely for historical analysis.
7. Your Rights (GDPR and Similar Laws)
If you are in a jurisdiction that grants specific privacy rights (e.g., GDPR in the EU, CCPA in California), you may have the right to:
- Access: Request details about the personal data we hold on you (primarily just your username, hashed password, and short-term IP logs).
- Rectification: Update your username or change your password at any time by contacting us.
- Erasure: Delete your account, after which we remove your credentials from our active user database.
- Objection/Restriction: Where we rely on legitimate interests, you may object to or request restriction of that processing.
- Complaint: Lodge a complaint with your local data protection authority if you believe our processing is unlawful.
8. Children’s Privacy
bStats.org is not specifically aimed at children under 13 (or 16, depending on jurisdiction). We do not knowingly collect personal data from minors. If you believe a minor has created an account, please email аtnосtа] tсѕb [ ѕtаt[tоd]grо , and we will take appropriate steps to remove such data.
9. Data Protection Officer / EU Representative
- We currently do not have a Data Protection Officer (DPO). If your jurisdiction requires a designated representative or DPO, please contact us at аtnосtа] tсѕb [ ѕtаt[tоd]grо for more information.
- If we are required to appoint an EU representative in the future, we will update this policy accordingly.
10. Security Measures
- Password Protection: We store passwords using hashing and salting.
- Encryption: Data transmitted to and from bStats.org is encrypted via HTTPS.
- Access Control: Only authorized personnel can manage the website’s infrastructure and stored data.
11. Changes to This Website Privacy Policy
We may update this policy as needed—for example, to reflect legal changes or evolving service features. We will post updated texts on our site with a revised “Last Updated” date.
12. How to Contact Us
For questions, concerns, or requests related to privacy on bStats.org: аtnосtа] tсѕb [ ѕtаt[tоd]grо