Data Security and All Virtual Services.

How we secure your data and prevent unauthorised access, How we store your data and how we handle your data

Why this blog?

We have decided to create this blog for several reasons, one being to give you peace of mind over your data.

How do you store our data?

We store all your data in our database system, we use a mysql style database system, our system is a complex system with read/write splits, backup system and also a replication system to make sure our site runs smoothly. This whole system is separate to our web server which holds the pages on.

What security measures do you have in place for our data?

We have a secure system in place to protect your data, although we have a multi-database system where we have several databases working as one, we have security built into this system, our database system is set up with a single point of entry to our database servers, we use our main companies database solution which gives you one server for all database queries to go to then decides which database server it needs to go to, to perform the query, the other databases can only be reached via our networks internal ip, so no other outside connection can connect to the databases that actually hold any data, the external ip for all the databases are deny on all ports. the server that does the query checks and provides the data has a built in security feature to deny all connections unless in the whitelist of connections, which means that only select ip addresses can access the server, be it via ssh or via the mysql port, so this restricts the access to only a select few systems, meaning that viewing any data on the server is restricted, the ip's that can access the server is the web server, where this site is hosted, my business pc (which is on a static ip address from the internet service provider) and also our vpn server which only I have access to. any other IP addresses will be denied access to the server. all connections to the site are in https or SSL, all connections to our database server system are through SSL, we use SSL throughout the who system, there is not one section that is not under SSL or https connection.

What Data do we hold and why?

We hold a range of data about you, but this is only what you provide, we hold your name (be it avatar or real name), date of birth (be it your real date of birth or just one you provided), your PayPal id (this is only collected and used for payments, be it you paying for advertisement or any features we may add as a paid subscription), and any data you provide in your posts profile etc we hold this data as you provide it to the public and also provide it for people to see depending on yoru settings.

What do we do with your data?

We store you data to help us provide you with better services, any data we hold about you, you can delete by deleting it in the set fields on your profile, and also posts, you may also delete your whole profile which will mean all data will be deleted, and will NOT be able to be recovered. we will never sell your data to anyone, we will not pass your data on to any services that violate our terms of services or data policy, any data we provide to any other service will be non-identifiable data, the general data we would provide would be for erxample the site has 17 males and 17 females, 10% live in the UK and 90% live in the USA, the age ranges are from 31 - 98, this is isd the sort of data we will provide to other services for to help improve our services, people with in the site, or people who look at your profile, can see information that you set in your profile and your profile setting, you are responsible for setting this to your needs. 
We will be providing soon an API system where you or other services can create apps so that you can do things, these apps may access your data and access your infomation, aswell as access your posts and post on your behalf, although at the time of writing this there is very limited API access, the apps will ask for perminssion to access information, and you will hyave the option to grant it or not, the api system, although is still in development, will have in place where it will give you information on what it wants to access and what it can do. All Apps will have to abide by terms and privacy policies and will have to have there own that will comply with our policies.