"We", "our" and "us" refers to whatever.social's maintainers and/or
developers. "You" refers to you as the user of our services.
Whatever Social is committed to giving users more control over their digital life. This is why we take steps to help ensure we are providing a private and secure experience while you browse your favorite social media and services. This policy outlines important details such as what we store, what you will need to consult third parties for, and situations where we cannot protect you.
This policy applies to all Whatever Social's sites, found at https://whatever.social and all its subdomains. Some sections of this policy may be specific to one of our services, in which case it is specified. By using our services, you are agreeing to this policy.
Last updated: October 1, 2023
While visiting our sites: The logging done on our sites is minimal to keep the experience
private. The primary surface of our logging is in NGINX (A service that we use on our server), where logs kept disabled.
However, this may not always be the case. In the event of a critical system error or an attack
on our services, such as a DDoS, it may be necessary to temporarily enable logs to diagnose and
remedy the issue. In scenarios such as these, logs will be purged as soon as the issue is dealt
with. If you are found to be engaging in activities that harm our services, such as spamming,
DDoS or brute-force attacks, your IP address may be stored permanently to protect us, our
services and other users of our services. View the "Law Enforcement" section of this policy to
see how we may be forced to enable them in other situations. An NGINX log, in the duration that
its stored, may include your IP address, user agent, and a timestamp along with your web
request. See the "Third-parties providing Technical Services" section of this policy.
Information you provide to us: Usernames are stored for the services they apply to. Your e-mail address is received by us when you choose to contact us via e-mail. Your Session Messenger "ID" is received by us when you choose to contact us via Session. No other identifiable information is provided by you to us.
Information we share: Your information is not shared with other entities, except in the cases outlined in the "Third-parties providing Technical Services", "Third-parties providing Payment Services", and "Law Enforcement" sections of this policy.
In the event of a subpoena, court order, other legal process, or to exercise our legal rights
and/or to defend against legal claims, we may be forced to give applicable information with
third-parties. Our sites hosted on our whatever.social domain operate on a server in the United States which is subject to New York and US Law, on a server in Germany which is subject to German Law, and on a server in The Netherlands which is subject to Dutch Law.
View the "Personal Data" section of this policy and our Transparency Report.
On https://watch.whatever.social, fonts may be loaded from https://fonts.kavin.rocks, which operates via Cloudflare Workers.
We rely on Teespring to handle purchases, production, shipping and related processes, found on "shop.whatever.social". Teespring collects analytics, which cannot be disabled from our end. View their privacy policies Here  and Here  to learn more.
We take the steps that we deem reasonable to protect your data from unauthorized access and distribution, and from loss of data. For example, we use SSL/TLS to transmit data to you in an encrypted format, and provided passwords are hashed for the services that require user accounts.
On the services that you can delete your user account, database backups will continue to hold your information for up to 30 days.
We do not knowingly collect personal information from anyone under 13 years of age. If you are aware of someone under the age of 13 using our services, please report them to firstname.lastname@example.org (PGP Public Key here). If we are able to find any information relating to that person, it will be removed.