For the safety of this website and its users, we collect and process the following information:
IP Addresses: Your IP address is hashed (anonymized) using SHA-256 for standard verification. If multiple failed login attempts occur, the raw IP address is temporarily stored in a security log to prevent brute-force attacks.
Sessions: We use a temporary session cookie to track whether you have passed the human verification check. This cookie expires after 24 hours of inactivity.
The data collected is used strictly for security purposes (Anti-Abuse and Bot Prevention) under the "Legitimate Interests" provision of the GDPR.
Temporary Logs: Hashed and raw IP data in our security logs are automatically cleared or reset every 24 hours unless a permanent block is issued due to malicious activity.
Permanent Blocks: If an IP is identified as a persistent threat, it may be permanently added to a server-level blocklist (.htaccess).
As this data is used for security and is largely anonymized via hashing, it does not typically fall under personal identifying information. However, you have the right to inquire about data stored regarding your IP address if you believe you have been blocked in error.
Pursuant to GDPR Article 6(1)(f), processing your IP address is necessary for our legitimate interests in maintaining the security of our website, preventing unauthorized access, and mitigating Distributed Denial of Service (DDoS) attacks.
We do not sell, trade, or otherwise transfer your information to outside parties. All security logs are stored locally on our own server.
If you have questions regarding your data or wish to request the removal of a server-level block, please contact: The Captain.
We reserve the right to retain and disclose any information, including raw IP addresses and access logs, to comply with valid legal processes, subpoenas, or government requests. Data that would normally be deleted may be preserved indefinitely if it is deemed relevant to a legal investigation.
We maintain a zero-tolerance policy for malicious activity, including but not limited to:
In cases of severe or repeated abuse, we may proactively report the offending IP address and associated activity logs to the relevant Internet Service Provider (ISP) and/or law enforcement authorities.