What information do we collect and why do we collect it?
The following pieces of information are collected: e-mail address, IP address, username, password, command history, and some in-character information, including character statistics and name. The website collects only your IP address and the address of the page you visited.
What we use them for:
- Your e-mail address and IP address are used to verify your identity and to prevent multiple characters being controlled by the same person.
- Your e-mail address will also be used to notify you if your character is about to be purged (deleted). You can opt-out of purge e-mails with the GENERAL-OPTIONS command in the game.
- Your username is used to link your out of character identity to an in character entity.
- Your password is used to verify that you are who you say you are.
- The command history is used by the automatic anti-script mechanism to ensure that you aren't command stacking. It is also used to settle disputes about scripting and command stacking.
Your password is stored as an irreversibly encrypted (meaning we don't have a decrypt function) string in the database. At no time throughout your entire Toastsoft.net visit will your password be visible in plain text by an administrator. When you connect to the MOO server, it will prompt you for your password. Once you input it, the server will encrypt what you just entered using the salt from your stored password. If the passwords match, you will be allowed to login. No comparison of your plain text password is done and your plain text password is not recorded anywhere.
Your username, e-mail address, and IP address are all stored in an area of the database that only game administrators (wizards and above) have access to. Administrators on Miriani follow three levels: Builders, Programmers, and Wizards. Builders do not have access to any of your personal information.
Who has access to my personal information?
The only people who have access to your information are the hosts (administrators) of the Toastsoft MOOs. At no time will we ever sell this information or share it with anybody else (unless your e-mail is suspected of being disposable, at which time the domain name may be checked against an anonymous database of known disposable e-mail sites). Naturally, we try to keep our server as secure as possible, but there is no such thing as absolute security. There is always the remote possibility that a malicious user could gain access to the MOO and retrieve information. If we see any shred of evidence of this, we will notify the users immediately and advise them to change their passwords and take any appropriate steps. We also cannot guarantee that no malicious users intercept your information as it is transmitted from your computer through various ISPs and routers to our server. To help protect against interception, we offer Transport Layer Security (TLS) connections on port 1443 for clients that support SSL/TLS.
How about my privacy within the games? Am I safe to talk about how much I hate the hosts?
As Miriani is a privately owned and operated game, staff members may monitor players from time to time. You will not be constantly monitored unless you are suspected of breaking policy, but your privacy can not be entirely guaranteed. However, your password will never be revealed to staff or players, and your personal information will never be revealed to players, barring a successful outside attack on the server. Your e-mail address will also never be sold or used for advertising purposes.
Administrators have the right, but not the obligation, to monitor any and all activity including, but not limited to: Logins, disconnections, public chat channels, private chat channels, activity in any room, inventory and monetary exchange, store purchases, tradesman certificate exchanges, and general environment activities.
Does this policy ever change?