Open source item tracking for all geocaching platforms

Privacy statement

Our Privacy Policy was last updated on Aug 1, 2023.

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service.

We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

The types of personal data we use

We collect and use the following information about You:

Your profile information. You give us information when You register on the Platform, including Your username, password (cyphered), email address (cyphered), your prefered language, we also keep date and ip address used on registration.

User content and behavioural information. We process the content You generate on the Platform, including preferences You set (such as Your "home coordinates", prefered statpic template, daily mail delivery preferences, OAuth association with partners), information You disclose in Your user profile such as Your avatar. We collect the data You post to play the game (when You create a GeoKret, post a move log, post comments, upload pictures). GeoKrety creation: We store the name, mission, owner and holder. Move logs: We store the Geokret, move type, position, country, altitude, waypoint, author, comment, application and version, date. Move comments: move id, author, comment, commet type, date. News comments: news id, author, comment. Uploaded pictures: file, author, geokret/move/user, picture caption, date. Races: organizer, password, title, description, race parameters (such as type, target). Races participants: GeoKret id, race id, move location, date. Based on Your usage of the Platform, We store username changes, yearly ranking statistics, awards won, messages sent between users, owner codes usage, the watched GeoKrety, news subscriptions.

Tracking Technologies and Cookies. We collect anonymized browsing usage via Our own instance of Matomo, You may opt-in on registration, opt-out from Your profile or configure the "Do Not Track" feature in Your browser. We store generic internal statistical counters of Platform parts usage (such as served pages count, actions types counts, rate limits and multiple internal counters). We store audit logs (for 90 days) and audit posts (for 90 days) about actions made on the Platform. We store User authentication history (for 120 days). We use only essential Cookies on the Platform to keep Your session alive between page loads, and allow GeoKrety Tool Kit (GKT) to work. On connection to the Platform, You may choose to check the "Remember me" option to stay connected for 30 days, this will keep the "PHPSESSID" cookie in Your browser for that period of time.

How do we use information

GeoKrety.org may use Personal Data for the following purposes:

  • To provide and maintain our Service, including to monitor the usage, analyze trends of our Service.

  • To manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.

  • To contact You by email regarding updates or informative communications related to the functionalities, when necessary or reasonable for their implementation.

  • To contact You by email regarding Your GeoKrety activity, watched GeoKrety activity, news subscription activity, based on Your preference about "daily mails".

  • Audit logs (for 90 days) and audit posts (for 90 days) are kept to monitor data send to our servers in order to detect Platform attacks or help dignose issues. This excludes posts for pages requiring user's credentials (such as /auth).

  • We store User authentication history (for 120 days) in order to allow You to monitor the login activity on Your profile.

  • Rate limit counters are used to prevent service usage abuse. Activity is kept for:
    API_LEGACY_MOVE_POST => 1 day
    API_LEGACY_PICTURE_PROXY => 1 day
    API_V1_CHECK_RATE_LIMIT => 1 day
    API_V1_LOGIN_2_SECID => 1 day
    API_V1_EXPORT2 => 1 day
    API_V1_EXPORT => 1 minute
    API_V1_EXPORT_OC => 1 minute
    API_V1_REQUEST_S3_FILE_SIGNATURE => 1 day
    API_GKT_V3_SEARCH => 1 day
    API_GKT_V3_INVENTORY => 1 day
    USERNAME_CHANGE => 1 month

How is collected information kept safe?

We maintain physical, electronic, and procedural safeguards to protect the confidentiality and security of your personal user data and other information transmitted to us. For example, we encrypt your email address. If not all requests from you to the server are created over a secure connection (HTTPS). However, no data transmission over the Internet or other network can be guaranteed to be 100% secure.

Apps, websites, and third-party integrations

When You choose to use third-party apps, websites, or other services that use, or are integrated with GeoKrety.org, they can receive information about what You post or share. For example, when You share Your "secid" with third-party, You allow them to read Your own inventory and post move, move comments, pictures using Your identity. Information collected by these third-party services is subject to their own term and policy, not this one.