What Information do we Collect?
We collect the minimum amount of information required to present statistics about a given event. You do not need a user account to submit a test report (only to create and manage events) and if you have one, your reports are not linked to your user ID in our database (the are linked to an event, and the event is linked to the event creator's account). Your email is only used for contacting you for administrative purposes and first-party advocacy and newsletters provided you did not opt-out. We will not sell or gift away our email list, though if AFTERPARTY–19 is transferred to an organization as a whole, the definition of first party changes to that organization.
What do we do with your information?
Information you provide to the website may be used to anonymously analyze trends in COVID–19 spread, website usage, and mitigation usage. This may be provided to researchers with user account information (such as your username and email) removed. AFTERPARTY–19 authorized personnel may access the database in full for administrative and data analysis purposes, but will not share personal information externally.
Where is AFTERPARTY–19 hosted?
The application is hosted in the United States.
How do we protect your passwords?
We use the argon2id hashing algorithm with a unique salt per an account and only store the result in the database.
How do we protect your codephrases?
Codephrases are used to link follow-up COVID–19 Status Reports to the original report without requiring an account. While we provide a suggested meaningless codephrase, some people might choose to use a memorable one that contains personally identifiable information.
Codephrases are not stored in our database in plain text. They are hashed with argon2id and a unique salt per an event. This means the same codephrase will result in the same unique identifier for each event, but the same codephrase cannot be linked across events.
What happens when I delete my account?
When you delete your account, your password hash and email are erased and your account is marked deleted. Events you created will also be marked deleted and are inaccessible from the app. Data will still exist in the database.
What happens when I delete an event?
The event will no longer be accessible in the app and will be marked deleted in the database, but the data will still be there.
We use a self-hosted Matomo web traffic analytics instance to enable visibility into the web service. This ensures that visit information is shared only with us and is not aggregated into a larger corporate tracking intiatives. The application is set to be compliant with the French CNIL exception.
I have a question not answered here
Reach out to us at email@example.com. Maybe we can help!
Last updated November 12, 2023.