To obtain the Markdown source of this document, go to /legal/privacy.md.

The uMIS Privacy Policy

Last Updated: 15th of November, 2025

Written: 30th of October, 2025

1. Introduction

The uMIS Social Platform ("uMIS", "we", "us", "our") respects your privacy. This document explains what information we collect, how we use it, and your rights regarding your data when using the Platform.

2. Data We Collect

We collect a minimal amount of personal and activity data necessary to operate the platform. This includes:

2.1 Account Information

Username.
Hashed password using the Bcrypt algorithm.
Hashed API token (if generated).
User settings.
NSFW visibility preferences.

2.2 Content and Interactions

Umists (posts) content, creation and edit timestamps, NSFW flag.
Comments and reactions on others' Umists.
Sent and received messages (including timestamps and read status).
Social graph, follows between users.

Note: uMIS uses AES-256-GCM for message encryptions and RSA-4096 for key exchange, ensuring messages cannot be read by anyone else, including uMIS staff.

2.3 Activity Data

Last login timestamp.
Account creation timestamp.
IP addresses or device fingerprints are not stored.

All data is stored in our secure database, with strict access controls.

3. How We Use Your Data

To provide and maintain the uMIS Social Platform.
To enable social interactions (posting, commenting, messaging, reactions, following).
To authenticate and authorize uMIS.
To enforce platform rules and policies.
To improve user experience and the platform performance.

We do not sell your data to third parties, and never will.

4. Data Security

Passwords are stored securely, hashed using the Bcrypt algorithm.
API Tokens are stored securely too, hashed using the SHA256 algorithm.
The following and followers counts are hidden by default; users can enable their visibility in settings.
Every piece of data is transmitted over secure HTTPS connections. Access to user data is limited to authorized personnel only.
While we implement industry-standard security measures, no service can guarantee complete protection. The uMIS Social Platform is designed to reduce the risk and increase the difficulty of unauthorized access.

5. Data Retention

When an account deletion occurs, the data is immediately removed from our database.

6. User Rights

Users have the right to:

Access all their account data.
Delete and correct their stored data.

In any violation of these rights, inquiry or criticism, contact contact@new.umis.juanvel400.xyz.

7. Cookies

uMIS uses cookies to store session identifiers associated with the user's server-side session. Each cookie is a unique token, regenerated on every session, and must be kept secure to prevent hijacking.