SteemLogin Privacy Policy

Protecting the personal information collected by SteemLogin is of paramount importance to us.

We limit the amount of collected information to its strict minimum and store on our server only what is necessary to operate the service.

SteemLogin acts as an authentication gateway between approved Steem applications (the "clients") and reputable authentication providers such as Google, Facebook, Twitter and GitHub.

Upon first use of our service our users are asked to enter their Steem username and posting key.
Those details are then stored within our Cloud Firestore database so that this information can be returned to the client upon future authentications.

Under no circumstances will stored Steem usernames and posting keys willingfuly be shared with third party individuals or organizations.

Some personal information is exchanged between SteemLogin and authentication providers during the authentication process.
This includes email adress and authentication tokens providing limited use of service with those authentication providers.
This information is forwarded to the clients upon successful completion of the authentication procedure.

The following sections provide detailed information about how we collect and use your personal information.

Personal information collected by SteemLogin

Steemlogin collects the following personal information during the authentication process:

  • Steem username
  • Steem private posting key
  • Email address, display name and provider identity returned by the authentication providers

Information stored within our server

SteemLogin only stores the Steem username and private posting key in a Cloud Firestore database.

An irreversible hash is used to uniquely identify users from their email address.
This avoids the need for storing email addresses within the database.

Personal information stored within the client (e.g. browser)

SteemLogin does not store any information within the client application.
This includes any information stored within local storage, cookies or indexdb database.

How we use your personal information

The personal information listed previously is provided to the client application which invoked the SteemLogin service upon successful authentication.

This information is transfered encrypted using HTTPs using an SSL certificate provisioned by Firebase.

How your personal information is stored

Your Steem usernames and private posting keys are stored within a Cloud Firestore database.

All information stored within the database is encrypted on disk and automatically decrypted upon retrieval by SteemLogin.

SteemLogin makes use of Cloud Firebase security rules to prevent anonymous and authenticated users to access personal information that is stored within records that they did not create in the first place.

Personal information sharing policy

SteemLogin will only transfer the personal information listed previously to the approved invoking application.

Under no circumstances will personal information be shared with other individuals or organizations.

Personal information removal

A user Steem username and private posting key can be deleted from SteemLogin at any time by accessing the following URL: https://auth.steemlogin.net?delete

Policy Modifications

We may change this Privacy Policy from time to time.

As we do not keep any of our users' contact information, this change of policy would take place without notifications.

Any change in our privacy policy will be reflected on this web page.

Help and further clarifications

All enquiries regarding our privacy policy can be submitted to our Discord server:
https://discord.gg/YrU9nsX

Limitation of liability

SteemLogin owners shall not be liable for any loss, damage, theft or misuse of the personal information listed on this page.

SteemLogin does not hold any responsibility for the manner in which personal information might be used, misused or leaked by the approved client applications.