Protecting the personal information collected by SteemLogin is of paramount importance to us.
We limit the amount of collected information to its strict minimum and store on our server only what is necessary to operate the service.
Upon first use of our service our users are asked to enter their Steem username and posting key.
Those details are then stored within our Cloud Firestore database so that this information can be returned to the client upon future authentications.
Under no circumstances will stored Steem usernames and posting keys willingfuly be shared with third party individuals or organizations.
Some personal information is exchanged between SteemLogin and authentication providers during the authentication process.
This includes email adress and authentication tokens providing limited use of service with those authentication providers.
This information is forwarded to the clients upon successful completion of the authentication procedure.
The following sections provide detailed information about how we collect and use your personal information.
Personal information collected by SteemLogin
Steemlogin collects the following personal information during the authentication process:
- Steem username
- Steem private posting key
- Email address, display name and provider identity returned by the authentication providers
Information stored within our server
SteemLogin only stores the Steem username and private posting key in a Cloud Firestore database.
An irreversible hash is used to uniquely identify users from their email address.
This avoids the need for storing email addresses within the database.
Personal information stored within the client (e.g. browser)
SteemLogin does not store any information within the client application.
This includes any information stored within local storage, cookies or indexdb database.
How we use your personal information
The personal information listed previously is provided to the client application which invoked the SteemLogin service upon successful authentication.
This information is transfered encrypted using HTTPs using an SSL certificate provisioned by Firebase.
How your personal information is stored
Your Steem usernames and private posting keys are stored within a Cloud Firestore database.
All information stored within the database is encrypted on disk and automatically decrypted upon retrieval by SteemLogin.
SteemLogin makes use of Cloud Firebase security rules to prevent anonymous and authenticated users to access personal information that is stored within records that they did not create in the first place.
Personal information sharing policy
SteemLogin will only transfer the personal information listed previously to the approved invoking application.
Under no circumstances will personal information be shared with other individuals or organizations.
Personal information removal
A user Steem username and private posting key can be deleted from SteemLogin at any time by accessing the following URL: https://auth.steemlogin.net?delete
As we do not keep any of our users' contact information, this change of policy would take place without notifications.
Help and further clarifications
Limitation of liability
SteemLogin owners shall not be liable for any loss, damage, theft or misuse of the personal information listed on this page.
SteemLogin does not hold any responsibility for the manner in which personal information might be used, misused or leaked by the approved client applications.