Privacy Policy

Privcay Statement

Propoodle was designed with a strong focus on personal privacy. The following axioms hold for all data entered into Propoodle:

  • No data is exchanged with third parties.
  • Data entered and saved on the server is used only for the purpose of providing and improving the voting service.
  • All personal data entered during the life-cycle of a poll is deleted within a week after the expiration date of the poll.

To improve the service, I use a self-hosted instance of the open-source web analytics tool Piwik. Piwik allows me to collect usage data without giving up control of that data. Piwik anonymizes all IP-addresses by setting the third and fourth number to zero. Furthermore, Piwik honors the Do-Not-Track Header, allowing you to opt-out of contributing to the analytics on via your browser settings. However, please keep in mind that as a developer, I depend on these data in order to improve your experience when using the site.

Propoodle uses cookies to provide the polling service and in order to recognize a returning user when collecting web-analytics via Piwik.

Privacy vs. Security

To allow for a streamlined user-experience, Propoodle neither requires nor allows the user to login at any point. Authentication is solely performed on the basis of personalized URLs that contain a key. These keys are generated by randomly selecting 32 characters from an alphabet of 64 characters (allowing for repetitions).
There are approximately 6 octodecillion (a six with 57 zeros) possible keys. It is very unlikely that an attacker will be able guess an existing key in his or her lifetime. However, there is no guarantee that an attacker does not guess your key on his first attempt. Of course, the same is true for all of your passwords.

In contrast to passwords, the personalized URL used by Propoodle is not treated as a secret. It appears in your browsers address bar, is saved in your browser history and is sent in plain text in invitation e-mails. There is a risk that an attacker, who, for example, has access to your browsing history or is able to monitor your outgoing traffic, is able to access your Propoodle. In this case, the site can not guarantee the safety of your data. It is your responsibility to mitigate this risk. Handle and distribute the personalized URLs, through which access to polls on is granted, with care!