We, Typed.sh team caring your privacy really important and always keeping the eyes on to service our content and products smoothly in high quality. However, there are some limitations on our policies and in this document, I am going to describe how your data will be processed in our system to ensure the safety of your data and info.
We're always improving this document to describe our service better! Please, feel free to contact if you have any question.
Data that neccessarily need to serve contents and products
It's actually impossible not to collect data in process time of the product to serve contents and products. However, what we can do is not to save those data that your web browser passed to us. We're saving minimal data about your browser metadata such as user agents and IP address used to connect to your services. These things are for identifying whether your traffics are bad or good and, in future we may analyzes the data to protect ourselves. Below is what your browser will send in most common cases and what we does.
What your devices and browsers will send
Your devices and browsers will send to website where you connect basically are:
- User-Agent, to provide better view of website, so we can deliver best options of contents over your device because this string includes data directly related to your device such as operating system, device model, and web browser version.
- Referrer, to tell where you're from, previous website URL.
- Accept-Encodings, to provide what compression methods your browser supports in order to reduce traffic cost and improve the data transaction speed between you and our services.
- Accept-Languages, to provide better view of website, so we can send you a website content in proper language.
Those data are called HTTP headers and your browser will send those stuffs every time when you connect to website as request to connect websites are always stateless that meaning we're not always connected, instead sending credentials and data every time. There are a lot of HTTP headers including non-standard names but in common case, your web browser should include those things. Also, not only HTTP headers and your browser, but also ISP(Internet Service Provider) and upstream network provider can log your activities by intercepting the traffics between you and our services. Unfortunately, we cannot provide a protection to you over those areas.
What we handle and collect from your data
However, it's not true that every data you sent will be handled and collected on our services because we're not tracking you. We can simply list what we do in below:
- IP Address, handled and saved to our systems, we use this to protect ourselves from online attacks by determining who is actual attacker.
- URL, handled and saved to our systems, we use this to protect ourselves* and analyze which posts are popular to provide better contents.
- User-Agent, handled and saved to our systems, we use this to protect ourselves* and analyze which devices are popular to see our contents to improve the view of our website.
Sometimes, to improve the view and speed of our services, we collects following additional contexts when you use our services:
- Response time to our sevices, handled and not saved over 3 months, to see what's impacting on the connection speed and what's distrubing from you to connect to our services.
- Time to first bytes, handled and not saved over 3 months, to see which thing impacted on your initial connection speed to improve access time to our services.
- Referrer, handled and not saved over a year, to inspect where you came from to improve the quality of the content we serve.
Deletion of handled and collected data
We're aiming to delete unnecessary logs and metrics which created while operating our services and accepting deletion request of the collected data from you to protect your data, security, and personal information. If you want to delete manually, please go to contact page and contact to us with information that can identify who are you to delete your log from our system. However, we're sorry to say that somedays and some periods, it is hard to perform deletion. For instance, when we collect the data to protect ourselves because of cyberattack. Also, if you don't provide the proper data that we can identify you from our system metrics, your request will be ignored.
Even you didn't request, we can perform deletion of our logs and metrics to save resources of our system if the logs are identified as unnecessary.
The technologies we use
We use containerd and related technologies to serve our services at best speed and quality. To describe more easy, let me say that there are some technologies to divide the service and metal. We trust those technologies but always watching the way that your personal information being handled inside of the technologeis we use. At this point, we're always checking latest security updates and news to protect you from potential data leak. You can check what we're using in below list:
- Linux, to host our services in sercure.
- Docker, to containerize our service data from metal machine for better service management.
- Nginx, to handle TCP streams and common HTTP and HTTPs requests in best performance as well. Protect ourselves in common cyberattacks.
- TC(Traffic Control), to effectly manage advanced network flow of internal server.
- Ghost(Blogging platform and also works for content management system), to host and manage our contents.
- Node.JS, the backend side of Ghost system.
- MariaDB, to store data of our services in effective way.
Data that we serve to you
We're always aiming to serve our products to you in best quality and speed. However, there are some trade-offs in our current system to improve speed, and we want to describe easily to you as those data can be saved and implemented inside of your web browser.
What our server will send cannot be refreshed in seconds
We're caching things to serve contents to you. In other word, we creates ready-to-use objects which don't require to be processed inside of our system for faster delivery of contents. However, there is a problem. To use those ready to use content and deliver things to you faster, we need to create cache first. As you hit our website in your browser, our gateway accepts your request and looks for existing cache, otherwise generates it for the speed of next visitors. If there is cache, you may see cached content that may be old and the problem occurs. Again, this means that when we edit existing typo errors, the result will not be present in visitors screen right after edition.
Unfortunately, the ghost blog, we using right now doesn't support proper scaling method or clustering to accept bigger size of visitors, so we implemented strong caching to reduce system load. We're still finding a better way to serve the content faster without increating the system load. If you see something looks like invalid, please feel free to contact. Also, we're always thinking sorry about this problem which not solved perfectly.
Incorrect facts on our contents
There may be some incorrect facts on our website content because every people writing a post are human, not a machine that can work perfect. We're sorry if you found any errors on your posts. Also we're highly recommending you to contact us to prevent spread of invalid information.