1. Statement Coverage

This privacy policy and the contents within apply collectively to "The Havoc", which colloquially includes this site (melodichavoc.com) and the following subsites:

alter.melodichavoc.com - Alter Havoc

While some items may not apply to all of the aforementioned entities, this privacy policy is designed to encompass these entities as a whole - herein referred to as "The Havoc."

This statement may not be all inclusive and is subject to change without any notification.  Some links on this website go to third-party websites and content providers.  This privacy policy nor the website owner or operator make any guarantee to the policies governing these third party entities.  Key third party entities will have their privacy policy linked in this statement.  It is the responsibility of the visitor to familiarize themselves of these policies.

2. Right To Know Statement

As an end-user of this website (herein, "The Havoc"), you have the right to be aware of information that may be collected by this site, and what measures are used to safeguard that information.  You also have the right to know how information you willfully supply is used.  This privacy statement is therefore provided to you for your reference and understanding of how your information is handled heretofore.

3. Collection of Information

There are two major categories of information that is collected by this site, each with their own subset of types that define the sensitivity of that information.  These major categories are involuntary (also referred to as automatic) and voluntary (also referred to as provisionary).  This section of the privacy statement will cover how that information is collected.

A. Automatically Acquired Information

Certain information is provided through a various assortment of means to three web servers associated with The Havoc for the purpose of site traffic monitoring.  This information is low-risk to the individual and includes elements such as web browser, operating system, internet protocol address, and internet service provider.  As mentioned, there are three web servers that this information may be supplied to.  These servers are as follows:

1. The server that houses The Havoc

This is the webhosting server that manages the site content provided to the end-user.  To verify information such as the validity of the request (page codes), the risk of the request (whether the requestor is a human), and how to display content (phone, computer, or other), the hosting server automatically collects this information.  The software that is on the server then stores that information for the purpose of visitor logging.

2. Google, Inc.

For more accurate measurements of site traffic and activity, The Havoc utilizes Google Analytic web monitoring scripts to get more precise metrics without querying the internet protocol address.  Information is gathered on-site, and then communicated to Google servers in order to analyze information that may be revealed by this address.  Information such as geographic location (at the national level) and estimated demographics are collected.  This can help the site owner make decisions on site content.

3. WordPress JetPack

Limited information, such as pages visited and internet protocol addresses are also provided to WordPress by the JetPack software.  These are simply another version of metrics that are generated by the host server.  No additional information is provided to WordPress.

4. Cloudflare Distribution Network

CDN collects information that is identical to that of which is collected in item 1.  See the Cloudflare Content Distribution, Management, and Security Platform Section of this statement for more information.

The information provided involuntarily, especially beyond information collected by the webhosting server, is arguably accurate.  The estimated demographics do not reveal any personal identity or precise geographic information.  More information on data collected from these sources can be found in the links provided below:

» Google Analytics - Tracking Code Overview
» JetPack - WordPress Stats
» Google, Inc. - Privacy Policy (EN)

The following is the risk assessment for information provided in this category:

0 - No Risk Operating System (such as Windows, Mac, Linux)
Web Browser (such as Chrome, Firefox, Safari)
Screen Resolution (such as FHD, UHD, QHD)
1 - Low Risk Internet Protocol Address (IP)
Internet Service Provider (ISP)
Geographic Location (National)

B. Voluntarily Provided Information

Within this category there are two subsets of information; simple and detailed.

Definitions

Simple Voluntary Information (SVI) is supplied without agreeing to any additional terms, such as communicating with the website owner or submitting an initial abuse report.

Detailed Voluntary Information (DVI) is supplied after agreeing to terms and conditions in addition to those supplied for general use.  This may be the case for end-users that have accounts on this site.

This information is collected when a user submits any form on The Havoc, and may supply additional information to that defined in Section A.  Such information is not required to access or view the site for it's intended purpose, and therefore it is described as exclusively voluntary.  It is also not automatically supplied and requires user intervention.  SVI is collected when a user submits a reply to an article or post and usually includes internet protocol address, email address, and a name supplied by the end-user.  SVI may also be collected when an end-user fills out the contact form on the website, which requires a valid email address for the purpose of communication.

DVI is collected when an end-user requests an account on The Havoc for the purpose of accessing hidden sections.  DVI includes information such as end-user name and geographic location (local).  The extent of DVI provided is dependent on the end-user, and is not required by the site for normal functionality.

Neither SVI or DVI information is transmitted away from this server, and therefore is entirely internal to The Havoc's webhosting server.

The following is the risk assessment for information provided in this category:

1 - Low Risk Internet Protocol Address (IP) [SVI]
Internet Identity Name (such as a username or alias) / Name [SVI]
2 - Slight Risk Email address [SVI]
Real Name [DVI]

4. Maintaining & Storing of Information

Information that is collected, whether it is SVI, DVI, or Involuntary, is stored for various amounts of time, depending on the use of that information.  Some information may be permanently kept insofar as logging will allow, other information may be disposed of shortly after it is received.  Information that is transmitted to third parties as outlined above may be subject to different terms.  In general, most information sent to third party databases is kept for approximately thirty (30) days.

The chart below describes how long information is typically stored and who has the authority to access, change, or remove that information:

Can not be modified Involuntary Information - IPI
IP Address - SVI
Internet Service Provider - SVI
30 Days
Permanent
Permanent
Can be modified Username
Email Address
Real Name
End-User Defined
End-User Defined
End-User Defined

End-user defined information, such as username and email address, may be changed at any time by request of the user or by the user's own ability.  User's may also opt to supply their real name if they are registered on the site, but this is not required to access hidden portions of The Havoc.  Single-Use data is usually deleted within three (3) days of receipt and is not kept on any server beyond five (5) days.  No database exists with any single-use data, all of this information is contained within emails.

Information such as usernames, email addresses, and passwords is housed on the local web server that hosts The Havoc.  This information is contained within a standard database and is encrypted for the protection of the end-user.  Information is not stored in a readable or readily usable format.

5. Use of Information

The information that is collected can best be described for one of four purposes: contact, account creation, general purpose, and interaction.

General purpose is defined as the use of information to serve web pages and retain data that may be useful in content generation or to improve user experience.  (Owner note: this is not the same as biometric algorithms like Facebook, Google, or other advertising companies.)  Information collected is the bare minimum and only includes browsing habits on this website.  This information includes the IPI that is collected by the host server as a means to log user traffic.  Any unique information is purged according to the scheduled mentioned in section 2.

Information used for the purpose of creating an account is not necessarily the same as information used to maintain the account.  DVI is used to create the account, but only one piece of that information is used to maintain it (email address).  The other information to maintain the account is SVI (the username).  Provision of a real name is optional, and therefore not mentioned here.  See section 2 for details on how long this information is stored.

Any information that is stored is done so for the sake of user experience and in no way is used for third-party research, nor is it distributed to any third party for the purpose of advertisement.  The Havoc does not participate in any ad programs, biometric algorithms, individual data collection, or user information research and mining.  Any communication that indicates otherwise should be reported immediately.

6. Rights to Revoke

The end-user may revoke rights to DVI at any point by submitting a request via the contact form on The Havoc.  Some information is not able to be removed, and other information may be retained for the purpose of site stability and it's coverage by limited license at the time of account creation.  All DVI is able to be revoked at any time.  Some SVI data may be revoked (such as email and identity), but other information such as internet protocol address may not be revoked.  Involuntary information is not editable, nor can the quantity of information collected be modified, and therefore it can not be revoked.

The following table specifies information where the license to use data can and can not be revoked:

Permanent Data Internet Protocol Address (IP)
Operating System (such as Windows, Mac, Linux)
Web Browser (such as Chrome, Firefox, Safari)
Screen Resolution (such as FHD, UHD, QHD)
Internet Service Provider (ISP)
Geographic Location (National)
Revocable Data Real Name [DVI]
Variable Data Internet Identity Name (such as a username or alias) / Name [SVI]
Email address [SVI]

Variable data, such as name and email address may not be able to be permanent removed from all of the site databases.  In some instances, information may be modified to meet the end-user's request for that data to be removed.  The Havoc will make every possible attempt to grant approval to requests to remove information at the user's behest.  However, this may only be done so to the extent that it does not destabilize the ability to serve site content.

7. Cookie Policy

The Havoc utilizes a limit usage of cookies to enhanced user experience.  Cookies and stored files may be used to increase load time of any given page, track which headers have been used, and to mark pages as read to reduce repetitiveness.  Other uses may be to store session info to reduce the need to login (if the user has an account).  The overall impact and use of cookies is minimal.

8. Additional Protection of Information

In addition to the procedures outlined previously on this page, measures are taken to safeguard information that is submitted and stored on this server.  The Havoc utilizes SSL encryption in order to ensure that data transmitted to and from this site is properly secured.  Data stored on this site is also protected by a series of SSL encryption and security software provided by the hosting company.  All third party websites that collect data from The Havoc utilize some form of SSL encryption as well, and this is a requirement for any connections for the purpose of information security.

For your protection, The Havoc advises users to ensure that they are using "https" in their address bar, and that the address bar does not show red.  Different web browsers may show SSL certificates and encryption policies different.  It is recommended, for this reason, that you familiarize yourself with security features of your web browser.  Do not submit information over networks or information systems that are not specified as secure!  The Havoc makes no guarantee of security policy of sites linked to from this site.

Please note: The Havoc does not utilize an EV SSL certificate, and therefore the URL bar may not turn green.  The SSL certificate used is a standard Positive SSL certificate.  The details of this certificate can be viewed by clicking here.

9. Cloudflare Content Distribution, Management, and Security Platform

Content on this site is routed through Cloudflare's content distribution network.  There are several Cloudflare services operating on the site that work to improve end-user experience and security.  In addition to the SSL certificate installed on the server end, Cloudflare adds an additional layer of protection to that certificate.  The Cloudflare service also enables us to cache images and static files so that pages can load faster and cause less strain on both the server that houses The Havoc and the end-user.

As Cloudflare acts as an intermediary for content through The Havoc, it does not supersede our agreements and compliance with our hosting provider.  Likewise, Cloudflare is not responsible in any way for content posted on this site.  For DMCA information, please refer to the copyright page on this site.

10. Information & Cyber Security Statement

This site does not collect any personally identifiable information (PII) or confidential information.  The use of the contact form or registration page on this site does allow for the submission of email addresses, and names.  For your safety, please be sure that the page you are viewing shows "https" in the address bar, and that the certificate is valid.  The Havoc operates under duplicate forms of SSL certificates.  One is outlined as Comodo SSL, while the second is offered through CloudFlare, Inc.  Ensure the certificate authority is valid before submitting any information on this site.

This site incorporates additional security measures for user safety.  If you observe suspicious content on this site at any time, contact the administrator immediately.

This site complies with guidelines outlined by the Cybersecurity & Infrastructure Security Agency guidelines for the collection, storing, and maintaining of information.  However, security of personal information is a joint task and requires end-user vigilance as specified in CISA and Department of Homeland Security materials.

11. Third Party Data Sharing

There are a select number of third-parties that are connected to this site for various functions.  The entities described in section 3, sub-section B are the only entities that actively collect information on this site.

A. Entities Collecting Information

The rights to collect information on this website are restricted to those named either in section 3, sub-section B or in this section.  These entities are Google, Inc. and WordPress.  The definitions and reasons can be found in the previously mentioned sub-section of this document.

CloudFlare
101 Townsend Street Suite 200
San Francisco, California 94107

Google, Inc.
1600 Amphitheatre Parkway
Mountain View, California 94043

WordPress
60 29th Street #343
San Francisco, California 94110

B. Entities With an On-Site Footprint

Entities within this section may appear on this website through the use of a security token or other means.  This access is only valid one direction and is unable to transmit any information from this site.  These entities have access to the site's publishing abilities for the purpose of advertising content explicitly at the request of the site operator.  The individual entities that have this access are found in this sub-section.

Discord, Inc
444 De Haro Street Suite 200
San Francisco, California 94107

Facebook, Inc.
1 Hacker Way
Menlo Park, California 94025

Twitch
350 Bush Street
San Francisco, California 94104

C. On-Site Footprint Privacy Policies

While no information is transmitted to the content providers mentioned in the previous sub-section, their privacy policies and statements have been made available in this document for reference.  Individuals who opt to follow links from this site should be aware of the privacy policies in place at the destination site.  The advertised entities with publishing authority have been made available below.

» CloudFlare Privacy Policy
» CloudFlare Safety Policy
» Discord Privacy Notice
» Facebook Privacy Policy
» Amazon Privacy Notice
» Twitch Privacy Notice

12. End User Agreement

By continuing to use The Havoc, you agree to the terms of how your information is used as outlined above.  You also understand the measures taken to safeguard your information.  Continuing use of this site implies consent to these terms and establishes a contract between the end-user (you) and the site operator.  Omitting review of this document does not nullify your consent.  You may revoke any future consent at any time.  You understand that it is not the responsibility of the site operator to notify you of changes to this document, and that this document may be updated at any time.

13. Privacy Policy Statement

The Havoc is not required to notify end-users or visitors of updates to it's terms of use, copyright, privacy policy, or disclaimer.  It is the user's responsibility to remain apprised of changes to this information.

  • This statement was last updated on 28 DEC 2020 at 04:38Z.