Metopedia:Privacy policy
This page explains how Metopedia handles public contributions, account information, technical logs, cookies, backups, third-party infrastructure, and privacy-related requests. It is a site policy, not legal advice.
Summary
Metopedia is a public research encyclopedia. Most editing activity is public by design. Users should assume that public contributions, edit summaries, uploaded files, usernames, timestamps, page histories, and public logs may be visible, preserved, archived, indexed, cited, mirrored, or reused under the applicable license.
Metopedia collects and uses limited personal and technical information to operate the site, preserve article history, protect accounts, prevent abuse, maintain security, respond to user requests, comply with legal obligations, and preserve evidence needed for research integrity.
In plain terms:
- public edits are public;
- page histories are part of the record;
- removed text may remain in histories, logs, archives, or backups;
- technical logs may record IP addresses, request data, browser data, security events, and account activity;
- cookies may be used for login, preferences, editing, security, and anti-abuse functions;
- third-party infrastructure providers may process technical data needed to operate, secure, cache, monitor, or deliver the site;
- privacy requests may be sent to [email protected];
- Metopedia may decline requests that would erase public accountability, damage source integrity, or conflict with legal, archival, security, or technical obligations.
Scope
This policy applies to Metopedia pages, public edits, uploaded files, account activity, technical logs, administrative logs, cookies, local storage, backups, and privacy-related requests connected to metopedia.com and related Metopedia-controlled services.
This policy does not control independent archives, search engines, screenshots, third-party mirrors, browser caches, social-media posts, external websites, or other services that may copy, index, quote, preserve, or redistribute public Metopedia content.
Core privacy principle
Metopedia follows a preservation-first model because it is a public research encyclopedia. That model requires visible attribution, revision history, source integrity, and resistance to deletion. Privacy is still protected, but it must be balanced against public accountability, evidence preservation, copyright compliance, safety, and the integrity of the historical record.
Metopedia should not collect more personal data than is needed for normal operation, security, abuse prevention, legal compliance, and preservation of the wiki record. Metopedia should not sell personal information, build advertising profiles, or use privacy-invasive tracking when ordinary site operation can be achieved without it.
Public contributions
Edits, page creations, uploaded files, edit summaries, usernames, timestamps, categories, page moves, deletions, protections, blocks, patrol actions, imports, and page histories may be public by design. Public contributions may be copied, indexed, archived, mirrored, cited, analyzed, or reused under the applicable content license.
Users should not place private, confidential, legally restricted, identifying, financial, medical, credential, security-sensitive, or personally risky information into public pages, edit summaries, uploads, talk pages, file descriptions, templates, categories, module pages, or public comments.
Removing text from the current version of a page does not remove it from the revision history. Administrators may hide, suppress, delete, redact, or restrict access to specific material when needed for privacy violations, doxxing, threats, copyright problems, spam, vandalism, legal concerns, safety concerns, or other serious policy issues.
Usernames and attribution
Usernames are part of the public attribution system. Users should choose usernames that do not expose private information, employment relationships, legal names, locations, contact details, protected personal attributes, or other identifying information unless they intentionally wish to publish that information.
Changing or hiding a username may not remove every past reference. Usernames may appear in page histories, logs, signatures, edit summaries, talk pages, screenshots, cached pages, backups, exports, search results, third-party archives, or copied content.
Account information
If account creation is enabled, Metopedia may store information needed for normal MediaWiki operation, including:
- username;
- password hash;
- email address if provided;
- account preferences;
- user rights and groups;
- block records;
- login-related metadata;
- edit-count and contribution metadata;
- watchlist and notification data where supported;
- interface settings;
- session data;
- abuse-prevention data;
- password-reset and account-recovery metadata.
Email addresses are not normally public unless a user publishes one directly, uses a feature that discloses it, signs a message with it, places it on a page, uploads it in a file, or otherwise makes it visible.
Metopedia administrators should not request passwords. Users should not send passwords, private keys, session cookies, government identification numbers, payment details, medical records, or other unnecessary sensitive information to Metopedia.
Logs and technical data
Metopedia may collect technical data needed to operate and secure the site, including:
- IP addresses;
- browser and device information;
- user-agent strings;
- request times;
- requested URLs;
- referrers;
- visited pages;
- login events;
- failed login attempts;
- edit activity;
- upload activity;
- administrative actions;
- rate-limit events;
- spam and abuse signals;
- security events;
- server errors;
- cache logs;
- content-delivery logs;
- backup logs;
- email-delivery metadata;
- search and API request metadata.
Technical data may appear in server logs, MediaWiki logs, security tools, anti-spam systems, hosting-provider logs, content-delivery systems, analytics systems, monitoring systems, email systems, or backup systems.
Technical data is used to maintain the site, diagnose errors, prevent spam, detect abuse, protect accounts, enforce rate limits, investigate vandalism, identify attacks, troubleshoot performance, preserve logs of administrative action, and maintain the integrity of the wiki.
Cookies and similar technologies
Metopedia uses cookies and similar technologies for login sessions, account authentication, edit sessions, user preferences, interface settings, request validation, security checks, spam prevention, abuse prevention, and normal MediaWiki functionality. More detail appears at Cookie statement.
Cookies may include essential cookies, preference cookies, security cookies, anti-abuse cookies, and limited third-party infrastructure cookies. Essential cookies are required for the site to function. Non-essential analytics or measurement tools should be minimized and should not be used for behavioral advertising.
Users may control cookies through browser settings. Blocking cookies may prevent login, editing, uploads, preferences, security checks, or other account features from working correctly.
Legal basis for processing
Where privacy laws require a legal basis for processing, Metopedia may rely on one or more of the following bases depending on the context:
| Processing purpose | Possible legal basis or operational basis |
|---|---|
| Operating the wiki, maintaining accounts, preserving page history, processing edits, serving pages, and enabling login | Performance of site terms, legitimate interests in operating a public research encyclopedia, and technical necessity |
| Preventing spam, vandalism, fraud, abuse, security incidents, scraping overload, credential attacks, and disruption | Legitimate interests in security, abuse prevention, and protection of users and infrastructure |
| Preserving public revision history, source attribution, edit accountability, research records, and public logs | Legitimate interests in archival integrity, attribution, accountability, research integrity, and historical preservation |
| Responding to privacy, copyright, legal, safety, administrator, or account requests | Legal obligation, legitimate interests, consent where applicable, and user request handling |
| Sending account-related notices, password resets, security alerts, or administrative responses | Technical necessity, user request handling, legitimate interests, or consent where required |
| Complying with court orders, legal claims, lawful process, takedown notices, or regulatory duties | Legal obligation and preservation of legal rights |
| Optional analytics, testing, or usability measurement | Legitimate interests or consent where required, with non-essential tracking minimized |
Metopedia does not represent that every data-protection law applies to every user, every request, or every processing activity. Requests are evaluated according to applicable law, site policy, preservation duties, technical feasibility, and the public nature of wiki contributions.
User rights and privacy requests
Depending on location and applicable law, users may have rights to request access, correction, deletion, restriction, objection, portability, information about processing, or information about sharing. California users may have rights under the California Consumer Privacy Act and related California privacy law, including rights to know, delete, correct, opt out of certain sale or sharing activity, and be free from discrimination for exercising privacy rights where the law applies. European and UK users may have rights under GDPR-style frameworks, including access, rectification, erasure, restriction, objection, and portability where the law applies.
Privacy requests should be sent to [email protected] and should include:
- the user’s account name, if any;
- the relevant page, file, log entry, revision, or upload link;
- the type of request;
- enough information to verify the request without exposing unnecessary private data;
- the requested action;
- whether the request concerns public page content, account metadata, logs, cookies, backups, or third-party indexing.
Metopedia may request verification before acting on a privacy request. Verification should be proportionate to the request and should not require unnecessary sensitive information.
Metopedia may deny, narrow, delay, or modify requests when necessary to protect public attribution, source integrity, legal compliance, safety, anti-abuse enforcement, security logs, archival records, copyright records, public accountability, or technical operations.
Public-record limitations
Metopedia is not the same as a private account service. It is a public wiki. Some privacy requests cannot be fulfilled in the same way they might be fulfilled by a private application because public edits create records used for attribution, licensing, accountability, and source review.
Examples of material that may be difficult or inappropriate to erase fully include:
- public edits made under a username;
- edit summaries attached to page history;
- page histories needed for attribution;
- logs documenting administrative action;
- files reused by articles;
- properly licensed quoted material;
- evidence relevant to article integrity;
- information copied into third-party archives or search engines;
- backups not yet expired;
- records needed to investigate abuse, vandalism, copyright, or security incidents.
When full deletion is not appropriate, Metopedia may consider alternatives such as revision hiding, suppression, username change, page redaction, file removal, talk-page cleanup, search-index refresh, or annotation of corrected information.
Data retention schedule
Metopedia retains data only as long as needed for public attribution, site operation, security, legal compliance, archival integrity, or administrative review. Retention periods vary by data category because public wiki history, security logs, account metadata, correspondence, and backups serve different functions.
| Data category | Standard retention | Notes |
|---|---|---|
| Public page content, revision history, file descriptions, public logs, edit summaries, and attribution records | Indefinite | Preserved because wiki integrity depends on visible history, licensing attribution, and reviewability. |
| Current account records | For the life of the account or as needed for site operation | Some records may remain after inactivity to preserve attribution and abuse-prevention history. |
| Deleted or hidden revisions | As needed for administrator review, legal compliance, copyright, privacy, safety, or source integrity | Visibility may be restricted without immediate physical deletion from all systems. |
| Server access logs | 30 to 180 days in ordinary operation | May be retained longer for security incidents, legal issues, abuse investigations, or performance analysis. |
| Security, anti-abuse, spam, firewall, and rate-limit logs | 90 days to 2 years in ordinary operation | Retention may be longer where needed to identify recurring abuse, bot activity, credential attacks, or legal issues. |
| Login and account-security metadata | 90 days to 2 years in ordinary operation | May be retained longer if connected to account compromise, vandalism, ban evasion, or legal compliance. |
| Email correspondence with Metopedia | As needed to resolve the request, then retained if needed for legal, administrative, privacy, copyright, safety, or accountability reasons | Users should not include unnecessary sensitive information. |
| Backups | 30 to 180 days in ordinary operation, unless a longer archival or disaster-recovery retention is configured | Removed material may remain in backups until backups expire, are overwritten, or are manually purged where feasible. |
| Analytics and performance summaries | Aggregated or anonymized where feasible | Non-essential tracking should be minimized. |
Backups
Metopedia may retain backups of pages, files, databases, configuration, logs, templates, modules, user tables, upload metadata, and site settings. Backups protect the site from accidental deletion, vandalism, technical failure, corruption, malicious activity, and server loss.
Information removed from public view may remain in backups until the relevant backup expires, is overwritten, or is manually purged where feasible. Backup purging may not always be immediate or technically possible without undermining disaster recovery.
Third-party services and processors
Metopedia may use third-party providers to operate and secure the site. These providers may process technical information only as needed for the service they provide.
| Category | Possible purpose | Possible data processed |
|---|---|---|
| Hosting providers | Server operation, storage, databases, backups, network connectivity | IP addresses, request logs, server logs, files, databases, technical metadata |
| Domain and DNS providers | Domain resolution, DNS records, uptime, routing | DNS request metadata, domain records, IP data |
| Content-delivery or caching services | Performance, caching, attack mitigation, rate limiting | IP addresses, user agents, requested URLs, security events, cache logs |
| Security and anti-abuse services | Spam prevention, bot detection, firewall rules, rate limiting, incident response | IP addresses, request metadata, behavior signals, security logs |
| Email services | Account email, policy contact, password resets, administrative replies | Email addresses, message headers, message content, delivery metadata |
| Analytics and measurement tools | Traffic measurement, reliability, usability, debugging | Aggregated metrics, page requests, device/browser data, referral data where enabled |
| Search engines and external indexers | Discovery and indexing of public pages | Public page content, snippets, metadata, cached public pages |
| Embedded media or external content providers | Displaying externally hosted content when enabled | Browser requests, IP address, user agent, referrer, cookies controlled by the provider |
Third-party services should be limited to legitimate operational, security, usability, legal, or research-preservation purposes. Metopedia should avoid unnecessary advertising trackers, behavioral profiling, or unrelated data-sharing.
International users
Metopedia may be accessed globally. Privacy rights, legal standards, and disclosure rules vary by jurisdiction. A user’s location may affect which rights apply, how a request is verified, and whether Metopedia must preserve or disclose certain information.
Metopedia may process and store data in jurisdictions where its hosting, infrastructure, administrators, or service providers operate. Users who contribute to Metopedia acknowledge that public wiki contributions are intended for global publication and may be copied, indexed, mirrored, and archived internationally.
Children and minors
Metopedia is not designed to collect personal information from children. Users should not publish information that identifies minors, exposes private family details, or creates a safety risk. Content involving minors should be handled with heightened caution, minimal identifying detail, and strict attention to public interest, source quality, and privacy.
If a parent, guardian, or affected person believes information about a minor has been posted improperly, they should contact [email protected] with the relevant page, revision, file, or log entry.
Sensitive information
Users should not publish passwords, private keys, session cookies, medical records, precise home addresses, government identification numbers, financial account information, private photographs, private messages, non-public contact details, or information that exposes another person to harassment, stalking, fraud, or physical danger.
Metopedia may remove, hide, suppress, or restrict sensitive material even when it was posted by the affected person, if the material creates a safety, legal, privacy, or security risk.
Security measures
Metopedia uses reasonable technical and administrative safeguards appropriate for a public wiki. These may include encryption in transit, access controls, administrator permissions, backups, security logging, software updates, rate limiting, anti-spam controls, firewall rules, abuse monitoring, and restricted access to administrative tools.
No public website can guarantee absolute security. Users are responsible for using strong passwords, protecting their email accounts, avoiding credential reuse, keeping browsers updated, and not sharing account access.
Disclosure of information
Metopedia may disclose or preserve information when needed to:
- operate the site;
- comply with legal obligations;
- respond to lawful requests;
- enforce site rules;
- prevent spam, abuse, fraud, or security incidents;
- protect users, administrators, or the public;
- investigate vandalism or malicious automation;
- resolve copyright or privacy claims;
- preserve source integrity and public accountability;
- transfer hosting, backups, or infrastructure to a replacement provider;
- respond to emergencies or credible threats.
Metopedia should resist unnecessary disclosure and should preserve transparency where legally and safely possible.
Search engines, archives, and mirrors
Public Metopedia pages may be indexed by search engines, preserved by web archives, copied by users, quoted in articles, mirrored by external sites, screenshotted, cached by browsers, or redistributed under the applicable license. Metopedia cannot guarantee removal from third-party services after content is changed or removed on Metopedia.
Users seeking removal from search results or third-party archives may need to contact those services directly after the Metopedia page is corrected, deleted, hidden, or updated.
Privacy request process
Privacy requests should follow this process:
- Send the request to [email protected].
- Identify the affected page, file, revision, log entry, username, or account issue.
- Explain the privacy concern and the action requested.
- Provide only the verification information necessary to evaluate the request.
- Metopedia reviews the request against privacy, source-integrity, legal, security, archival, and public-accountability concerns.
- Metopedia may approve, deny, narrow, or offer an alternative action.
- If action is taken, Metopedia may document the action in logs or a transparency record where appropriate.
Appeals and follow-up
If a request is denied or only partly granted, the requester may send a follow-up explaining why the decision should be reconsidered. The follow-up should identify the original request, explain the specific objection, and provide any missing context or legal basis.
Metopedia may require administrator review for requests involving public-accountability records, legal claims, living persons, minors, harassment, doxxing, copyright, or site-security logs.
Relationship to other policies
This policy should be read with:
- Metopedia:Terms of use;
- Metopedia:Copyrights;
- Metopedia:General disclaimer;
- Cookie statement;
- Metopedia:Contact;
- Metopedia:Code of Conduct;
- Metopedia:Source standards;
- Metopedia:Article standards;
- Metopedia:Policy.
Where these policies conflict, administrators should apply the interpretation that best preserves lawful operation, user safety, public accountability, source integrity, and the minimum necessary processing of private data.
External legal references
These external references are provided for orientation only and do not replace legal advice:
- European Commission: data protection
- California Department of Justice: California Consumer Privacy Act
- UK Information Commissioner’s Office: lawful basis
Contact
Privacy-related requests may be sent to [email protected].
Requests should identify the relevant page, username, file, revision, or log entry and explain the specific concern. Users should avoid sending unnecessary sensitive information.