Please note that in the event of any differences in meaning or interpretation between the original English version of this document and a translation, the original English version takes precedence.
- 2 What’s a “standard account” versus a “non-standard account”?
- 3 Can you give me some examples of types of cookies and how you use local storage?
- 4 What are some options I have to limit use of locally stored data on my device?
- 5 How do I email within the Wikimedia Sites and how do I change what notifications I get?
- 6 Can you give me an example of how you use GPS and other location technologies to show me more relevant content?
- 7 What do you mean you “infer my geographical location”? And why do you need to do that?
- 8 What are some examples of when I would give you permission to share my information?
- 9 What are some ways that you may use or share user information, such as to investigate, enforce, or defend the Wikimedia Sites and policies?
- 10 Can you give me some examples of when you would share my information with third-party providers?
- 11 What information is revealed when I click a link on a Wikimedia site that takes me to an external third party site?
- 12 What is the risk of re-identification?
- 13 Does the Wikimedia Foundation use HTTPS on its sites?
- 14 What are some examples of how long you keep my data?
- 15 Is there a community body in charge of investigating alleged privacy violations?
- 16 There is outdated or inaccurate information about me on a Wikipedia article! How do I update my information?
- 17 What are Do Not Track (“DNT”) signals and how does the Wikimedia Foundation respond to them?
- 18 I thought I never needed an account to read or contribute! Under what circumstances would I need to register to read or contribute?
- 19 Can you give me some examples what kind of information is available through public logs?
- 20 Can I delete and/or anonymize any content I post on any Wikimedia Site, if I don’t want to be personally identified? If so, how?
What’s a “standard account” versus a “non-standard account”?
A standard account is one that you can sign up for to browse or edit the main Wikimedia projects like Wikipedia or Wikimedia Commons. Typically you do not need to provide more than a username and password to create a standard account with WMF; however, if you create a standard account using a system run by a third party, then you may be required to provide additional information, such as an email address. A non-standard account is one that you may sign up for to participate in the Wikimedia movement in a more in-depth way, outside of reading or contributing to one of our main projects like Wikipedia.
For example, if you register for an account on non-wiki sites such as Phabricator, Gerrit, or OTRS or work on a special initiative like Global Education, you may be required to register for an account to participate and registration for those accounts may require additional information other than a username and password, such as an email address.
Sure! The cookies (and related local storage storage technologies) used by the Wikimedia Sites generally fall into the following categories:
- Functionality: These cookies help the Wikimedia Sites work, including essential features like logging in.
- Preferences: These cookies store your preferences, so that they can be remembered the next time you use the site.
- Performance and Analysis: These cookies collect information about how you use our website, so that we can better understand how the website works and improve it for you and other users.
- Third-Party: These cookies allow us to render services provided by third parties, such as “like” and “share” buttons. When a third party provides these kinds of services, they may require the use of a cookie in order to provide their services. (These would only be used with your affirmative consent.)
For more information, please visit our Cookie Statement.
What are some options I have to limit use of locally stored data on my device?
While this is not a comprehensive list, here are some of the things that you can do to limit use of locally stored data on your device. You can:
- remove or disable specific locally stored data on your browser’s settings;
- use a browser that can block third-party cookies; or
- install a plug-in to block locally stored data, if one is available.
How do I email within the Wikimedia Sites and how do I change what notifications I get?
You can change what notifications you receive by either:
- (a) Clicking on the link after “To control which emails we send you, check your preferences” at the bottom of any notification email we send you as seen below; or
- (b) Sign into your account, then click on “Preferences” at the top right of your screen, and then click on “Notifications”.
You also have the option of enabling the “Email this user” feature, which allows other users to email you directly by clicking “Email this user” in the Toolbox menu on your user page. If you enable this feature, your email address is not revealed when other users contact you (although it will be if you reply). If you enable this feature, any other user can email you and we do not control what or how often they email you. This is how you can enable this feature:
- Sign into your account, click on “Preferences”, then click on “User profile”, and check the “Allow other users to email me” box.
Can you give me an example of how you use GPS and other location technologies to show me more relevant content?
Sure! If you are using the Wikipedia mobile application, you can find out if there are articles about places and things near you by using the “Nearby” button. Your device will ask your permission to identify and use your current location before actually using your location information. If you access this feature on your laptop, desktop, or device without a GPS, this feature will use your information from your browser to figure out your location and find articles about places and things (like public sculptures or famous buildings) near you.
What do you mean you “infer my geographical location”? And why do you need to do that?
We use some downloaded products, like MaxMind’s GeoIP City DB, which allows us to internally determine the approximate location of our users. And when we say “approximate,” we mean it: the GeoIP City DB resolves your location at the center of the most precise area data associated with your IP. The only possibilities for associated area data are postal code, city, region, or country. Unless you are habitually positioned in the geographical middle of the most specific area associated with your IP address, the data we retrieve is unlikely to be good enough to have a sandwich delivered.
We do this so that you can be served with appropriate regional content such as local notices, event announcements, and local fundraising campaigns. To see what information we have on record for your IP address, you can load our GeoIP lookup tool at any time and check the result.
If you receive a scholarship to go to Wikimania, we may ask your permission to share your information with the local chapter hosting Wikimania that year so we can make appropriate travel arrangements. Or if you apply for a grant, we may ask your permission to share your information with members of the Funds Dissemination Committee reviewing your grant application. Or you may want to use your Wikimedia username and password to log in and send information to a third-party site, using such services as OpenID or OAuth, in which case your information will only be sent to the third-party site with your explicit permission.
It is important for us to be able to make sure everyone plays by the same rules, and sometimes that means we need to investigate and share specific users’ information to ensure that they are.
As another example, if we are notified that a user has made a bomb threat, we may have to report some information related to that threat to local authorities to save lives.
Of course! For example, Wikimedia Sites rely on hosting providers, fiber-optic network providers, data centers, and other service providers and contractors. We have a contract with these service providers, and they only have access to your data to perform services for us consistent with this policy. Other times, we may use third-party providers to help us manage the information we store or use. For example, we may use third-party grants management systems to hold grant applicant information and make our application process simpler and more efficient or we may use third-party providers for email services for staff.
When you click a link on a Wikimedia site that sends you to an external website, the referrer information transmits only your domain origin, not the specific Wikimedia page visited, to that third-party destination. For example, if you’re reading an article on Wikipedia and click on a citation that directs you to a news article on an external site, the referrer information contains only the Wikipedia domain, not the specific article URL. This type of referrer policy is known as “origin-when-cross-origin”.
We limit referrer information in this way to protect user privacy, and avoid revealing sensitive information about the pages viewed by users, while allowing movement affiliates and partners to collect aggregate information on traffic received from Wikimedia operated websites. For those who would like to know more, and may be interested in having greater control over referrer information, the Wikimedia Foundation Security team has prepared a page on Meta with some further detail and recommended tools.
What is the risk of re-identification?
In a few instances (not involving the Wikimedia Sites as far as we know!), independent researchers have been able to link non-personal and aggregate information from different sources to particular users. While we try to avoid this by seeking to anonymize information before sharing it for research purposes, we want to make sure that you are aware of this risk.
Does the Wikimedia Foundation use HTTPS on its sites?
Yes! We’ve been implementing HTTPS-only communications on all of the Wikimedia Sites since 2015. We've also implemented several related measures to further secure our traffic beyond the industry minimum standards, including: HSTS, Browser HSTS preloading, OCSP Stapling, and ECDSA server certificates. We embed signed certificate timestamps for Certificate Transparency, and enable best-in-class cipher options, including X25519 and Chacha20-Poly1305. We also deprecate outdated ciphers before they become the next emergency. For the latest on our efforts, see our HTTPS status page.
What are some examples of how long you keep my data?
It depends on the type of data and how it was collected. For example, information that can be accessed by the CheckUser tool is deleted after three months. Other information, such as the IP addresses associated with contributions from unregistered users are visible in an article’s revision history indefinitely. You can learn more about how long we keep different types of data in our data retention guidelines.
Is there a community body in charge of investigating alleged privacy violations?
There is outdated or inaccurate information about me on a Wikipedia article! How do I update my information?
The Wikimedia Projects are collaboratively written and driven by consensus. This means that information in Wikipedia articles is written, updated, and policed by a global community of users like you. If you are the subject of a Wikipedia article or are mentioned in a discussion page and believe that it contains inaccurate or outdated information about you, you must go through the user community’s content policies and procedures to address them. You can get help with this by emailing info wikimedia.org. The Wikimedia Foundation does not get involved in content disputes and believes that working with the community is the best way to resolve potential disputes.
What are Do Not Track (“DNT”) signals and how does the Wikimedia Foundation respond to them?
“Do Not Track” or “DNT” is a way for your web browser to tell the website you are visiting that you do not want to be be tracked by third parties whose websites you did not visit, like analytics services, advertising networks, and social platforms. When using this mechanism, a signal is sent by your browser, expressing your desire that your Personal Information, particularly about your online activities and network interactions, should not be passed on to third parties. When receiving a DNT signal sent to by your browser, the person or entity that owns the website has the option to either honor or ignore the above-mentioned request.
Because of this commitment, we protect everyone, and do not change our behavior in response to a web browser’s DNT signal.
You can find more information about “Do Not Track” technology and policy proposal at Do Not Track Us, and the World Wide Web Consortium’s Do Not Track Specification.
I thought I never needed an account to read or contribute! Under what circumstances would I need to register to read or contribute?
You never need an account to read a public Wikimedia Site. And in most cases, you don’t need an account to contribute to a Wikimedia Site. However, there are a few rare instances where you will need to register an account if you want to contribute. A local community of editors or contributors (for example, the English Wikipedia community or the Malay Wiktionary community) or the Wikimedia Foundation itself may decide to place temporary or permanent restrictions on what you can change. For example, a specific page may be temporarily restricted from editing to allow only experienced or administrative users because of vandalism or copyright concerns. You may also not upload content such as images or videos without being logged in because we need to verify that proper permissions have been obtained from the copyright holder (if the media is not already in the public domain) in order to post the content.
Can you give me some examples what kind of information is available through public logs?
Sure! Public logs may include when your account was created, when you deleted a page, or when you thanked another user. If you would like an example you can also browse through some of the public logs for this wiki at Special:Log.
Can I delete and/or anonymize any content I post on any Wikimedia Site, if I don’t want to be personally identified? If so, how?
The Wikimedia Sites use publicly-available revision histories to build consensus, promote transparency amongst contributors and editors, and affirm the authenticity of the content of our sites. Therefore, once you post information to the Wikimedia Sites, it is public and you will likely not be able to remove it. Even if you remove certain content (say from a Wikipedia article) yourself, it will still remain publicly available in the “view history” section of the article. Under certain circumstances, you may be able to request removal of a page or file or a part of the history of a page or file from public visibility (for example, if you accidentally post high-risk Personal Information like your credit card number). Please note that removal decisions (i.e. the deletion of a whole article) are not always made centrally, and sometimes they come after a public discussion amongst the Wikipedia community (see English Wikipedia’s deletion policy for further reference). This procedure does not ensure complete or comprehensive removal of the content or information posted on the Wikimedia Sites.
You can also request suppression (oversight), in order to hide revisions, user names in edit histories and logs, or portions of individual log entries. Suppression is an on-wiki process that applies to specific uses. Please refer to the Meta-Wiki page on suppression for further information and instructions.
If you are a registered user, we encourage you not to use your real name as your username if you do not want others to have a connection between what you post on the Wikimedia Sites and your real name. You can learn more about choosing your username in English Wikipedia’s username policy. Please note that this Username Policy is only applicable to English Wikipedia, and different Wikipedias have different policies. We recommend checking the username policy on the project you intend to use to be sure you are in compliance with local practice.
If you have already included personally identifying information (such as your real name) in your username and do not want to be personally identified with your contributions, we encourage you to request the anonymization of the information (instead of proceeding with the removal and suppression processes described above) by requesting a change of your username. For information on how to change your username, see the Meta-Wiki page on Changing Username.
The anonymization process cannot ensure complete or comprehensive anonymization of all of the content or information posted on Wikimedia Sites related to your prior username. If your request is granted, the name change will only occur in automatically generated logs (such as page histories) in association with content that you posted. The name change will not delete mentions of your prior username by third parties. For example, if you changed your username from MichaelPaul to Owlwatcher345, the content you contributed will be attributed to Owlwatcher345, but if another user has mentioned you by the name MichaelPaul in a discussion page, MichaelPaul will continue to appear rather than Owlwatcher345.