Table of Contents

• Account Data
• Logging
• Analytics
• Third parties
• Service Providers
• Cookies

# Account Data

In order to have a functional account at pico.sh, we need to store your public key, and a username. We don't require an email in order to use our services. However, when purchasing pico+, we do have access to sensitive information through our payments provider: name, address, email. We do store transaction information in order to track membership status.

Because we use public-key cryptography, our security posture is a battle-tested and proven technique for authentication.

We also might ask for your email address in order to support some features of our services. We will not share your email address with anyone, ever. We will only email you when:

• You ask us to
• Service interuptions
• Service availability
• Membership status

# Logging

We store log files, or data about what happens on our servers. This helps us prevent abuse and ensure no one is accessing our servers that shouldn't be.

Our web servers temporarily store information about what IP address connected when. This data is accessed exclusively by our system administrators and developers as needed.

# Analytics

We are committed to zero browser-based tracking or trying to identify visitors. We do not use cookies.

We do collect anonymous usage statistics for our services. List of metrics we track:

• Anonymous IP Address (/24 IPv4 subnet mask, /64 IPv6 subnet mask, HMAC sha270)
• URL (host and path only)
• Referer (domain name only)
• User-Agent

The data is used to analyze the behaviour of the website visitors to identify potential pitfalls like not found pages, search engine indexing issues and to find out which contents are the most appreciated. Once the data is processed, pico.sh LLC generates reports for website owners to take action, for example changing the layout of the pages, publishing some fresh content, etc.

Our analytic software was built by us and is not shared with anyone outside of pico.sh LLC and our site owners.

We only collect visitor usage statistics for website owners who enable it.

We only keep usage statistics for up to 1 year since the event happened.

We might also inspect the headers of HTTP requests to determine some tertiary information about the request. For example we might inspect the User-Agent or Referer to filter out requests from bots.

# Third parties

We have a strong commitment to never share any user data with any third-parties.

# Service Providers

We host our server on oracle cloud.

# Cookies

We do not use any cookies.