Statbus does not record any data about its users, beyond what is necessary in order to facilitate a secure and informative experience. Wherever possible, Statbus relies on the game server database (the external database) to look up information about players and other associated data. This data is only displayed on Statbus, never stored. Under no circumstances is personally identifiable data such as IP addresses and ComputerIDs stored on Statbus. Some functionality requires storing user information on a database used exclusively by Statbus (the internal database), or in ephemeral session files. This functionality will be listed and explained below.
The game server’s publicly available manifest.txt files are parsed and inserted into the internal database on-demand (when someone views the manifest.txt file on Statbus). This data consists of the player’s ckey (byond account), their character name, the job they were given at the start of the round, and whether or not they were an antagonist.
/How This Data Is Used/ Besides presenting manifest data into a readable format, this data is also presented on TGDB player information pages to correlate player ckeys with their character names, to aid in investigating administrative issues.
Players who are authenticated with Statbus may cast votes on player created artwork via the library’s art gallery. The only player information stored in this table is the ckey of the authenticated user casting their vote.
/How This Data Is Used/ The ckey is used simply to prevent duplicate votes and is not used in any other contexts. This can (and will) be improved at a point in the future by storing ckeys in the database with as a hashed string.
Ahelp tickets that have been flagged by a user as pubic are stored in the database in a semi-confidential format.
A ticket can only be marked as public or hidden by:
- The player that ticket was initially addressed to (in cases when an administrator initiated a conversation) Or
- If the ticket was initiated by a player to the administration team.
Administrators do not have the ability to change ticket publicity, except for tickets that meet the above criteria.
In order to prevent public tickets being scraped by 3rd party crawlers, public tickets have a unique, random string generated for them. This unique identifier is used to generate the URL for that ticket. Thusly, a list of all publicly available tickets does not exist outside of the database.
Publicly available log files provided by the game server are parsed and stored by Statbus. This information includes, among other things:
- Player ckeys
- Player character names
- The version of Byond used by the player
In some extremely rare cases, some player IP address information or computer ID data may be stored by Statbus. /This is an error and not intended behavior./ Bugs were identified in the scripts used to censor this information from public logs. When this data is located on Statbus, steps are taken to ensure that the offending log files are purged from the database. Any instances of publicly available private data should be reported to your Statbus maintainer as soon as possible.
/How This Data Is Used/ Parsed round logs are used in a variety of contexts, most usually for dealing with ban appeals and other administrative issues.
When you authenticate to Statbus via the TGStation forums, some information is transmitted back to Statbus and securely stored as part of your session. The data received from TGStation consists of:
- Your PHPBB username used on the forums
- Your Byond key, which is your “full”, un-interpreted username from Byond
- Your Byond ckey, a simplified version of the Byond key with everything except letters, numbers, and hyphens stripped out
- If you’ve previously authenticated to Github with your TGStation forum account, your GitHub username is also provided to Statbus. At this moment, nothing is done with your GitHub username.
The Statbus source code is publicly available on GitHub. Please feel free to contact me with any inconsistencies or questions. The greatest effort has been made to make this document as accurate as possible, but there may be omissions or incorrect information.
- Rev 1.0 - 24-09-2020