domain list:
- player.bilibili.com (load video player and video content using this URL: https://player.bilibili.com/player.html, for example: https://player.bilibili.com/player.html?bvid=1Hz4y1k7ae)
- *.hdslb.com (CDN for load images and thumbnails)
CSP REVIEW
- Is the site equipped with a privacy policy? Yes
- Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights? Yes
- While the GDPR itself is not explicitly mentioned, mentions of PIPL law in China is similar to GDPR, and a section detailing user rights as to their information seems to stricter than GDPR.
- The site is equipped to respond to user request within 15 days if contacted through their addresses mentioned in privacy policy. I tested that they do respond to foreign personal information (personal information censored) within a day so this seems to comply with GDPR time limit. {F1940022}
- The site does not seem to collect any personal identifiable information unless you specifically give to them (only if know what to type and successfully register an account which is mostly impossible for oversea user).
- Does the site provide a list of personal data being collected by using the service? Yes, in PP: "What personal information about you that we collect and process and why?"
- Is the website owner known to have a bad reputation regarding privacy? No
- Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking? Yes
- Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker? Yes
- Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze? Yes
- Is the site equipped with a security policy? Yes, see PP
- Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources? Yes
- Can be found in 我们对您个人信息的存储与保护 (Our storage and protection of your personal information)
- The site does not store oversea user data (unless signed up an account) as there is no cross-border storage
- Only store data for the shortest period necessary
- Is the website owner known to have a bad reputation regarding information security? Yes, but only their old site source code that doesn't contain any user data
- Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze? For site security (in Chinese): find at 联系我们 (Contact us). For other unauthorized personal information reports that is not from login account, please contact through China Cyberspace Administration as they will check for any websites within China internet space.