This policy is approved by the Wikimedia Foundation Board of Trustees.
It may not be circumvented, eroded, or ignored by Wikimedia Foundation officers or staff nor local policies of any Wikimedia project.
O movimento Wikimedia o se basa in sce 'n prinçippio sempliçe ma potente: insemme poemo fâ de ciù de quante qualunque fra niatri posse fâ da lê. No poemo travagiâ collettivamente sença aggregâ, condividde e analizâ informaçioin in scî nostri utenti, scicomme çerchemmo noeuvi moddi pe rende i sciti Wikimedia ciù fonçionali, segui e uttili.
Credemmo che l'arecugeita de informaçioin e o so uso van da mæxima co-a transparença. Questa Polittica de confidençialitæ a spiega comme a Fondaçion Wikimedia, l'organizzaçion senç'amia de prpofito ch'a l'ospita i sciti Wikimedia comme Wikipedia, a recoeugge, doeuvia e condividde i dæti riçevui mediante o to utilizzo di sciti mæximi. L'è essençiâ acapî che, doeuviandoi, t'acconsenti a l'arecugeita, a-o transfeimento, a l'elaboaçion, a-a memoizaçion, a-a comunicaçion e a l'uso de to informaçioin comme descrito in questa Polittica de confidençialitæ. Questo scigniffica che l'è importante lezila attentamente.
Stimemmo che pe parteçipâ a-o movimento do savei libbero ti no ti gh'aggi da fornî de informaçioin personæ comme o nomme reale, l'indiriçço ò a dæta de nascita, ni pe registrâ 'na normale utença, ni pe contribuî a l'interno di sciti Wikimedia.
No vendemmo ni affitemmo e to informaçioin confidençiæ, ni e demmo a di soggetti terçi co-o scopo de vendite cose-se-sæ. E doeuviemo pe comprende comme rende i sciti Wikimedia ciù attraenti e accescibbili, pe vedde quæ idee fonçion-an e pe rende l'imprendimento e a conlaboaçion ciù divertenti. Pe fâla curta: doeuviemo e to informaçioin pe rende i sciti Wikimedia megio pe ti.
Doppo tutto, l'è a gente comme ti, i campioin do savei libbero, che rendan poscibbile a-i sciti Wikimedia non solo d'existe, ma de cresce ascì e d'ariêscî.
Da-o momento che tutti (non solo i avvocati) dovieivan ese in graddo d'acapî façilmente comme e percose e so informaçioin son arecugeite e doeuviæ, inte sta Polittica doeuviemo un lenguaggio comun ançichè di termini ciù formali. Pe aseguâ a vostra comprenscion de çerte paole-ciave particolæ, chì aproeuvo gh'è 'na tabella de traduçioin:
|When we say…||…we mean:|
|"the Wikimedia Foundation" / "the Foundation" / "we" / "us" / "our"||The Wikimedia Foundation, Inc., the non-profit organization that operates the Wikimedia Sites.|
|"you" / "your" / "me"||You, regardless of whether you are an individual, group, or organization, and regardless of whether you are using the Wikimedia Sites or our services on behalf of yourself or someone else.|
|"contributions"||Content you add or changes you make to any Wikimedia Sites.|
|"Personal information"||Information you provide us or information we collect that could be used to personally identify you. To be clear, while we do not necessarily collect all of the following types of information, we consider at least the following to be "personal information" if it is otherwise nonpublic and can be used to identify you:
|"third party" / "third parties"||Individuals, entities, websites, services, products, and applications that are not controlled, managed, or operated by the Wikimedia Foundation. This includes other Wikimedia users and independent organizations or groups who help promote the Wikimedia movement such as Wikimedia chapters, thematic organizations, and user groups as well as volunteers, employees, directors, officers, grant recipients, and contractors of those organizations or groups.|
Cos'è disciplinou e cose no da questa Polittica de Confidençialitæ
Eccetto pe quante speçificou aproeuvo, questa Polittica de Confidençialitæ a s'applica a-a recugeita e a-a gestion de informaçioin che ve riguardan e che riçevemmo comme effetto de l'uso, da parte vostra, de-un di sciti Wikimedia. Questa Polittica a s'applica ascì a qualunque informaçion riçevua da-i nostri partner o da atre terçe parte. Pe acapî megio cose segge coverto da questa Polittica, amia chì sotta.
Sometimes, volunteers may place a data-collecting tool, such as a script, gadget, tracking pixel, or share button, on a Wikimedia Site without our knowledge. This Policy does not cover how third parties handle the information they receive as a result of such a tool. If you come across such a third-party tool, and you believe it violates this Policy, you can remove the tool yourself, or report it to privacy[at]wikimedia.org so we can investigate.
Where community policies govern information, such as the CheckUser policy, the relevant community may add to the rules and obligations set out in this Policy. However, they are not permitted to create new exceptions or otherwise reduce the protections offered by this Policy.
Types of Information We Receive From You & How We Get It
Your Public Contributions
Publicly Visible Information
Unless this Policy says otherwise, you should assume that information that you actively contribute to the Wikimedia Sites, including Personal Information, is publicly visible and can be found by search engines. Like most things on the Internet, anything you share may be copied and redistributed throughout the Internet by other people. Please do not contribute any information that you are uncomfortable making permanently public, like revealing your real name or location in your contributions.
You should be aware that specific data made public by you or aggregated data that is made public by us can be used by anyone for analysis and to infer further information, such as which country a user is from, political affiliation and gender.
Account Information & Registration
Want to create an account? Great! Don't want to create an account? No problem!
You are not required to create an account to read or contribute to a Wikimedia Site, except under rare circumstances. However, if you contribute without signing in, your contribution will be publicly attributed to the IP address associated with your device.
If you want to create a standard account, in most cases we require only a username and a password. However, if you choose not to provide an email address, we can't help you recover your password.
More on Usernames
Your username will be publicly visible, so please be careful about revealing your real name or other Personal Information in your username. Your password is only used to verify that the account is yours. Your IP address is also automatically submitted to us, and we record it temporarily. This is to protect Wikimedia users and project content; in the event of abuse, IP addresses may be associated with usernames as part of an investigation. No other Personal Information is required: no name, no email address, no date of birth, and no credit card information.
Once created, user accounts cannot be removed entirely (although you can usually hide the information on your user page if you choose to). This is because your public contributions must be associated with their author (you!). In some circumstances, the Wikimedia communities can assist users with removing additional information related to their account from the projects.
To gain a better understanding of the demographics of our users, to localize our services and to learn how we can improve our services, we may ask you for more demographic information, such as gender or age, about yourself. We will tell you if such information is intended to be public or private, so that you can make an informed decision about whether you want to provide us with that information. Providing such information is always completely optional. If you don't want to, you don't have to—it's as simple as that.
GPS & Other Location Technologies
If you consent, we can use GPS (and other technologies commonly used to determine location) to show you more relevant content. We keep information obtained by these technologies confidential, except as provided in this Policy. You can learn more by checking out the list of examples of how we use these technologies in our FAQ.
Sometimes, we automatically receive location data from your device. For example, if you want to upload a photo on the Wikimedia Commons mobile app, we may receive metadata, such as the place and time you took the photo, automatically from your device. Please be aware that, unlike location information collected using GPS signals described above, the default setting on your mobile device typically includes the metadata in your photo or video upload to the Wikimedia Sites. If you do not want metadata sent to us and made public at the time of your upload, please change your settings on your device.
Finally, when you visit any Wikimedia Site, we automatically receive the IP address of the device (or your proxy server) you are using to access the Internet, which could be used to infer your geographical location.
Information Related to Your Use of the Wikimedia Sites
We want to make the Wikimedia Sites better for you by learning more about how you use them. Examples of this might include how often you visit the Wikimedia Sites, what you like, what you find helpful, how you get to the Wikimedia Sites, and whether you would use a helpful feature more if we explained it differently. We also want this Policy and our practices to reflect our community's values. For this reason, we keep information related to your use of the Wikimedia Sites confidential, except as provided in this Policy.
Information We Receive Automatically
Because of how browsers work, we receive some information automatically when you visit the Wikimedia Sites. This includes when you use an online tool on a third-party site that loads information coming from the Wikimedia Sites. This information includes the type of device you are using (possibly including unique device identification numbers, for some beta versions of our mobile applications), the type and version of your browser, your browser's language preference, the type and version of your device's operating system, in some cases the name of your internet service provider or mobile carrier, the website that referred you to the Wikimedia Sites, which pages you request and visit, and the date and time of each request you make to the Wikimedia Sites.
Put simply, we use this information to enhance your experience with Wikimedia Sites. For example, we use this information to administer the sites, provide greater security, and fight vandalism; optimize mobile applications, customize content and set language preferences, test features to see what works, and improve performance; understand how users interact with the Wikimedia Sites, track and study use of various features, gain understanding about the demographics of the different Wikimedia Sites, and analyze trends.
Information We Collect
Depending on which technology we use, locally stored data may include text, Personal Information (like your IP address), and information about your use of the Wikimedia Sites (like your username or the time of your visit). See below for more information.
We use this information to make your experience with the Wikimedia Sites safer and better, to gain a greater understanding of user preferences and their interaction with the Wikimedia Sites, and to generally improve our services. We will never use third-party cookies, unless we get your permission to do so. If you ever come across a third-party data collection tool that has not been authorized by you (such as one that may have been mistakenly placed by another user or administrator), please report it to us at firstname.lastname@example.org.
More on Locally Stored Data
Want to know even more? You can read more about some of the specific cookies we use, when they expire, and what we use them for in our FAQ.
We believe this data collection helps improve your user experience, but you may remove or disable some or all locally stored data through your browser settings, depending on your browser. You can learn more about some options you have in our FAQ. While locally stored data may not be necessary to use our sites, some features will not function properly if you disable locally stored data.
While the examples above concerning information about you collected through the use of data collection tools are kept confidential in accordance with this Policy, please note that some information about the actions taken by your username is made publicly available through public logs alongside actions taken by other users. For example, a public log may include the date your account was created on a Wikimedia Site along with the dates that other accounts were created on a Wikimedia Site.
How We Use Information We Receive From You
We and our service providers use your information for the legitimate purpose of pursuing our charitable mission, including:
Operating the Wikimedia Sites, sharing your contributions and administering our Services.
We engage in these activities to manage our relationship with you, because we have a legitimate interest and/or to comply with our legal obligations.
Providing customized Services.
We will customize the Services, in some instances, with your consent; or in keeping with our legitimate interest.
Sending emails with news updates and communications about items we believe may be of interest to you.
We will send these types of emails to you only with your consent except as otherwise permitted by applicable law. We do not sell, rent, or use your email address to advertise third-party products or services to you. You can manage what kinds of notifications you receive and how often you receive them by going to your Notifications Preferences and User profile. You can learn more about email and notifications and how to change your preferences in our FAQ.
Sending optional surveys and requesting feedback.
We will always tell you, at the time we give you an opportunity to share your thoughts, how we plan on using your answers and any Personal Information you provide.
Your responses to our surveys and feedback requests are always optional. We will email these types of requests to you only with your consent except as otherwise permitted by applicable law. You can manage what kinds of notifications you receive and how often you receive them by going to your Notifications Preferences and User profile. You can learn more about email and notifications and how to change your preferences in our FAQ.
Improving the Wikimedia Sites and making your user experience safer and better.
We engage in these activities to further our legitimate interest and/or to comply with our legal obligations.
GPS & Other Location Technologies
As stated above, we can use commonly-used location technologies to show you more relevant content. For example, our mobile apps can identify articles from the Wikimedia sites about points of interest near your location. As a reminder, you can consent to and/or deactivate our access to these location technologies at any time for example through the native OS functionalities on your mobile device, and still use the Wikimedia Sites.
As stated above, we may automatically receive location data from your device. For example, if you upload a photo using the Wikimedia Commons mobile app, please be aware that the default setting on your mobile device typically results in the metadata associated with your photo being included in the upload. As a reminder, if you do not want metadata sent to us and made public at the time of your upload, please change your settings on your device.
When you visit any Wikimedia Site, we automatically receive the IP address of the device (or your proxy server) you are using to access the Internet, which could be used to infer your geographical location. We keep IP addresses confidential, except as provided in this Policy. If you are visiting Wikimedia Sites with your mobile device, we may use your IP address to provide anonymized or aggregated information to service providers regarding the volume of usage in certain areas.
We use this location information to make your experience with the Wikimedia Sites safer and better, to gain a greater understanding of user preferences and their interaction with the Wikimedia Sites, and to generally improve our services. For example, we use this information to provide greater security, optimize mobile applications, and learn how to expand and better support Wikimedia communities. We also use Personal Information in the manner described in the sections of this Policy titled "For Legal Reasons" and "To Protect You, Ourselves & Others."
With Your Permission
We share your Personal Information for a particular purpose, if you agree. For example, if you receive a scholarship and we ask permission to share your Personal Information with a local chapter. You can find more information in the list of examples in our FAQ.
For Legal Reasons
We will access, use, preserve, and/or disclose your Personal Information if we reasonably believe it necessary to satisfy a valid and legally enforceable warrant, subpoena, court order, law or regulation, or other judicial or administrative order. However, if we believe that a particular request for disclosure of a user's information is legally invalid or an abuse of the legal system and the affected user does not intend to oppose the disclosure themselves, we will try our best to fight it. We are committed to notifying you via email at least ten (10) calendar days, when possible, before we disclose your Personal Information in response to a legal demand. However, we may only provide notice if we are not legally restrained from contacting you, there is no credible threat to life or limb that is created or increased by disclosing the request, and you have provided us with an email address.
For more information, see our Subpoena FAQ.
If the Organization is Transferred (Really Unlikely!)
To Protect You, Ourselves & Others
Wikimedia Sites are collaborative, with users writing most of the policies and selecting from amongst themselves people to hold certain administrative rights. These rights may include access to limited amounts of otherwise nonpublic information about recent contributions and activity by other users. They use this access to help protect against vandalism and abuse, fight harassment of other users, and generally try to minimize disruptive behavior on the Wikimedia Sites. These various user-selected administrative groups have their own privacy and confidentiality guidelines, but all such groups are supposed to agree to follow our Access to nonpublic personal data policy. These user-selected administrative groups are accountable to other users through checks and balances: users are selected through a community-driven process and overseen by their peers through a logged history of their actions. However, the legal names of these users are not known to the Wikimedia Foundation.
We hope that this never comes up, but we may disclose your Personal Information if we believe that it's reasonably necessary to prevent imminent and serious bodily harm or death to a person, or to protect our organization, employees, contractors, users, or the public. We may also disclose your Personal Information if we reasonably believe it necessary to detect, prevent, or otherwise assess and address potential spam, malware, fraud, abuse, unlawful activity, and security or technical concerns. (Check out the list of examples in our FAQ for more information.)
To Our Service Providers
We use third-party service providers or contractors to help run or improve the Wikimedia Sites for you and other users. We give access to your Personal Information to these providers or contractors as needed to perform their services for us or to use their tools and services. We put requirements, such as confidentiality agreements, in place to help ensure that these service providers treat your Personal Information consistently with, and no less protective of your privacy than, the principles of this Policy. For further information, please see our FAQ.
If you are visiting Wikimedia Sites with your mobile device, we use your IP address to provide anonymized or aggregated information to service providers regarding the volume of usage in certain areas.
Some of our service providers ask us to post links to their privacy policies; a list of these service providers and links to their policies can be found on this page.
To Understand & Experiment
The open-source software that powers the Wikimedia Sites depends on the contributions of volunteer software developers, who spend time writing and testing code to help it improve and evolve with our users' needs. To facilitate their work, we give some developers limited access to systems that contain your Personal Information, but only as reasonably necessary for them to develop and contribute to the Wikimedia Sites.
Similarly, we share non-Personal Information or aggregated information with researchers, scholars, academics, and other interested third parties who wish to study the Wikimedia Sites. Sharing this Personal Information helps them understand usage, viewing, and demographics statistics and patterns. They then can share their findings with us and our users so that we can all better understand and improve the Wikimedia Sites.
When we give access to Personal Information to third-party developers or researchers, we put requirements, such as reasonable technical and contractual protections, in place to help ensure that these service providers treat your Personal Information consistently with the principles of this Policy and in accordance with our instructions. If these developers or researchers later publish their work or findings, we ask that they not disclose your Personal Information. Please note that, despite the obligations we impose on developers and researchers, we cannot guarantee that they will abide by our agreement, nor do we guarantee that we will regularly screen or audit their projects. (You can learn more about re-identification in our FAQ.)
Because You Made It Public
Any information you post publicly on the Wikimedia Sites is just that – public. For example, if you put your mailing address on your talk page, that is public, and not specifically protected by this Policy. And if you edit without registering or logging into your account, your IP address will be seen publicly. Please think carefully about your desired level of privacy before you disclose Personal Information on your user page or elsewhere.
How Do We Protect Your Personal Information?
We strive to protect your Personal Information from unauthorized access, use, or disclosure. We use a variety of physical and technical measures, policies, and procedures (such as access control procedures, network firewalls, and physical security) designed to protect our systems and your Personal Information. Unfortunately, there's no such thing as completely secure data transmission or storage, so we can't guarantee that our security will not be breached (by technical measures or through violation of our policies and procedures).
We will never ask for your password by email (but may send you a temporary password via email if you have requested a password reset). If you ever receive an email that requests your password, please let us know by sending it to email@example.com, so we can investigate the source of the email.
How Long Do We Keep Your Data?
Once we receive Personal Information from you, we keep it for the shortest possible time that is consistent with the maintenance, understanding, and improvement of the Wikimedia Sites, and our obligations under applicable law. In most instances, Personal Information is deleted, aggregated or de-identified after 90 days. Non-Personal Information may be retained indefinitely as appropriate. (Check out the list of examples in our FAQ.)
Please remember that when you make a contribution to any Wikimedia Site, the page history will show when your contribution was made, your username (if you are signed in), or your IP address (if you edit while not logged in). The transparency of the projects' contribution and revision histories is critical to their efficacy and trustworthiness. To learn more about our data retention practices, see our data retention guidelines.
For information about how you may request removal of your Personal Information, or other rights you may have with respect to your Personal Information, see our FAQ. If you would like to request to access, update or restrict/object to the processing of Personal Information, or receive a copy of your Personal Information for purposes of transmitting it to another organization, you may Contact Us. We will respond to your request consistent with applicable law.
Please note also that you may be able to exercise some of these rights without our intervention. For example, if you are a registered user, you can access and update some Personal Information in your Preferences, as well as download your user account data. You may also manage what kinds of notifications you receive and how often you receive them by going to your Notifications Preferences.
Where is the Foundation & What Does That Mean for Me?
Our Response to Do Not Track (DNT) signals
For more information regarding Do Not Track signals and how we handle them, please visit our FAQ.
- In the event of substantial changes, we will provide the proposed changes to our users in at least three (3) languages (selected at our discretion) for an open comment period lasting at least thirty (30) calendar days. Prior to the start of any comment period, we will provide notice of such changes and the opportunity to comment via the Wikimedia Sites, and via a notification on WikimediaAnnounce-L or a similar mailing list.
- For minor changes, such as grammatical fixes, administrative or legal changes, or corrections of inaccurate statements, we will post the changes and, when possible, provide at least three (3) calendar days' prior notice via WikimediaAnnounce-L or similar mailing list.
- Bird & Bird GDPR Representative Ireland
- 29 Earlsfort Terrace
- Dublin 2
- D02 AY28
- Main point of contact: Vincent Rezzouk-Hammachi
If you are an individual located in the United Kingdom, and have questions about your personal data or would like to request to access, update, or delete it, you may contact our representative via email at UKrepresentative.Wikimedia@twobirds.com, or via mail at:
- Bird & Bird GDPR Representative Services UK
- 12 New Fetter Lane
- EC4A 1JP
- United Kingdom
- Main point of contact: Vincent Rezzouk-Hammachi
Our European Economic Area and United Kingdom Representative can only be contacted for queries in relation to data protection.
Depending on your jurisdiction, you also may have the right to lodge a complaint with a supervisory authority competent for your country or region.
This version was approved by Amanda Keton on June 7, 2021, pursuant to the Delegation of policy-making authority by the Board, and went into effect on June 25, 2021. Previous versions can be found below: