Last Updated: 28th of May 2021
This page covers how we collect and use the information you enter at Talk.
TL;DR As a privacy-first product, we do not sell your data to third-parties or advertisers.
Talk, (us, we, our), operates the https://onecomments.com website and provides a commenting platform for websites.
Note: Talk signup information (user data) is collected at Talk Auth, please refer to Talk's main privacy page to see how we use your signup information. Your Talk account will be used at all the services at Talk including Talk.
When website owners add their website (example.com) to Talk, we will ask them for the following information.
All data related to websites, including comments and webpage data, will be deleted when deleting the website from the console.
For all the types of payments done when subscribing to paid plans, we use the secure service from paddle.com. Paddle works as our merchant of record, and it stores your credit card information, Paypal IDs, etc. for recurring payments.
When setting up Single sign-on, the data website owners provide (name, picture, and email) of the user will be saved in our database. The name and picture will be used in the comments. The email is only used to send email notifications to the user, and never displayed publicly.
The website owner can request us to delete all the SSO information at any time.
A client website is a website that uses Talk. The information we collect from those websites are minimal and listed here.
Talk does not place any tracking, advertising, affiliate, or any third-party codes on client websites. All of the above data is collected by our system.
When someone publishes a comment (guest, talk, or SSO) on a website, the current IP address of the user will be saved, and the moderators of the website can see it. It is commonly used to ban spammers by IP address.
We may collect information about how the Service is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time spent on those pages, and other diagnostic data.
These data will only be collected when using the following types of pages in Talk. We do not collect these data from our client websites when the website owner places the installation code on their website.
In the comments section, we use one cookie to save the login state of the user.
| Cookie Name | Cookie Usage |
|---|---|
| authsess | Used to save the login state across all subdomains of talk. This is set by auth.talk.com when logging in. |
| talksess | Used for all save session for OpenID Connect Single Sign-on |
Additionally, we save a token named talk_lst in local storage of your website as a fallback for web browsers that block third-party cookies. This is a short-lived, website-specific, ip-restricted, cryptographic token.
We use DigitalOcean, a third-party hosting provider, to host our services. Your information will be saved on our servers in Frankfurt, Germany. Even we own the database, website owners have the right to retain their data at any time.
We use HTTPS/TLS encryption to protect data transferred between you and our site. All of your data is stored safely on our databases and always backed up on external servers that we own. Therefore, we guarantee the safety of your stored data. However, the data transferred through the internet is not always completely safe. You are responsible for taking appropriate actions to secure your account.
We will let website owners know about their account, security, policy, and service updates through email. They can only unsubscribe from these emails by deleting their website from the console.
Non-administrative emails sent to website owners and commenters include the following.
You can unsubscribe from these emails anytime by visiting the "unsubscribe" or "change email settings" link at the bottom of each email.
All the service providers mentioned here are only used on our website (landing pages, console, etc.) and never added to your website or comments section.
We use Matomo Analytics, a privacy-first alternative to Google Analytics, for web analytics on our website. Matomo tracking code is added to our landing pages, blog, forum, and console. Matomo is only used to track and improve our product and marketing by analyzing referrals and conversion rates.
For more information, refer to Matomo's privacy policy.
We would like to help you and all the visitors of our website with questions as quickly as possible. For this purpose, we use the Tidio Chat from Tidio Ltd. (UK) and Tidio LLC (USA), which you can click at any time on the bottom right of each page and get in touch with us.
To use this chat, we have to integrate an external JavaScript into our page. This allows the service provider to access information that your browser reveals.
Tidio's privacy policy can be found here: https://www.tidiochat.com/en/privacy-policy
If you don't need this chat, we recommend the browser plugin Ghostery, which can block the Tidio chat.
Our order process is conducted by our online reseller Paddle.com. Paddle.com is the Merchant of Record for all our orders. Paddle provides all customer service inquiries and handles returns. Paddle is operated by Paddle.com Market Ltd., 15 Bermondsey Square, SE1 3UN London, United Kingdom, and Paddle Payments Ltd, Core B, Block 71, The Plaza, Park West, Dublin 12, Ireland.
Further information about handling user data can be found in Paddle's privacy policy at https://paddle.com/privacy.
We may update this privacy policy page from time to time. The last update time is shown at the top of this document. Any major updates to our privacy policy will be notified to all the users via email and through the website.