Our privacy policy below explains what data we collect about you, why we collect it, and how we use it.
Cookies
We may store the following cookies on your computer…
Name
Category
Reason
__Host-composrapp_session
ESSENTIAL
Identifies your session so that we temporarily can uniquely link your requests together (deleted when your web browser is closed)
__Secure-composrapp_member_hash
PERSONALIZATION
The "remember me" feature for passwords; this cookie stores a password hash to automatically log the member in
__Secure-composrapp_member_id
PERSONALIZATION
The "remember me" feature for passwords; this cookie stores the member ID
__Secure-composrapp_member_id_invisible
PERSONALIZATION
Whether you logged in into invisible mode
buildr_hide_actions
PERSONALIZATION
Remembers whether you want to hide actions on the Buildr screen
buildr_hide_additions
PERSONALIZATION
Remembers whether you want to hide additions on the Buildr screen
buildr_hide_mods
PERSONALIZATION
Remembers whether you want to hide modifications on the Buildr screen
cc_cookie
ESSENTIAL
Contains URL-encoded JSON remembering what settings you selected in the Cookie Consent notice. The site uses this to determine which features and cookies to enable / disable (all disabled by default until this cookie exists).
cms_autosave_*
NON-ESSENTIAL
Auto-save remembers what you filled out in forms you did not submit (in case of errors or accidental navigation away from the page). This data is stored in localStorage. And cookies are used to reference the existence of this data.
commandr_*
PERSONALIZATION
Your current Commandr system environment (if you have access)
feed_*
PERSONALIZATION
Feeds you have overlaid over your calendar
font_size
PERSONALIZATION
To remember your font size choice
has_cookies
ESSENTIAL
To detect whether cookies are supported on your device, so we know whether to enable/disable features that need it
hide*
PERSONALIZATION
Remembers which items have been expanded/collapsed
hybridauth
ESSENTIAL
Session cookie for maintaining your log-in through a third-party account (via Hybridauth).
last_chat_msg_*
NON-ESSENTIAL
Your most recent non-posted message in a chatroom, so we can prevent data loss if you accidentally reload the page
last_visit
NON-ESSENTIAL
When you visited the website last, used for tracking what content is new
og_*
PERSONALIZATION
Remembers which overlay windows have been dismissed
software_chat_prefs
PERSONALIZATION
Chatroom display preferences
tray_*
PERSONALIZATION
Remembers which tray items have been enabled/disabled
While users maintain responsibility for their own data (including damages resulting from a data breach), Composr CMS: Your Data, Your Privacy, Your Control will immediately execute the following procedure in the event of a breach being made aware through a credible source:
Reactive Mitigation: we may temporarily increase the strictness of firewalls / security systems, lock down administrative accounts or the ability to upload files, lock down all authorization (log-in) methods all-together, or take the site offline, depending on the perceived severity. This will typically last until proactive mitigation has been taken.
Analysis: We will analyze and investigate the scope and severity of the data breach including identifying unauthorized access or use of personal information.
Proactive Mitigation: Once we have a clear picture of what happened, we will take proactive mitigation as we deem fit. This could include resetting member passwords, banning rogue members and IP addresses, reverting changes or applying patches to software or services, rolling back the site to a stable backup / checkpoint, and/or reporting the breach to law enforcement authorities for additional investigation and prosecution.
Communication: Once the above steps have been finished, we will communicate the data breach to all members of Composr CMS: Your Data, Your Privacy, Your Control via e-mail (except those who explicitly un-subscribed from e-mails) and via a news article on the site. We will explain what happened, what areas and data were affected, what Composr CMS: Your Data, Your Privacy, Your Control has done to mitigate the breach and prevent it in the future, and what members should do to protect themselves.
General
We include a mechanism allowing users to unsubscribe from all e-mails sent by our website software. A 'List-Unsubscribe' header is sent in every e-mail delivered from our website, as-is an unsubscribe link in the body of every e-mail. Note that these tools only unsubscribe users from e-mails sent through our website. They do not include other facilities (e.g. direct e-mails from staff or e-mails sent from other software or services).
Action
Reason
We may occasionally send bulk e-mails about Composr CMS: Your Data, Your Privacy, Your Control, or matters relating to content management systems to our members. We will not send bulk e-mails or allow others to send bulk e-mails, which we believe would be considered spam.
To keep you informed, and for sales/marketing activity.
We do not have any special handling of the "Do Not Track" header.
We do not track individual users for advertising purposes, although third-party services we rely on for unrelated functionality may do so.
Information disclosure
We will not share private details other than what can be seen in your forum profile and content submission, unless for a reason covered in this policy, or legally required to do so.
Action
Reason
Your online status may be shown publicly. Additionally, your last activity time will be shown publicly.
Online status helps foster community communication.
Some of the information you submitted with your account profile will be displayed publicly. This will not include information that many would consider confidential, but rather basic details such as your Username.
This is fundamental to the social networking capabilities of this website.
The staff reserve the right to read any Private Topics and posts placed on this website. Any form of conversation made through this website should be considered viewable by staff. All private-posts and posts, unless deleted by specific request, are stored on the server.
Information may be reviewed if we feel we have cause for an investigation. Situations involving investigations can be anything at our discretion, for example, to investigate specific incidents of our services being used in violation of our rules.
Information disclosure (eCommerce transactions)
Action
Reason
Address and order data will be sent to PayPal at checkout.
For PayPal to correctly take and process your payment for Composr CMS: Your Data, Your Privacy, Your Control.
If you believe data we hold is incorrect and you cannot amend this yourself, you can contact us to request that we make corrections.
Contact us if you want a copy of all the personal data we have stored on you. We can locate your data by username, e-mail address, IP address, or member ID – specify all that you have so we can maximize deletion. Raw server logs will generally not be included, unless you specifically request it.
Contact us if you wish to have personal data deleted/anonymised from our database. We can delete/anonymise data by username, e-mail address, IP address, or member ID – specify all that you have so we can maximize deletion.
Exceptions:
Some raw log data, or data in backups, will remain with us until it is automatically deleted.
Editorial data, such as content you've submitted, will not be deleted as standard – but you may request that we delete/alter particular content if you specifically identify it.
Logged security incidents, or bans, from/on your personal data, will generally not be cleared unless there is what we consider a good reason. This is to enforce security across the entire site and our server.
Pending transactions with you, such as outstanding invoices or non-delivered orders, or records of your ongoing earned benefits, will generally not be cleared unless there is what we consider a good reason.
Action
Reason
User metadata is logged by Composr when website activity happens. Metadata may include dates/time, IP address, web browser name, operating system, and account IDs. This data is post-processed permanently into the site's statistics system (stripping personally identifying information) hourly, and the metadata logs deleted after 90 days.
So we can track errors, audit user behavior for security and stability, make site and marketing decisions, and to generally help us maintain a good user experience.
Information entered manually into the system, or explicitly authorized, will typically be retained – although you may request removal.
This information is key to either material published on the website, or the integrity of user accounts.
IP addresses that have been banned will be permanently stored, as will data about suspicious activity.
We need to be able to permanently ban IP addresses which appear to be abusing our systems.
Use of the shopping cart may cause non-logged-in-user's sessions to stick around for a longer than normal period of time.
To keep the contents of the shopping cart from being lost.
Information transfer
Action
Reason
IP addresses, e-mail address, and usernames, may be checked against the Stop Forum Spam web service, which involves these details being transmitted within a service request. If spam activity is detected then the same details may be reported to the service, and used by the service to produce blocks on other websites.
To reduce spam.
IP addresses, e-mail address, and usernames, may be checked against the Tornevall web service, which involves these details being transmitted within a service request. If spam activity is detected then the same details may be reported to the service, and used by the service to produce blocks on other websites.
To reduce spam.
IP addresses may be checked against multiple block lists, which involves these details being transmitted within a service request.
To reduce spam.
Web traffic coming to and from Composr CMS: Your Data, Your Privacy, Your Control may be proxied through the Cloudflare web service. Please see the Cloudflare Privacy Policy.
Cloudflare may be used for improving the security and performance of the site and web servers.
We may use external services to probe IP addresses for geographical location, and for Internet Service Provider names, and other assorted metadata, which may allow the third-party IP-data companies to see what websites you have been active on. Tracking by the companies is not known or intended, but we cannot guarantee it is not happening.
For us to learn more about users for marketing, security, and relationship purposes.
We embed web code from third-party companies. Tracking by the companies is not known or intended, but we cannot guarantee it is not happening.
Web code may be used for many purposes such as displaying non-default fonts or providing interactive page functionality
Social networks such as Facebook and Twitter may track your page views.
Code from these networks embedded so you can easily share content onto social networks, and in some cases see how many shares have already been made.
Parental controls
Action
Reason
Upon registration, members are required to fill in their Date of Birth, and we will maintain this for our records.
To facilitate enforcement of child privacy laws through our parental controls.
Upon registration, members are required to fill in, and keep up-to-date, their time zone, and we will maintain this for our records.
To facilitate enforcement of child privacy laws through our parental controls.
Upon registration, members are required to fill in, and keep up-to-date, their region, and we will maintain this for our records.
To facilitate enforcement of child privacy laws through our parental controls.
Parental Controls - Age Lockout
Members under a certain age will not be allowed to use our site until they are of age to do so. When a member under the age registers an account, they will not be able to log in / use the account until they are old enough to do so.
Members under the age of 15 cannot use our site if they are in the following regions: France. This is governed by French law, including Loi n 2023-566, regarding digital majority and online safety.
Members under the age of 16 cannot use our site if they are in the following regions: Ireland. This is governed by the Data Protection Act 2018 (as modified by GDPR).
Members under the age of 16 cannot use our site if they are in the following regions: Australia. This is guided by the Online Safety Act 2021.
Members under the age of 14 cannot use our site if they are in the following regions: United States >> Florida. This is governed by Florida House Bill 3 (2024) concerning online protections for minors.
Parental Controls - Consent
Members under a certain age will be required to get parental consent before they can register for and use an account on our site. Members who require parental consent will be e-mailed a form which must be filled out by a parent or legal guardian. The form will include our contact information at which to submit the completed form. Until our staff confirm parental consent has been received, or until the member reaches the minimum age, they will not be able to log in to their account. When we receive the form, it will be maintained for our records in the event of legal necessity until deemed no-longer necessary (e.g. the member is no-longer using our services or the parent/guardian requested a purge of all data).
Members under the age of 16 must get parental consent if they are located in any of these countries / regions: United States >> Florida. This is governed by Florida House Bill 3 (2024) concerning online protections for minors.
Members under the age of 18 must get parental consent if they are located in any of these countries / regions: United States >> Arkansas. This is governed by the Arkansas Social Media Safety Act (Act 689).
Members under the age of 18 must get parental consent if they are located in any of these countries / regions: United States >> Louisiana. This is governed by Louisiana House Bill 61 concerning online access for minors.
Members under the age of 18 must get parental consent if they are located in any of these countries / regions: United States >> Texas. This is governed by Texas House Bill 18 relating to the protection of minors from harmful content on digital services.
Members under the age of 18 must get parental consent if they are located in any of these countries / regions: United States >> Mississippi. This is governed by the Walker Montgomery Protecting Children Online Act in Mississippi.
Members under the age of 16 must get parental consent if they are located in any of these countries / regions: New Zealand. This is governed by the Privacy Act 2020.
Members under the age of 13 must get parental consent if they are located in any of these countries / regions: United States. This is governed by the Children's Online Privacy Protection Act (COPPA).
Members under the age of 13 must get parental consent if they are located in any of these countries / regions: Canada. This is governed by the Personal Information Protection and Electronic Documents Act (PIPEDA).
Members under the age of 16 must get parental consent if they are located in any of these countries / regions: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czechia, Denmark, Estonia, Finland, Germany, Greece, Hungary, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Iceland. This is governed by the General Data Protection Regulation (GDPR).
Members under the age of 16 must get parental consent if they are located in any of these countries / regions: United Kingdom. This is governed by UK data protection laws, including the UK GDPR, and principles from the Online Safety Act 2023.
Members under the age of 16 must get parental consent if they are located in any of these countries / regions: Brazil. This is governed by the Brazilian General Data Protection Law (LGPD).
Members under the age of 18 must get parental consent if they are located in any of these countries / regions: Japan. This is governed by the Act on the Protection of Personal Information (APPI).
Members under the age of 18 must get parental consent if they are located in any of these countries / regions: India. This is governed by the Digital Personal Data Protection Act, 2023.
Members under the age of 14 must get parental consent if they are located in any of these countries / regions: Korea, Republic of. This is governed by the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. (ICT Network Act).
As a default, members under the age of 13 must get parental consent.
Contact Us
For any privacy questions, concerns, or requests (such as to download, anonymise, or delete your data), you may:
Mail us: PDStig, LLC
1417 Cimarron Cir
Fairborn, OH 45324
This policy was last revised on 3rd Dec 2025, 6:16 AM. Material changes to this policy will be posted as a news update to Composr CMS: Your Data, Your Privacy, Your Control.
