The following policies apply to the Portier authentication service available at https://broker.portier.io, which allows websites to verify users' email addresses.
Portier is a volunteer-run service provided "as is," without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose, noninfringement, or that the service is free of defects.
We make no guarantees as to the service's reliability, availability, stability, or security.
Organizations that need assurances of stability and availability are encouraged to run their own instance of this service.
When using the Portier service to sign into a website, your email address and that website's URL will be transmitted to the service.
Your email address and target website URL will not intentionally be disclosed to third parties, except as necessary to facilitate address verification, website sign-in, or operational monitoring of the service.
For example:
-
We must disclose your email address to the website you're signing into so it can complete the sign-in process.
-
We must either send you an email that includes the website URL you're signing into, or we must disclose your email address to a federated service (e.g., Google Sign-In for Gmail users) so we can verify your access to that email address.
-
We may log interactions with the Portier service in order to measure latency, error rates, implement request limits, or similar. These logs may be stored in a database or log aggregation service hosted by a third party.
Your email address, target website URL, IP address, browser headers, and similar information may incidentally appear in logs kept by our upstream service providers. We do not separately retain these logs.