Found Footage DataBase
Login/Register

The Found Footage Database

Privacy Statement
1. Registering On The Site

You need to register on the site to be able to rate movies. This is done just to prevent fake-voting.

FFDB neither collects or stores anything about you, your web browser, IP address, device or any other sort of data other than a username and password and optionally the ID of the country you can choose to select to make sure the set countries streaming options (if available) are shown to you first by default. Make a note of your details as there is no username or password recovery service. Your username and password are stored in either an encrypted or hashed and salted format, making them unreadable by humans, so if you forget them, they're gone. FFDB recommend a good Password Manager.

2. Data Collection And Storage

As specified above, all that is collected and stored about you (should you choose to register) is a username and password and optionally a country ID code. If you rate a movie(s) then the fact you rated that movie is also stored against your username. If you just browse the site and never register then no data whatsoever is collected or stored about you.

FFDB makes no use of any tracking scripts, beacons, cookies (except temporary Session variables - see below), indexedDB, LocalStorage, Service Workers or any other kind of script that infringes on your privacy. FFDB doesn't know (or care) who you are, where you live, what sort of browser you use, what your IP address is, what device or operating system you use or anything about you. Session data (two variables - your login status and your unique ID number and an optionally set 3rd relating to the ID of the country a registered user can select) is persisted across the site whilst you are logged in. Once you close the browser, all variables set during that session are destroyed. Sessions are automatically destroyed after 24hrs and destroyed if you choose to logout (on the Profile page).

FFDB serves no adverts, endorsements or sponsored content of any kind.

So, because we don't collect or store any data about you or how you access or use this site, we can say that;

  • No information is shared with, sent to or sold to third-parties
  • No information is shared with advertising companies
  • No information is mined and harvested for personal and behavioural trends
  • No information is monetized
3. Codebase

FFDB is built with HTML, CSS, jQuery, PHP, MySQL (all hand-coded aside from the two CSS sheets mentioned below) and PNG images made by FFDB. The movie data is supplied by TMDB, OMDB and JustWatch (via TMDB) in the form of JSON objects. The only information that is sent to any API provider is an API key, an ID reference number to fetch the relevant type of movies and also an individual movie's ID reference number. No information is sent that refers to any user of this website whether they are logged in or not. All that is returned is data relevant to movies.

  • The HTML and CSS utilises the open source Skeleton boilerplate and an open source CSS reset stylesheet, Normalize.
  • FFDB uses the open source client-side Javascript library jQuery and two open source jQuery plugins, jQuery Modal and jQuery TWBS Pagination
  • Skeleton, Normalize, jQuery and the two jQuery plugins are hosted on this site, they are not included via a CDN.
  • The Ubuntu typeface is included via an open source privacy respecting CDN CoolLabs
  • FFDB uses the open source server-side language PHP
  • FFDB uses the open source database MySQL
  • All coding is done by hand using the open source editor Kate
  • All imagery (except movie posters, stills and company logos) was created by FFDB using the open source image editor GIMP
  • You can see the majority of the codebase by using the Inspector in your browser. The only part you can't see is the PHP code as this contains database connection strings, names, API keys etc which is clearly not a good thing to open source.
4. Privacy & Security

Here's the Blacklight scan results. Blacklight is a service that checks the privacy of a website's activity. They flag the site is capturing keystrokes in one field. The field is the 'Search' field which runs a database query when you type in it. This is the relevant line of code;
$("#search").on("keyup", function(e) {});
which you can see in your browsers inspector in the file 'search.js' if you choose to. What this code does is check what you type in the 'search' box against movies in the database, returning results as quickly as possible. It doesn't store anything you type.

Here's the URLVoid scan results. URLVoid is a service that checks websites for malware.

Here's the VirusTotal scan results. VirusTotal is a service that scans over 90 databases checking for viruses, malware, phishing scams etc.

Here are the SSL security results. SSL Labs is an online security testing service.

Privacy is a human right, inherent to all of us. We are being bought and sold to the highest bidder and all manner of governments. Read more from The Electronic Frontier Foundation and use the services and tools discussed at Privacy Guides.