-We don’t collect personal data about you. No telemetry, no trackers, no profiling. The only “analytics” we ship is an optional poke-nginx-analytics script for server admins — and it runs locally, never phones home, and just reads your own logs. Because Poke is free software, you can check the source, self-host, and audit everything yourself.
+ We don’t collect any data about you. No telemetry, no trackers! Because Poke is free software, you can also check the source and self-host.
Instance: poketube.fun
- Version date:
+ Version date:
- What’s New — Policy Updates
- October 3, 2025
+ What’s New — Policy Update
+ September 28, 2025
- Added a section for our server-admin script poke-nginx-analytics. TL;DR: it’s local-only, read-only, and configurable for privacy (IP masking, bot filtering). Source code is linked.
+ We clarified how third-party requests work waaay better! Highlights:
- Welcome to Poke’s Privacy Policy. We don’t collect personal data about you, we don’t run telemetry, and we don’t track you around the web.
- The only “analytics” involved is an optional poke-nginx-analytics script for server operators, which runs locally on their own machines,
- never phones home, and only summarizes their own access logs.
- Poke is free software you can read, remix, and run yourself.
-
-
Not legal advice lol
-
-
-
-
TL;DR
-
-
-
-
No personal data collected. nothing about you is stored.
-
No telemetry. We don’t phone home.
-
No third-party trackers. Yippe!!
-
YouTube can’t see what you watch here. It’s all done on the backend.
-
-
-
-
-
Poke Account: no email required, no personal info needed.
-
Poke Maps: uses OpenStreetMap data; tile servers have their own privacy rules.
-
Optional server admin tool:poke-nginx-analytics is local-only, read-only, and never sends data anywhere.
-
No required cookies. Preferences (like theme or layout) may live in local storage on your device.
-
-
-
-
+
+
+
Preamble
+
+ Welcome to Poke’s Privacy Policy. We don’t collect data about you and we don’t run telemetry. Poke is free software you can read, remix, and run yourself.
+
+
Not legal advice lol
+
+
+
+
+
TL;DR
+
+
+
+
No data collected. at all!!
+
No telemetry. We don’t phone home.
+
No third-party trackers. Yippe!!
+
YouTube can’t see what you watch here. Its all done on the backend.
+
+
+
+
+
Poke Account: no email required, no personal info needed.
+
Poke Maps: uses OpenStreetMap data; map tiles/attribution may have separate privacy rules depending on the tile server you use.
+
No required cookies. Preferences (like theme or layout) may live in local storage on your device.
the request is proxied through Poke’s backend - always!
+ (see source ).
+
Forecast data:
- open-meteo.com.
- Forecast queries are proxied through Poke’s backend so your browser never connects to Open-Meteo directly.
+ open-meteo.com.
+ Privacy: Open-Meteo Terms & Privacy.
+
+ Forecast queries are always proxied through Poke’s backend, so your browser never connects to Open-Meteo directly.
+ Only the necessary query parameters (latitude, longitude, units, etc.) are forwarded by the server.
+ see the source for this
+ here..
@@ -565,14 +576,16 @@
from (source language), to (target language), and text (the content you entered).
Your browser never connects to SimplyTranslate.org directly.
-
-
-
-
-
Third-Party Requests & Proxy
- Where external services are necessary (maps, weather, translation), Poke uses server-side proxying to avoid exposing your browser directly.
- We don’t inject trackers into proxied calls. External services have their own privacy terms that apply to those specific requests.
+ We rely on the community-run
+ SimplyTranslate service (a privacy-friendly
+ translation front-end). SimplyTranslate is a free software project: you can see the
+ source code and its
+ legal notice.
+ Our backend integration is handled in
+
+ Poke’s server code
+ .
@@ -580,7 +593,7 @@
API Logs Policy
- When you request any resource from the Poke API (for example: thumbnails, API endpoint) information about the request may be logged.
+ When you request any resource from the poke api (for example: thumbnails, API endpoint) information about the request may be logged.
- This website does not store the visitor’s user-agent and does not use fingerprinting, advertisements, or tracking of any form.
+ This website does not store the visitor’s user-agent or IP address and does not use fingerprinting, advertisements, or tracking of any form.
-
-
Server Admin Tool: poke-nginx-analytics
-
- We ship an optional, admin-side shell script to help operators understand IPv4/IPv6 traffic and status codes from their own servers’ Nginx access logs.
- It’s free software and lives here:
-
- backend-services/scripts/poke-nginx-analytics.sh
- .
-
-
-
- Privacy : the script is local-only and read-only. It makes no network requests, writes no files by default, and sends nothing anywhere. It just reads the log files you point it at and prints aggregate counts to your terminal.
-
-
-
What it reads from your logs
-
- The script parses standard Nginx access logs (including rotated .1 and compressed .gz) using the fields already present in your log format:
-
-
-
Client IP (first field) — used to tell IPv4 vs IPv6 and to compute counts/uniques; display can be masked via --anonip.
-
Timestamp (e.g., [02/Oct/2025:14:03:12 +0000]) — used for --date, --since, --until, and hourly breakdowns.
-
Status code (e.g., 200, 404, 502) — used for success/fail tallies and “top fail reasons.”
-
User-Agent (last quoted field) — only to optionally filter bots when --ignore-bots (or a custom --bot-regex) is used.
-
-
It does not collect any new data, fingerprint users, or correlate logs with other sources.
-
-
How it decides “success” vs “fail”
-
-
By default, “success” is the set 200,301,302,304.
-
You can override with --success-codes or a regex via --success-regex (e.g., ^(2..|3..)$). If both are provided, regex wins.
-
“Fail” is simply “not success.”
-
-
-
What it outputs (to your terminal)
-
-
Counts and percentages of IPv4 vs IPv6 for today (or a specified date/time window).
-
Success-only and fail-only views; an overall success rate with totals.
-
Hourly breakdown (v4/v6/total) and status-code breakdown for v4 or v6.
-
Unique IP counts for v4 and v6; if --anonip is set, displayed IPs are masked (IPv4 → /24; IPv6 → /64).
-
Top IPs (v4 or v6) with optional masking and bot filtering.
-
Top 5 failure reasons (status codes aggregated across v4+v6). Some common meanings:
-
500/502/503/504 — upstream/app issues or timeouts.
-
-
-
-
-
How it works (under the hood)
-
-
Expands your --file glob (default /var/log/nginx/access.log*), reads each file with cat/zcat.
-
Uses awk to:
-
-
Detect IPv4 vs IPv6 by regex.
-
Match the requested date and optional time window (--since/--until).
-
Classify success/fail via your codes or regex.
-
Optionally filter bots by User-Agent (--ignore-bots / --bot-regex).
-
Optionally anonymize IPs for display (--anonip).
-
Aggregate counts and print sorted summaries; shows “top fails” by frequency.
-
-
-
Handles rotated and .gz logs automatically.
-
Does not modify logs or your Nginx config.
-
-
-
What it does not do
-
-
No storage by default. Output is ephemeral in your terminal unless you redirect it (e.g., > report.txt).
-
No identification or profiling. It does not attempt to identify people; it just counts what’s already in your logs.
-
-
-
-
@@ -836,10 +773,9 @@ EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH D
if (!q) { e.preventDefault(); return; }
});
- // Dismissible privacy update (persists in localStorage)
const updateBox = document.getElementById('whats-new');
const dismissBtn = document.getElementById('dismissUpdate');
- const STORAGE_KEY = 'poke_privacy_update_2025_10_03_dismissed';
+ const STORAGE_KEY = 'poke_privacy_update_2025_09_17_dismissed';
try {
if (localStorage.getItem(STORAGE_KEY) === '1') {
updateBox && (updateBox.hidden = true);