In the terms of service, the Stumbleupon website describes how the “servers may maintain such information for archival or legal purposes” and that they are not “liable for any of your information”.
Interesting verbiage from Stumbleupon include:
“When you enter any information (including Personal Information) into any postings or comments, we may collect this information, which may be available to some, a subgroup of, or even all Users of the Services.”
Stumbleupon goes on to tell us they will use our information to give us a better experience by using our interactions and information we input throughout the website, processing it, and giving us links to other stuff on the website and ads based on the findings. It works similar to how facebook ads and recommendations work. But they do collect more than what you think.
“Log Data may include information such as your computer’s IP (Internet Protocol) address, your mobile device identifier, the geographic location of the IP address you are using to access the Internet, browser type, operating system (including identifying whether you are connecting via a mobile device), the time of day of your access, your general physical location or your more specific location if you are connecting through your mobile device, and the website that you visited immediately prior to StumbleUpon.”
“You may email us here with a request that we delete your Personal Information from our database. We may retain an archived copy of your records as required by law or for legitimate business purposes.”
Stumbleupon makes it pretty obvious to users when it comes to a breach of security on the site, “You should be aware that while we take reasonable measures to maintain the security of your Personal Information, we are not able to fully eliminate all security risks or potential breaches.” They basically tell you that they know a breach is going to come, and when it does, they can’t guarantee you privacy.