docs: update privacy

This commit is contained in:
_Bastler 2021-09-28 10:51:22 +02:00 committed by John Smith
parent 3cb951eb85
commit 3ca6110fba

View File

@ -2,7 +2,7 @@
title: Privacy Policy title: Privacy Policy
description: description:
published: true published: true
date: 2021-09-05T10:21:46.381Z date: 2021-09-28T08:51:20.577Z
tags: tags:
editor: markdown editor: markdown
dateCreated: 2021-09-03T07:41:23.648Z dateCreated: 2021-09-03T07:41:23.648Z
@ -38,6 +38,13 @@ In addition to your central account data, your permissions and the expiration da
Optionally, you can create additional profile data with adjustable visibility (*Private*, *Protected* and *Public*) for your account. Private profile fields are only visible to you, protected ones are also visible to other users and public ones are also visible to third parties. Optionally, you can create additional profile data with adjustable visibility (*Private*, *Protected* and *Public*) for your account. Private profile fields are only visible to you, protected ones are also visible to other users and public ones are also visible to third parties.
## Nextcloud <a name="nextcloud" id="nextcloud"></a>
Of course, how sensitive the data in the *Nextcloud* is depends only on your use. The service itself does not provide any data other than your account data (only username and voluntary profile data). Since only content created by users is stored here, it depends on what you upload, publish and write. The data is automatically stored encrypted, but it is only server-side encryption, so you can continue to share the data with others.
However, *Nextcloud* also offers its own *end-to-end* encryption (*E2EE*) in the current versions. Of course, you are free to use them for sensitive data, so that no one else can access these files. Note however, that these files are then no longer accessible in the browser and cannot be shared. In addition, the *E2EE* only applies to files and not to other data such as contacts, calendars or the like, so the recommendation is to always think about what data you are currently creating and how sensitive it is.
Since *Nextcloud* also serves as the basis for some community functions, your account data will be shared with all other users. However, you are also free to share other data such as files, calendars, etc. with other users.
## Email <a name="mail" id="mail"></a> ## Email <a name="mail" id="mail"></a>
Currently, the e-mails are stored on the server as they arrive. Since this requires some disadvantages and unnecessary trust, a solution is being worked on to automatically encrypt all emails with your *public key*. This gives you the assurance that only you can decrypt the emails. However, this also means that you'll need to set up all your email clients for decryption. Of course, we will publish detailed instructions when the time comes and probably also offer an *opt-out* if you want to do without this function. Currently, the e-mails are stored on the server as they arrive. Since this requires some disadvantages and unnecessary trust, a solution is being worked on to automatically encrypt all emails with your *public key*. This gives you the assurance that only you can decrypt the emails. However, this also means that you'll need to set up all your email clients for decryption. Of course, we will publish detailed instructions when the time comes and probably also offer an *opt-out* if you want to do without this function.
@ -48,12 +55,9 @@ Your *we.bstly* account data will be used for authentication. Note that enabling
As a password manager, Vaultwarden stores highly sensitive data. However, these are all encrypted with your master password which is only stored hashed on the server. The strength of your master password is also crucial for the security of this data. In addition to the actual passwords, data such as associated user name, URLs of the websites or user-defined fields and notes are also stored. However, decryption of this data is only possible with the master password. As a password manager, Vaultwarden stores highly sensitive data. However, these are all encrypted with your master password which is only stored hashed on the server. The strength of your master password is also crucial for the security of this data. In addition to the actual passwords, data such as associated user name, URLs of the websites or user-defined fields and notes are also stored. However, decryption of this data is only possible with the master password.
## Nextcloud <a name="nextcloud" id="nextcloud"></a> ## Partey <a name="partey" id="partey"></a>
Of course, how sensitive the data in the *Nextcloud* is depends only on your use. The service itself does not provide any data other than your account data (only username and voluntary profile data). Since only content created by users is stored here, it depends on what you upload, publish and write. The data is automatically stored encrypted, but it is only server-side encryption, so you can continue to share the data with others. No data is stored in our *virtual clubhouse*. Nevertheless, the transmission of your video and audio data affects a highly sensitive area. As mentioned, this data is not persisted by us, but it is not technically excluded that other users may illegally make recordings. If you are aware of any violations, please contact us urgently. As a first point of contact, there is our page with [help offers](/en/help).
However, *Nextcloud* also offers its own *end-to-end* encryption (*E2EE*) in the current versions. Of course, you are free to use them for sensitive data, so that no one else can access these files. Note however, that these files are then no longer accessible in the browser and cannot be shared. In addition, the *E2EE* only applies to files and not to other data such as contacts, calendars or the like, so the recommendation is to always think about what data you are currently creating and how sensitive it is.
Since *Nextcloud* also serves as the basis for some community functions, your account data will be shared with all other users. However, you are also free to share other data such as files, calendars, etc. with other users.
## Matrix <a name="matrix" id="matrix"></a> ## Matrix <a name="matrix" id="matrix"></a>
@ -63,10 +67,6 @@ In addition to your chat messages, your room memberships are also stored for the
Please also note that *Matrix* is a decentralized network similar to e-mail communication. This means that you have the opportunity to communicate with users from other providers, but you also transfer data including your messages to these servers. Please also note that *Matrix* is a decentralized network similar to e-mail communication. This means that you have the opportunity to communicate with users from other providers, but you also transfer data including your messages to these servers.
## Partey <a name="partey" id="partey"></a>
No data is stored in our *virtual clubhouse*. Nevertheless, the transmission of your video and audio data affects a highly sensitive area. As mentioned, this data is not persisted by us, but it is not technically excluded that other users may illegally make recordings. If you are aware of any violations, please contact us urgently. As a first point of contact, there is our page with [help offers](/en/help).
## Jitsi-Meet <a name="jitsi" id="jitsi"></a> ## Jitsi-Meet <a name="jitsi" id="jitsi"></a>
In our *Jitsi-Meet* rooms, the same applies as for our *virtual clubhouse*. No data is stored about you, but you should be aware that you are transmitting sensitive video and audio data to other users in real time. In our *Jitsi-Meet* rooms, the same applies as for our *virtual clubhouse*. No data is stored about you, but you should be aware that you are transmitting sensitive video and audio data to other users in real time.
@ -77,10 +77,22 @@ Important note: PeerTube has a P2P feature, which means that you automatically m
The service itself only stores your username and a few personal settings and channels. Otherwise, of course, the videos you upload will be stored and, depending on the settings, made available to other users or to the public. The same goes for your livestreams. The service itself only stores your username and a few personal settings and channels. Otherwise, of course, the videos you upload will be stored and, depending on the settings, made available to other users or to the public. The same goes for your livestreams.
## PrivateBin <a name="privatebin" id="privatebin"></a>
Since PrivateBin uses a client-side *end-to-end* encryption NO personal data is stored.
## Minetest <a name="minetest" id="minetest"></a>
The only personal data stored ara your username and a password hash. Of course as Minetest is an online-multiplayer game with a persistant world all your in-game changes and actions are stored on the server.
## Wiki.js <a name="wiki" id="wiki"></a> ## Wiki.js <a name="wiki" id="wiki"></a>
In general, no personal data is collected in our *Wiki*. Only your *we.bstly* username and e-mail address will be transferred to your account. In general, all texts you write are public and linked to your username. In addition, there is a comment function. However, this is only accessible to other users and not public. In general, no personal data is collected in our *Wiki*. Only your *we.bstly* username and e-mail address will be transferred to your account. In general, all texts you write are public and linked to your username. In addition, there is a comment function. However, this is only accessible to other users and not public.
## Urlshortener <a name="urlshortener" id="urlshortener"></a>
Of course every data added to the Urlshortener is stored. If a password is set only the hash of it is stored.
## Gitea <a name="gitea" id="gitea"></a> ## Gitea <a name="gitea" id="gitea"></a>
Similar to *Nextcloud*, only your username and a few personal settings are stored by the service itself. How sensitive the data in your *Git* repositories is and who can access it depends entirely on you. So pay attention to which files you upload and whether your repository is also publicly accessible. Since repositories often contain source code including configuration files, we would like to remind you not to accidentally load sensitive information such as passwords, *API keys* or *private keys* into your repository. On public repositories, your changes, issues, comments and account are of course also public! Similar to *Nextcloud*, only your username and a few personal settings are stored by the service itself. How sensitive the data in your *Git* repositories is and who can access it depends entirely on you. So pay attention to which files you upload and whether your repository is also publicly accessible. Since repositories often contain source code including configuration files, we would like to remind you not to accidentally load sensitive information such as passwords, *API keys* or *private keys* into your repository. On public repositories, your changes, issues, comments and account are of course also public!