6 KiB
+++ title = "Privacy" description = "Privacy Policy" date = "2023-12-03" disableComments = "true" aliases = ["privacy", "policy"] author = "rootdo.com" +++
This Privacy Policy applies to rootdo.com (.org .net) and all subdomains
Individual services hosted on their subdomains usually have their own Privacy Policies which will differ from this here. If that is the case, this Privacy Policy applies only to that particular service/subdomain and not itself. The policies may change at any time without prior notice (especially when new services are added or removed). No identifiable data is shared with any third party, unless initiated by the user, required for combating abuse, or operationally necessary. Some services require the use of cookies and/or local storage which are required to provide you with the service (such as remembering user preferences) and are not collected by anyone. None of the services use any kind of third-party cookies if not otherwise mentioned.
Data collected by the operator
- Proxy & Server access logs
- Access logs are set to discard. No logs are kept.
- IPs are checked with intrusion detection systems at service logs to prevent abuse.
- The only metrics that get viewed at, in real-time for troubleshooting are via netdata monitoring
- https://github.com/netdata/netdata locally on the server. No user data or logs are saved or kept. Container Services can be looked at in real-time to determine if some sort of abuse or attack is happening. IPs may be looked at in real-time.
Vaultwarden
- The entire service is End-to-end encrypted and therfore no data is visible to anyone but the user itself.
- Password hints are visible to the Server owner. Be aware of that when choosing to use this option.
- This Vaultwarden instance is self-hosted and not in any way an official service by Bitwarden or the Vaultwarden project.
- This Vaultwarden instance uses the Bitwarden Push Service for Push notifications. No sensible data or information is shared with Bitwarden. It is only used to make the Push service and sync work. ( https://bitwarden.com/host/ )
- Email registration and Informations are sent with an SMTP service ( https://www.smtp2go.com/ ) it is a well known service used by many big companies and developers. Reasoning is, that self-hosted SMTP servers very often get blacklisted by major Email services.
- The data is saved on an fully encrypted drive. Backups are made every hour and saved on a storage server and encrypted with rclone crypt before uploading it.
- The web service https://vault.rootdo.com is monitored by an intrusion prevention system. Abusing the service might lead to an auto ban of your IP.
PrivateBin & MicroBin
- Paste IDs are not collected in the access.log -Pasted contents, including attachments and comments, are encrypted and decrypted client-side (if used), so that only those who have the full URL may decrypt them. The encrypted contents are stored in a database controlled by the Operator according to the specific directives as given by the user.
- You can choose to not encrypt your pastes and text/files. It is strongly advised to do so though!
- Files are purged every 10 days
Send
- Send uses 128-bit AES-GCM encryption via the Web Crypto API to encrypt files in the browser before uploading them to the server. The code is in app/keychain.js
- https://github.com/timvisee/send/blob/master/docs/encryption.md
Pingvin Share
Files uploaded are not End-to-End encrypted by default. It is possible to set a password for every file shared, so it is no one can access the file without the correct password.- Files are attached to your created account.
Files uploaded are encrypted and stored with https://rclone.org/crypt
Miniflux
- Miniflux is a Feed/RSS Reader.
- You can request an account for it. There is no way to register with your own Email.
- You can login with your Google Account though, it will create a Miniflux account based on your Email attached to your Google account.
- This is called OIDC/OAuth2 ( https://auth0.com/docs/authenticate/protocols/openid-connect-protocol ).
- Please be aware that data might get shared with Google if you use this.
Third parties
- The main Server is hosted at Hetzner Online GmbH and is located in Falkenstein, Germany. Some services may use some sort of CDN to provide a better experience to those who are further away from the server. Information regarding abusive behaviour occuring on the Service may be shared with other parties in the interest of mutual protection.
- Storage-Server(s) are hosted at:
Data Encryption
- All data is encrypted with https://rclone.org/crypt before it is uploaded to any Storage-Server.
- Storage servers used:
- Hetzner Storage
- Backblaze B2/S3 Storage
- Wasabi S3 Storage
Cookies
- Based on Art. 6 Abs. 1 lit. f DSGVO/GDPR this site uses cookies. These are little textfiles stored by your browser, that are harmless to your computer. These cookies are not used to track any user and are only used as Session-Cookies and/or for essential features like language or site-features such as dark/light mode. ( § 15 TMG )
Deletion of your data
- Based on Art. 17 und 18 DSGVO we do not store or process data more than sincerely needed. Deletion usually happens automated or manually unless we are required by law to furtherly store it.
Your Rights
- Based on active law, you are in the right to get free information about personal data and how it is used or where it came from, as well as correcting it or ask for deletion. You may contact me here https://rootdo.com/contact Keep in mind that the services that do save data like Send or MicroBin are configured to automatically delete files and data after a max of 7 days anyway. For abuse reports and takedown requests please go here: https://rootdo.com/contact