Privacy on Saltcorn
This does not constitute legal advice and you are responsible for compliance with your own jurisdiction.
License
Saltcorn is distributed under the MIT license. You should understand the implications of this license before using Saltcorn. The license text follows:
Copyright (c) 2020 Tom Nielsen
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Cookies
Check in you browser what cookeis are actually set - Chrome Dev tooles, Application tab, Storage section, Cookies, and then pick the URL you are hosting on.
Saltcorn set a session cookie used to track login status and also to set screen screen size for quickly dispatching page groups. These are first party cookies and are not sent to any other service (unless you do this or you have some other component installed that does this). It is up to you to communicate this use to your user.
You can do more stuff with this session ID in a Saltcorn build. For instance you can store the session ID in tables and use the session ID in many other formulas. If you do this it is up to you to determine if your cookie is no longer "functional" but is now used for "analytics" purposes, and what implication this has for what do you communicate to your users.
You can also enable logging of IP addresses and in some places access the IP address as a variable.
Some modules may still use CDN resources and serving these may set additional cookies - see below
For sites hosted on saltcorn.com
The hosting facility on saltcorn.com is purely for evaluation purposes and should not be used to store sensitive or personally identifiable information. We cannot guarantee the confidentiality of any information that is stored on an application on saltcorn.com.
When signing up you are asked to enter an email address to create an account. This email address is not verified and in fact it does not even have to be a valid email address - you can use a made-up user name. For this reason we do not consider email addresses or usernames used to create applications on saltcorn.com to be personally identifiable information.
For sites hosted on saltcorn.com there is a central database storing all the information. None of this data is sent to a third party. We store all the crashes that occur on sites built on saltcorn.com, this helps to discover bugs.
For self-hosted instances
When self hosting from packages or docker images, no information is sent to a central server or shared with a third party. No telemetry of any kind has been enabled.
It should only make outbound connections in these cases:
- To fetch list of available plug-ins and packs from the saltcorn store. These requests are not logged or tracked, we do not count downloads or or unique installations.
- To fetch the latest version information and the packages for plugins from the NPM registry. NPM and docker do count downloads, but I don't know what else they track. It should be limited as there is no cookie they can track. They may track IP addresses, but note this is from your application server, not from your users.
Neither of these should be able to leak user information as they are only done at build time.
- Some plug-ins load resources (scripts ) via a CDN. This can in principle be used by those who control the CDN to track the users. We are in the process of migrating these to serve local resources only.
See the table below for the list of known plugins that load data from CDNs.
Cells with an * still contact outside urls but they are essential for the plugin to function Plugin Status CKEditor4 All set leaflet-map In Progress
flash-cards All set statistics All set markdown not sure comment-tree All set badges All set twilio-verify-sms not sure mqtt All set* reservable All set any-bootstrap-theme Needs work saltlearn All set filter-button-group All set uuid-type All set html All set material-design Needs work visualize In Progress oauth2-auth All set* chaos-guinea-pig not sure contractis All set stepper All set google-auth All set* geosearch All set kanban needs work system-info All set stripe not sure flatpickr-date needs work nominatim-geocode All set* rpi-enviro All set tabler needs work top-hat needs work ldap-auth All set* github-auth All set* twitter-auth All set* summernote In Progress jsgrid needs work social-embed All set fullcalendar needs work
quill-editor needs work adminLTE needs work plain-bootstrap-theme needs work blog-bootstrap-theme needs work core plugins saltcorn-markup All set saltcorn-random-tests All set sbadmin2 needs work
- Some plug-ins load resources (scripts ) via a CDN. This can in principle be used by those who control the CDN to track the users. We are in the process of migrating these to serve local resources only.
A cookie is set on the user's browser. This is a functional cookie used to track whether the user is logged in or not. You should consider whether cookie consent for such a cookie is required in your jurisdiction
Crashes that occur on self hosted applications are not sent to a remote server, they just go into the crashlog of the root tenant on that server.
IP addresses are not currently stored, but I think they probably should be stored if you set up the EventLog to store Login events, so this may change in the future.
There may be other logging components in the system that track IP addresses (e.g. if you use nginx as a proxy, that may log IP addresses). To the best of my knowledge, the images created on DigitalOcean do not log ip addresses, but I have not checked this in depth.
For application hosted on cloud providers
Cloud providers that offer Saltcorn images or applications installed on virtual machines may perform their own telemetry to track usage. The developers of Saltcorn are not responsible for these applications if they are used to store sensitive or personally identifiable information.