Privacy on Saltcorn

For sites hosted on saltcorn.com

For sites hosted on saltcorn.com there is a central database storing all the information. None of this data is sent to a third party. We store all the crashes that occur on sites built on saltcorn.com, this helps to discover bugs.

For self-hosted instances

When self hosting from packages or docker images, no information is sent to a central server or shared with a third party. No telemetry of any kind has been enabled.

It should only make outbound connections in these cases:

  1. To fetch list of available plug-ins and packs from the saltcorn store. These requests are not logged or tracked, we do not count downloads or or unique installations.
  2. To fetch the latest version information and the packages for plugins from the NPM registry. NPM and docker do count downloads, but I don't know what else they track. It should be limited as there is no cookie they can track. They may track IP addresses, but note this is from your application server, not from your users.

    Neither of these should be able to leak user information as they are only done at build time.
     
    1. Some plug-ins load resources (scripts ) via a CDN. This can in principle be used by those who control the CDN to track the users. We are in the process of migrating these to serve local resources only.

      See the table below for the list of known plugins that load data from CDNs.
       
      Cells with an * still contact outside urls but they are essential for the plugin to function
      Plugin Status
      CKEditor4 All set
      leaflet-map

      In Progress

      flash-cards All set
      statistics All set
      markdown not sure
      comment-tree All set
      badges All set
      twilio-verify-sms not sure
      mqtt All set*
      reservable All set
      any-bootstrap-theme Needs work
      saltlearn All set
      filter-button-group All set
      uuid-type All set
      html All set
      material-design Needs work
      visualize In Progress
      oauth2-auth All set*
      chaos-guinea-pig not sure
      contractis All set
      stepper All set
      google-auth All set*
      geosearch All set
      kanban needs work
      system-info All set
      stripe not sure
      flatpickr-date needs work
      nominatim-geocode All set*
      rpi-enviro All set
      tabler needs work
      top-hat needs work
      ldap-auth All set*
      github-auth All set*
      twitter-auth All set*
      summernote In Progress
      jsgrid needs work
      social-embed All set
      fullcalendar

      needs work

      quill-editor needs work
      adminLTE needs work
      plain-bootstrap-theme needs work
      blog-bootstrap-theme needs work
      core plugins
      saltcorn-markup All set
      saltcorn-random-tests All set
      sbadmin2 needs work

       

A cookie is set on the user's browser but this is a functional cookie used to track whether the user is logged in or not, so cookie consent is not required.

Crashes that occur on self hosted applications are not sent to a remote server, they just go into the crashlog of the root tenant on that server.

IP addresses are not currently stored, but I think they probably should be stored if you set up the EventLog to store Login events, so this may change in the future.

There may be other logging components in the system that track IP addresses (e.g. if you use nginx as a proxy, that may log IP addresses). To the best of my knowledge, the images created on DigitalOcean do not log ip addresses, but I have not checked this in depth.