Privacy on Saltcorn

License

Saltcorn is distributed under the MIT license. You should understand the implications of this license before using Saltcorn. The license text follows:

Copyright (c) 2020 Tom Nielsen

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

For sites hosted on saltcorn.com

The hosting facility on saltcorn.com is purely for evaluation purposes and should not be used to store sensitive or personally identifiable information. We cannot guarantee the confidentiality of any information that is stored on an application on saltcorn.com. 

When signing up you are asked to enter an email address to create an account. This email address is not verified and in fact it does not even have to be a valid email address - you can use a made-up user name. For this reason we do not consider email addresses or usernames used to create applications on saltcorn.com to be personally identifiable information.

For sites hosted on saltcorn.com there is a central database storing all the information. None of this data is sent to a third party. We store all the crashes that occur on sites built on saltcorn.com, this helps to discover bugs.

For self-hosted instances

When self hosting from packages or docker images, no information is sent to a central server or shared with a third party. No telemetry of any kind has been enabled.

It should only make outbound connections in these cases:

  1. To fetch list of available plug-ins and packs from the saltcorn store. These requests are not logged or tracked, we do not count downloads or or unique installations.
  2. To fetch the latest version information and the packages for plugins from the NPM registry. NPM and docker do count downloads, but I don't know what else they track. It should be limited as there is no cookie they can track. They may track IP addresses, but note this is from your application server, not from your users.

    Neither of these should be able to leak user information as they are only done at build time.
     
    1. Some plug-ins load resources (scripts ) via a CDN. This can in principle be used by those who control the CDN to track the users. We are in the process of migrating these to serve local resources only.

      See the table below for the list of known plugins that load data from CDNs.
       
      Cells with an * still contact outside urls but they are essential for the plugin to function
      Plugin Status
      CKEditor4 All set
      leaflet-map

      In Progress
      flash-cards All set
      statistics All set
      markdown not sure
      comment-tree All set
      badges All set
      twilio-verify-sms not sure
      mqtt All set*
      reservable All set
      any-bootstrap-theme Needs work
      saltlearn All set
      filter-button-group All set
      uuid-type All set
      html All set
      material-design Needs work
      visualize In Progress
      oauth2-auth All set*
      chaos-guinea-pig not sure
      contractis All set
      stepper All set
      google-auth All set*
      geosearch All set
      kanban needs work
      system-info All set
      stripe not sure
      flatpickr-date needs work
      nominatim-geocode All set*
      rpi-enviro All set
      tabler needs work
      top-hat needs work
      ldap-auth All set*
      github-auth All set*
      twitter-auth All set*
      summernote In Progress
      jsgrid needs work
      social-embed All set
      fullcalendar

      needs work
      quill-editor needs work
      adminLTE needs work
      plain-bootstrap-theme needs work
      blog-bootstrap-theme needs work
      core plugins
      saltcorn-markup All set
      saltcorn-random-tests All set
      sbadmin2 needs work

       

A cookie is set on the user's browser. This is a functional cookie used to track whether the user is logged in or not. You should consider whether cookie consent for such a cookie is required in your jurisdiction

Crashes that occur on self hosted applications are not sent to a remote server, they just go into the crashlog of the root tenant on that server.

IP addresses are not currently stored, but I think they probably should be stored if you set up the EventLog to store Login events, so this may change in the future.

There may be other logging components in the system that track IP addresses (e.g. if you use nginx as a proxy, that may log IP addresses). To the best of my knowledge, the images created on DigitalOcean do not log ip addresses, but I have not checked this in depth.

For application hosted on cloud providers

Cloud providers that offer Saltcorn images or applications installed on virtual machines may perform their own telemetry to track usage. The developers of Saltcorn are not responsible for these applications if they are used to store sensitive or personally identifiable information.