KDE PIM/Privacy Policy: Difference between revisions

From KDE Community Wiki
(Clarify sharing of data)
m (Mention invent instead of phabricator)
 
(6 intermediate revisions by 2 users not shown)
Line 1: Line 1:
The KDE PIM community is [[KDE_PIM#Vision|committed to protecting the privacy]] of all users of its software. Sensitive information like user names and passwords is only used to perform the core functions of the software - receive and send emails and synchronize calendars and address books. The credentials and all user's personal information (including events, contacts, emails etc.) obtained from remote services (e.g. email servers) are only stored on the user's computer and are never shared with the developers of this software or any other third party. No user's personal information stored on the computer is ever shared with the developer or with any third party services unless the user manually does so, for example by copying or moving personal data (e.g. email) to a folder that is synchronized with the third party service.
The KDE PIM community is [[KDE_PIM#Vision|committed to protecting the privacy]] of all users of its software. Sensitive information like user names and passwords is only used to perform the core functions of the software - receive and send emails and synchronize calendars and address books. The credentials and all user's personal information (including events, contacts, emails etc.) obtained from remote services (e.g. email servers) are only stored on the user's computer and are never shared with the developers of this software or any other third party. No user's personal information stored on the computer is ever shared with the developer or with any third party services unless the user manually does so, for example by copying or moving personal information (e.g. email) to a folder that is synchronized with the remote third party service.


However, some services that you decide to synchronize your personal data with may collect various information about your activity and interaction with the service - make sure to consult Privacy Policies or those services.
However, certain online services that you decide to synchronize your personal data with may collect various information about your activity and interaction with the service - make sure to consult Privacy Policies of those services.


This Privacy Policy document is to clearly state and provide information on what, how and why personal data or information is collected, used and disclosed when this software is utilized and the choices you have associated with that data.
This Privacy Policy document is to clearly state and provide information on what, how and why personal data or information is collected, used and disclosed when this software is utilized and the choices you have associated with the data.


The objective of this policy document is to provide an open environment between developer and users of this software by openly stating what information the developer collects or not. This Policy applies to this software and the developers would not be held responsible for the content or privacy practices on any third party software not operated by the developer to which this software links or that links to this software, therefore it is advisable to read up the Privacy Policies of third party services that may be linked to this software.
The objective of this policy document is to provide an open environment between developers and users of this software by openly stating what information the developer collects or not. This Policy applies to this software and the developers would not be held responsible for the content or privacy practices on any third-party software not operated by the developer to which this software links or that links to this software, therefore it is advisable to read up the Privacy Policies of third-party services that may be linked to this software.


== Permissions and Access to third party services  ==
== Permissions and Access to third party services  ==


Kontact allows the user to synchronize their personal information with remote third party services like Google Calendar, GMail or Nextcloud. Kontact ensures that the information is exchanged in a secure manner and that it is cached and stored locally in a reasonably safe manner, but it has no control over how the remote service treats the data provided by the user. The user should study the Privacy Policy of the service as well.
Kontact allows the user to synchronize their personal information with remote third-party services like Nextcloud, DAV groupware, Google Calendar or GMail. Kontact ensures that the information is exchanged in a secure manner and that it is cached and stored locally in a reasonably safe manner, but it has no control over how those remote third-party services treat the personal information provided by the user. The user should study the Privacy Policies of those services as well.


Some user's personal information and data obtained from third party servces are cached locally by a background service called Akonadi, which is part of Kontact. It is possible for any locally running software to interact with Akonadi and thus access, modify or delete any data stored there. The data are factically stored in a local database controlled by Akonadi. They may also be indexed for full-text search by Akonadi Indexing Agent.  
Some user's personal information (emails, contacts, events, etc.) obtained from third party services are cached locally by a background service called Akonadi, which is part of Kontact. It is possible for other Akonadi-enabled  software that the user installs locally on their computer to access, modify or delete any personal information stored there. They may also be indexed for full-text search by Akonadi Indexing Agent.  


=== Google Services ===
=== Google Services ===


Kontact provides optional integration with several Google services. Read below for detailed explanation of what data Kontact and its components request from Google and what it does with those data.
Kontact provides optional integration with several Google services. Read below for a detailed explanation of what personal information Kontact and its components request from Google and what it does with those personal information.


==== Google Sign-in ====
==== Google Sign-in ====
Line 21: Line 21:
Kontact and its components will use Google Sign-In in order to obtain access to content stored on a user's Google account (e.g. contacts, calendars, events. etc.). The information obtained from the Google Sign-In include user's real name, email address and picture and are stored locally on the user's computer to allow the user to more easily identify their Google account among other locally created accounts. Additionally, the Sign-In process provides the software with OAuth tokens which are used by the software to authenticate its requests to other Google services. The tokens are stored locally in KWallet.
Kontact and its components will use Google Sign-In in order to obtain access to content stored on a user's Google account (e.g. contacts, calendars, events. etc.). The information obtained from the Google Sign-In include user's real name, email address and picture and are stored locally on the user's computer to allow the user to more easily identify their Google account among other locally created accounts. Additionally, the Sign-In process provides the software with OAuth tokens which are used by the software to authenticate its requests to other Google services. The tokens are stored locally in KWallet.


Authenticating against Google and using the Akonadi Resources for Google Services means data are being exchanged with Google servers and Privacy Policies of Google and individual Google's services apply. Kontact makes sure that the exchanges with Google servers are securely encrypted and that only the data that the user has selected is exchanged with Google.
Authenticating against Google and using the Akonadi Resources for Google Services means personal information are being exchanged with Google servers and Privacy Policies of Google and individual Google's services apply. Kontact makes sure that the exchanges with Google servers are securely encrypted and that only the personal information that the user has selected is exchanged with Google.


If the user does not add their Google account to Kontact, no information is exchanged with Google by Kontact at all.
If the user does not add their Google account to Kontact, no information is exchanged with Google by Kontact at all.
Line 39: Line 39:
====  Google Drive ====
====  Google Drive ====


Kontact (through Storage Manager) and KIO GDrive (through Dolphin or other KIO-enabled application) request full access to user's Google Drive in order to allow the user to browse their Google Drive files from the comfort of the aforementioned software without having to go to the Google Drive web interface. Unless the user explicitly copies a folder or a file from Google Drive to their hard drive, all data remain stored only on Google Drive and are not cached or stored locally on the user's computer. The software will never access, create, modify or delete content from user's Google Drive account without user's interaction.
Kontact (through Storage Manager) and KIO GDrive (through Dolphin or other KIO-enabled application) request full access to user's Google Drive in order to allow the user to browse their Google Drive files from the comfort of the aforementioned software without having to go to the Google Drive web interface. Unless the user explicitly copies a folder or a file from Google Drive to their hard drive, all files and folders remain stored only on Google Drive and are not cached or stored locally on the user's computer. The software will never access, create, modify or delete content from user's Google Drive account without user's interaction.


The contents of user's hard drive or other file-sharing services (e.g. NextCloud, Dropbox, etc.) are never exposed to the user's Google Drive or shared with Google unless the user explicitly copies them into the Google Drive.
The contents of user's hard drive or other file-sharing services (e.g. NextCloud, Dropbox, etc.) are never exposed to the user's Google Drive or shared with Google unless the user explicitly copies them into the Google Drive.
Line 48: Line 48:


Emails synchronized from other email providers or local email storage (e.g. maildir, mbox) are never exposed to the user's Gmail account or shared with Google unless the user explicitly moves or copies them into Gmail.
Emails synchronized from other email providers or local email storage (e.g. maildir, mbox) are never exposed to the user's Gmail account or shared with Google unless the user explicitly moves or copies them into Gmail.
Kontact's and KMail's use of information received from Google Restricted scopes APIs will adhere to Google's [https://support.google.com/cloud/answer/9110914#explain-types Limited Use requirements].


== Disclaimer ==
== Disclaimer ==
Line 53: Line 55:


== Contact ==
== Contact ==
Contributions to this project are welcomed. Contributions, suggestions or bug reports and fixes can be made by opening tickets on [https://bugs.kde.org KDE Bugtracker] or submitting patches to [https://phabricator.kde.org KDE Phabricator]
Contributions to this project are welcomed. Contributions, suggestions or bug reports and fixes can be made by opening tickets on [https://bugs.kde.org KDE Bugtracker] or submitting patches to [https://invent.kde.org KDE Invent]


If you have any questions about this Privacy Policy, or any other issue relating to the KDE PIM project, please contact us [mailto:[email protected] here].
If you have any questions about this Privacy Policy, or any other issue relating to the KDE PIM project, please contact us [mailto:[email protected] here].

Latest revision as of 19:52, 17 October 2020

The KDE PIM community is committed to protecting the privacy of all users of its software. Sensitive information like user names and passwords is only used to perform the core functions of the software - receive and send emails and synchronize calendars and address books. The credentials and all user's personal information (including events, contacts, emails etc.) obtained from remote services (e.g. email servers) are only stored on the user's computer and are never shared with the developers of this software or any other third party. No user's personal information stored on the computer is ever shared with the developer or with any third party services unless the user manually does so, for example by copying or moving personal information (e.g. email) to a folder that is synchronized with the remote third party service.

However, certain online services that you decide to synchronize your personal data with may collect various information about your activity and interaction with the service - make sure to consult Privacy Policies of those services.

This Privacy Policy document is to clearly state and provide information on what, how and why personal data or information is collected, used and disclosed when this software is utilized and the choices you have associated with the data.

The objective of this policy document is to provide an open environment between developers and users of this software by openly stating what information the developer collects or not. This Policy applies to this software and the developers would not be held responsible for the content or privacy practices on any third-party software not operated by the developer to which this software links or that links to this software, therefore it is advisable to read up the Privacy Policies of third-party services that may be linked to this software.

Permissions and Access to third party services

Kontact allows the user to synchronize their personal information with remote third-party services like Nextcloud, DAV groupware, Google Calendar or GMail. Kontact ensures that the information is exchanged in a secure manner and that it is cached and stored locally in a reasonably safe manner, but it has no control over how those remote third-party services treat the personal information provided by the user. The user should study the Privacy Policies of those services as well.

Some user's personal information (emails, contacts, events, etc.) obtained from third party services are cached locally by a background service called Akonadi, which is part of Kontact. It is possible for other Akonadi-enabled software that the user installs locally on their computer to access, modify or delete any personal information stored there. They may also be indexed for full-text search by Akonadi Indexing Agent.

Google Services

Kontact provides optional integration with several Google services. Read below for a detailed explanation of what personal information Kontact and its components request from Google and what it does with those personal information.

Google Sign-in

Kontact and its components will use Google Sign-In in order to obtain access to content stored on a user's Google account (e.g. contacts, calendars, events. etc.). The information obtained from the Google Sign-In include user's real name, email address and picture and are stored locally on the user's computer to allow the user to more easily identify their Google account among other locally created accounts. Additionally, the Sign-In process provides the software with OAuth tokens which are used by the software to authenticate its requests to other Google services. The tokens are stored locally in KWallet.

Authenticating against Google and using the Akonadi Resources for Google Services means personal information are being exchanged with Google servers and Privacy Policies of Google and individual Google's services apply. Kontact makes sure that the exchanges with Google servers are securely encrypted and that only the personal information that the user has selected is exchanged with Google.

If the user does not add their Google account to Kontact, no information is exchanged with Google by Kontact at all.

Google Calendar

Kontact and KOrganizer request full access to all calendars and events in those calendars from the user's Google Calendar in order to display them in user's calendar view in the applications and to allow the user to create, modify and delete events from the comfort of the aforementioned applications without having to go to the Google Calendar web interface. The list of calendars and events, including their entire content are cached locally on the user's computer using the Akonadi service described above. When the user creates a new event or modifies or deletes an existing event in one of the calendars synchronized from Google Calendar, the change will be propagated to Google Calendar immediately when the computer has internet connectivity. The software will never create, modify or delete content from the Google Calendar without previous user interaction, it may, however, download content from the Google Calendar in the background without user interaction if automatic synchronization is enabled.

Calendars and events synchronized from other services or local calendars are never exposed to user's Google Calendar account and shared with Google unless the user explicitly moves or copies them into the Google Calendar.

Google Contacts

Kontact and KAddressbook request full access to all contacts from the user's Google account in order to display them in user's address book in the software and to allow the user to create, modify and delete contacts from the comfort of the aforementioned applications without having to go to the Google Contacts web interface. All contacts with all information are locally cached on the user's computer using the Akonadi service described above. When the user creates a new contact or modifies or deletes an existing contact synchronized from Google Contacts, the change will be propagated to Google Contacts immediately when the computer has internet connectivity. The software will never create, modify or delete content from the Google Contacts without previous user interaction, it may, however, download content from the Google Contacts in the background without user interaction if automatic synchronization is enabled.

Contacts synchronized from other services or local address books are never exposed to user's Google Contacts account or shared with Google unless the user explicitly moves or copies them into Google Contacts.

Google Drive

Kontact (through Storage Manager) and KIO GDrive (through Dolphin or other KIO-enabled application) request full access to user's Google Drive in order to allow the user to browse their Google Drive files from the comfort of the aforementioned software without having to go to the Google Drive web interface. Unless the user explicitly copies a folder or a file from Google Drive to their hard drive, all files and folders remain stored only on Google Drive and are not cached or stored locally on the user's computer. The software will never access, create, modify or delete content from user's Google Drive account without user's interaction.

The contents of user's hard drive or other file-sharing services (e.g. NextCloud, Dropbox, etc.) are never exposed to the user's Google Drive or shared with Google unless the user explicitly copies them into the Google Drive.

Gmail

Kontact and KMail request authentication to access user's Gmail account in order to display user's emails and email folders in the applications and allow the user to interact with them without having to go to the Gmail web interface. Email data are accessed through the IMAP protocol and they are cached on the user's computer using the Akonadi service described above. Depending on user configuration the cache may contain full emails including attachments (to allow user to read their email even when the computer does not have internet connectivity) or only headers. The software will never send emails on the user's behalf without user interaction nor will it modify or delete any emails without user's interaction. It may, however, download content from Gmail in the background without user interaction if automatic synchronization is enabled by the user.

Emails synchronized from other email providers or local email storage (e.g. maildir, mbox) are never exposed to the user's Gmail account or shared with Google unless the user explicitly moves or copies them into Gmail.

Kontact's and KMail's use of information received from Google Restricted scopes APIs will adhere to Google's Limited Use requirements.

Disclaimer

Kontact and other KDE PIM applications are developed in good faith and for general use. The developers will not be held accountable for how users decide to use this software and will not be liable for any losses and/or damages in connection with the use of the software.

Contact

Contributions to this project are welcomed. Contributions, suggestions or bug reports and fixes can be made by opening tickets on KDE Bugtracker or submitting patches to KDE Invent

If you have any questions about this Privacy Policy, or any other issue relating to the KDE PIM project, please contact us here.