Jump to content

Online Accounts/Privacy Policy

From KDE Community Wiki
Revision as of 15:18, 8 June 2023 by Dannybpng (talk | contribs) (Permissions and Access to 3rd party services)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

The KDE community is committed to protecting the privacy of all users of its software. Sensitive information like user names and passwords is only used to perform the core functions of the software - receive and send emails and synchronize calendars and address books. No personal information is sent to or shared with third parties, however, some 3rd party services may collect various information about user's activity and interaction with the service - make sure to consult privacy policies or those services.

This privacy policy document is to clearly state and provides information on what, how and why personal data or information is collected, used and disclosed when this software is utilized and the choices you have associated with that data.

The objective of this policy document is to provide an open environment between developer and users of this software by openly stating what information the developer collects or not. This Policy applies to this software and the developers would not be held responsible for the content or privacy practices on any third party app not operated by the developer to which this software links or that links to this software, therefore it is advisable to read up the privacy policies of third party services that may be linked to this software.

Permissions and Access to 3rd party services

Online Accounts provide user access to various 3rd party services. It ensures that the information is exchanged in a secure manner and is cached and stored locally in a reasonably safe manner, but it has no control over how the remote service treats their data. The user should study the Privacy Policy of each service as well.

Some user data may be cached locally by the applications that make use of Online Accounts. The access provided by Online Accounts may be used by any application that has Online Accounts integration. As such, users should be careful what applications they install as malicious software may abuse this access to get user's data that is stored on those services. Online Accounts does its best to only allow access to services and data it absolutely needs to provide the requested functionality, but sometimes it is not possible to limit the access.


Google Services

Online Accounts provide optional integration with several Google services. Read below for detailed explanation of what data are accessible from Online Accounts and for what purpose they may be used.

Google Sign-in

Online Accounts will use Google Sign-In in order to obtain access to content stored on a user's Google account (e.g. contacts, calendars, events. etc.). The information obtained from the Google Sign-In include: user's real name, email address and picture; these are stored on the user's computer to help distinguish their Google account from other locally created accounts. Additionally, the Sign-In process provides the software with OAuth tokens to authenticate its requests to other Google services. The tokens are stored locally in KWallet.

Authenticating with Google means data are being exchanged with Google servers, and the Privacy policies of Google and Google's individual services apply. Exchanges with Google servers are securely encrypted and only data that the user has selected is exchanged with Google.

If the user does not add their Google account to Online Accounts, no information is exchanged with Google by Online Accounts. Note that some applications may provide their own integration with Google Services, in which case the Privacy Policy of those applications apply.

Google Calendar

Online Accounts request full access to all calendars and events in those calendars from the user's Google Calendar in order to allow calendaring applications like KOrganizer to use or modify them. These applications let the user view, create, modify and delete events without having to use the Google Calendar web interface. Online Accounts themselves do not access user's data on Google Calendar in any way. The Privacy Policy of each application that accesses this Google service through Online Accounts apply.

Calendars and events synchronized from other services or local calendars are never exposed to user's Google Calendar account or shared with Google unless the user explicitly moves or copies them into the Google Calendar.

Google Contacts

Online Accounts request full access to all contacts from the user's Google account in order to allow addressbook applications like KAddressbook to display, create, modify and delete the events without having to use the Google Contacts web interface. Online Accounts themselves do not access user's data on Google Contacts in any way. The Privacy Policy of each application that accesses this Google service through Online Accounts apply.

Contacts and addressbooks synchronized from other services or local contacts are never exposed to user's Google Calendar account or shared with Google unless the user explicitly moves or copies them into the Google Calendar.

Google Drive

Online Accounts request full access to user's Google Drive in order to allow applications like Dolphin (through KIO GDrive) access to user's files to create, modify and delete the files without having to use the Google Drive web interface. Online Accounts themselves do not access user's data on Google Drive in any way. The Privacy Policy of each application that accesses this Google service through Online Accounts apply.

Files synchronized from other services or local contacts are never exposed to user's Google Drive account or shared with Google unless the user explicitly moves or copies them into the Google Drive.

YouTube

Online Accounts request the capability to upload videos to user's YouTube, allowing sharing tools like Purpose to easily upload files from the user's computer to YouTube and share those videos with others. Online Accounts themselves do not access user's data on Google Drive in any way. The Privacy Policy of each application that accesses this Google service through Online Accounts apply.

OwnCloud

Online Accounts request access to OwnCloud service for easy uploading of files from the user's computer to the OwnCloud server with sharing tools like Purpose. Online Accounts themselves do not access user's data on Google Drive in any way. The Privacy Policy of each application that accesses OwnCloud through Online Accounts apply.

Twitter

Online Accounts request access to Twitter for easy uploading of images from the user's computer with sharing tools like Purpose as posts. Online Accounts themselves do not access user's data on Twitter in any way. The Privacy Policy of each application that accesses Twitter through Online Accounts apply.

Disclaimer

Online Accounts and other KDE applications are developed in good faith and for general use. The developers will not be held accountable for how users decide to use this software and will not be liable for any losses and/or damages in connection with the use of the software.

Contact

Contributions to this project are welcomed. Contributions, suggestions or bug reports and fixes can be made by opening tickets on KDE Bugtracker or submitting patches to KDE Phabricator

If you have any questions about this Privacy Policy, or any other issue relating to the Online Accounts please contact us here.