Privacy implications?

[MrMage]

Hi,

I am very interested in a more privacy-aware approach to analytics and error reporting for Mac apps than App Center. However, how can you guarantee that you are not collecting any personally identifiable information whatsoever? According to the GDPR, anything that could be de-anonymized counts as PII, and that can even happen "accidentally" (e.g. when the logs do include an identifier somewhere).

The device metadata specified in https://apptelemetry.io/pages/privacy-policy.html, Data Transmitted point 4, might even be sufficient for this in some cases; same holds for the hashed user identifier described in User Identifiers, point 3. I could simply hash the user identifiers on my own server, for example, then compare the two hashes.

On a related note, do you offer to sign Data Processing Agreements to be on the safe side? And who hosts your servers, and where?

Thanks,
Daniel

[winsmith]

Hi, these are excellent questions!

1. Right now I cannot 100% guarantee that developers don't put PII into the metadata payload. I have plans to detect and mitigate that in the future but right now, if you as a developer save PII without getting the user's permission, you're violating the GDPR. There's also going to be an addition to the TOS forbidding the storing of PII, so if a developer repeatedly does that despite a few warnings, I'll be able to exclude them from the platform.
2. The hashed identifier gets re-hashed on the server with a salt. This way you shouldn't be able to compare identifiers.
3. I'm working on a DPA generator so that you'll be able to get a DPA tailored to your app
4. The servers are hosted by Hetzner in Germany

Thanks a lot for your interest! :)