Privacy and this stuff


#1

Hi, i hope i’m right here.
I heard that Rocket Chat should one of the better chatsoftware. Well, the first impressions are really good.
But my intention is different:
I come from Germany and i consider to use RC in an public school environment. So first of all there are no technical issues. There are issues about the “data”. There are two ways to use RC: Cloud and on-premise. If we use on-premise, what will be with ALL data. I heard something that this belongs to RocketChat, even if we use it not in cloud.
Is this right?

Regards Sebastian


#2

I recommend you taking a look into our LICENSE and our documentation, but in summary, AFAIK, if the server is in on-prem Rocket.Chat will never have access or right to any of your data.


#3

@rafael.kellermann thanks.
i think i understand it and i hope my colleagues too.


Rocket.Chat Documentation - Push Notifications
#4

An important privacy issue to me: It seems that there’s no way to receive push notificications on mobile devices without sending data to Google or Apple. Same as for Mattermost BTW.

It’s not much data that travels to Google/Apple (https://github.com/RocketChat/Rocket.Chat/issues/9027), but it’s all about metadata.

This makes me disable push notifications.


#5

Hi,

as long as push notifications are not encrypted, this is definitely a point that must be considered separately in the privacy policy. Even if you host your Rocket.Chat instance on your own servers to keep the data in-house, the push messages are sent by third parties and could be read here in plain text. Ultimately an unsatisfactory situation if you want to be the complete master of your data and therefore host it yourself.

See also:

Ciao!


#6

I agree.

You can still maintain data sovereignty by just disabling push notifications. That’s what I did. Email notifications can be used instead. This is definitely a loss in comfort/usability, but OK to me.