Version 2, 28 November 2009
Tine 2.0 takes privacy seriously. According to our key principles of openness, freedom, transparency and quality, privacy is in fact a core component and motivation behind the Tine 2.0 software.
In Contrast to many other web services where using the software is paid by the disposal of personal information and the abundance of privacy the Tine 2.0 open source software gives back freedom and privacy to its users.
SECTION I: DATA STORAGE
(a) Related Software Products
Tine 2.0 is a software which runs in conjunction with various related software products such as Web-Servers, Database-Servers, Directory-Servers, SMTP- and IMAP-Servers and others. All these related software products may store personal and sensitive data which could impact the privacy of Tine 2.0 users in various ways. In first place the logfiles of these related software products must be considered, as they may contain personal or confidential data. To identify further possible impacts on the users privacy the user manuals of the related software products have to be consulted.
Tine 2.0 stores almost any information in the configured databases. These databases contain personal and confidential data. As such these databases are to be protected against any form of unauthorized access. More details about securing the database can be found in the producer's user manual.
(c) Session Files
Tine 2.0 stores personal information about the user (username, fullname, connection IP-Address etc.) in the users session file of the web-server. These session files have to be protected against any form of unauthorized access. In the Tine 2.0 setup process the path where these session files are saved can be configured.
Tine 2.0 maintains caches to improve the performance of the software. These caches may contain sensitive or personal data. Therefore the caches have to be protected against unauthorized access in any form. In the Tine 2.0 setup process the path where cache files are saved can be configured.
Tine 2.0 is capable to write logfiles containing information of operation in different levels. Depending on the level this information may contain sensitive or personal data. This is particularly the case for the log levels DEBUG and INFO. Therefore the logfiles have to be protected against unauthorized access in any form. In the Tine 2.0 setup process the path where logfiles are saved and the log level can be configured.
(f) Error Messages
If Tine 2.0 detects an exceptional state of the software, information about the exceptional state is reported in the logfiles and to the user. This information contain a so called 'stack trace' of the point where the exceptional state got detected. This stack traces are extremely useful to track the source of the exceptional state, e.g. bugs or misconfigurations of the system, but also may contain sensitive or personal data of the current user. To suppress the stack traces in the error messages the configuration 'suppressExceptionTraces' can be set in the installations config.inc.php.
(g) User Client Session Data
SECTION II: DATA TRANSFER WITH VENDORS SERVICES
(a) Bug Reports
If Tine 2.0 detects an exceptional state of the software, informations about the exceptional state are reported to the user containing a "Bug Reporting Form". In this form the user can add a description of what he did when the error occurred and moreover add contact information for further inquiries. Submissions of this form are send as 'Bug Reports' to the software vendor and are extremely useful to find bugs and exception sources within the software. The permission to send Bug Reports can be set as a 'Role Right' in the Tine 2.0 Role Administration module. Additionally to the description and optional contact information, these Bug Reports contain the version of the Tine 2.0 installation and, if configured, the stack trace of the exceptional state as well as informations about the request and response of the transaction which lead to the exceptional state. The referrer, user agent and IP address of the user are included in the submission of the bug report.
(b) Version Checks
Tine 2.0 offers the possibility to check for updates and inform the user if new versions or critical updates of the software are available. The permission to check for new versions can be set as 'Role Right' in the Tine 2.0 Role Administration module. The request for new versions contain the current version of the Tine 2.0 installation. Due to the nature of data transmission, the referrer, user agent and IP address of the user are included in the request.
(c) Survey Offerings
To consequently improve the usability of Tine 2.0 the software developer offers user surveys where users directly can give feedback and help to improve the software to their own needs. To check if a new survey for participation is available a request to a foreign website has to be made. To suppress this request, the configuration 'denySurveys' can be set in the config.inc.php config file. Due to the nature of data transmission, the referrer, user agent and IP address of the user are included in the request.
(d) Usage of Transfered Data
The Tine 2.0 software vendor processes and stores transmitted data exclusively for the purpose of analyzing and resolving technical problems as well as gaining statistical data about the propagation of the Tine 2.0 software suite. In rare cases transmitted bug reports might contain personal or sensitive data according to paragraph (a). The software vendor guarantees to handle such data with absolute discretion and never to systematically collect, analyze or publish such data. Bug reports data are kept in an access controlled and private database and deleted as soon as the technical problem is resolved.
SECTION III: DATA TRANSFER WITH THRID PARTY SERVICES
(a) Third Party Mail Systems
The Tine 2.0 email client can be configured to access mail systems of third party providers. Tine 2.0 has no influence of the data handling and privacy implications related to the policies of the third party service vendors. In addition to the personal or sensitive data stored and exchanged with the third party service connections to third party mail services also contain the IP-Address of the Tine 2.0 server system or upstream security system due to the nature of data transmission. The permission for users to define their own mail services, including third party services, can be set as a 'Role Right' in the Tine 2.0 Role
Administration module. Considerations about the permission to connect third party mail systems should imply administrative tasks to ensure encrypted network communication to these systems.
(b) Using of ActiveSync services
Tine 2.0 offers an ActiveSync module for data synchronization with mobile devices. The ActiveSync module respects access rights and user data grants of the user the device authenticates for. Tine 2.0 has no influence of the data handling and privacy implications of the ActiveSync clients. The permission to use the ActiveSync service can be set as a 'Role Right' in the Tine 2.0 Role Administration module. Considerations about the permission to synchronize data using the ActiveSync service should imply administrative tasks to ensure encrypted network communication between the related systems.
(c) Third Party Service Consumers
Tine 2.0 comes with a variety of interfaces and API's, allowing the exchange of data with authenticated users. These interfaces and API's respect access rights and user data grants of the user the service consumer is authenticated for. Tine 2.0 has no influence of the data handling and privacy implications of third party service consumers. Considerations about offering the Tine 2.0 service in a public network should imply administrative tasks to ensure encrypted network communication between all related systems.
(d) OpenStreeMap.org services
Tine 2.0 uses a number of services offered by openStreetMap.org. OpenStreetMap.org is a community dedicated to mapping and geolocation related topics. As of the nature of web-services, Tine 2.0 needs to send personal data to openstreetmap.org as input parameters for retrieving maps or geolocations. To disable communications and featured based on this services, you need to set the the configuration 'mapPanel' can be set to false in the installations config.inc.php.