########## PRIVACY POLICY - GDPR information

June 2021

The jabber.nu service is processing, storing and forwarding personal information about you as follows, 
in accordance with the EU GDPR. By using the server, you agree with the described processing of your data.


This section describes how the jabber.nu service processes your personal information internally.

+++ Information Associated with your Account

The following information is needed to provide the service to you (Art. 6.1b) and is stored as long as 
your account exists:

    . Login credentials are stored in encrypted form and never shared with other parties.
    . Your account identifier (Jabber ID) is only shared with XMPP users and services that you interact with.
    . Your contact list (roster, chatroom bookmarks) is not shared with other parties, except when you give 
      explicit permission (XEP-0321: Remote Roster Management).
    . Your availability information (presence) is kept in memory and automatically shared with your contacts 
      and the chatrooms you enter, and might be shared with other XMPP services that you are using (e.g. 
      transports). The date and time of your last login is stored alongside your account to identify inactive accounts.
    . The IP address of your registration and of your last login are stored alongside the account. This is 
      required to detect and delete spammer accounts (Art. 6.1f). IP addresses of identified spammer accounts will 
      be shared with other server operators to prevent further abuse.


Content that you send or that is sent to you, is stored on your behalf, so that you can access it from all of your 
clients (Art. 6.1b):

    . Messages sent to you while you are offline are stored until you connect or your account is deleted.
    . Message archives of the messages you send and receive are stored for 14 days, if you have enabled 
      XEP-0313: Message Archive Management.
    . Uploaded files are stored for 30 days (some clients cache messages, but not files, so those are kept for a 
      longer time).
    . Chatroom history is stored according to the configuration of the respective chatroom, and might be made public 
      by other participants.
    . Your public profile information (vCard) and avatar image is stored alongside the account and can be queried by 
      users who know your Jabber ID.


To ensure proper operation of the service, including network and information security, server logs are stored for 
14 days (Recital 49 of the EU GDPR). The server log contain, among other data:

    . Message meta-data (sender, receiver, type of message).
    . Message content of messages automatically flagged as potential spam. These messages might undergo manual review.
    . Connection information, including IP addresses and timestamps.
    . Internal processing information.


The main goal of the XMPP network is to get your messages to your contacts, and vice versa. To achieve that, data 
and meta-data is transmitted to the servers of the respective users, as far as this is required to deliver the 
messages (Art. 6.1b).

+++ Other XMPP Services

Content that you send to other servers is subject to their respective data protection policies. The processing on 
these servers might not be covered by the high data protection standards you expect, especially if the servers are 
located outside of the EU (Art. 49.1b).

+++ Your Online Status

If you join chatrooms or add other users to your contact list, those users (and the operators of their servers) 
will be automatically informed about:

    . When you come online,
    . when you go offline, and
    . your availability status and message.

You can opt out from this by unsubscribing these contacts from your contact list.

+++ Your Public Profile

Your public profile information (vCard) and avatar image can be queried by users who know your Jabber ID.

+++ Push Services

If you enable push notifications (e.g. on a mobile client), the data that is required to perform the push 
notification (typically a device ID and message meta data) is transmitted to the respective push service provider 
(Art. 6.1b, Art. 49.1b). This processing is subject to the data protection policies of the respective provider.


You can access, change and delete the following information stored about you with a compliant XMPP client, 
after logging in with your Jabber ID:

    . your contact list and chatroom bookmarks
    . your vCard and avatar
    . your offline messages
    . your message archives

For all other kinds of personal data processed by the jabber.nu service, please contact the representative below.

To obtain information about data processed and stored on other XMPP services, please contact their 
respective representative.


The representative for all purposes of data protection is:

[email protected]

You need to identify as the holder of a given Jabber ID to obtain any information about it.

If you deem the conditions of this service as unacceptable, or have other concern, you have the right to complain 
to a Data_Protection_Authority. 

It might also seem appropriate to not sign up for the service in the first place though in such case..