Privacy Policy

1. Introduction

My Digital Sovereignty Community ("we," "us," or "our") is committed to protecting your privacy and giving you control over your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our multi-tenant community platform.

Our platform is built on the principle of data sovereignty - you own your data, and your community owns its collective data. We are merely custodians, providing secure infrastructure for your digital space.

2. Data We Collect

2.1 Information You Provide Directly

• Account Information: Name, email address, password (encrypted), profile photo
• Community Content: Stories, comments, chat messages, documents, photos, videos you upload
• Voice Messages: Audio recordings and their AI-generated transcriptions (if you use voice messaging)
• Profile Information: Biographical information, interests, relationships to other community members
• Communication: Messages sent through our platform, including direct messages and group conversations

2.2 Information Collected Automatically

• Technical Data: IP address, browser type, device type, operating system
• Usage Data: Pages visited, features used, time spent on platform, click patterns
• Session Data: Authentication tokens, session identifiers (stored securely)
• Log Data: Error logs, performance metrics, security events

2.3 Information From Third-Party Services

• Matrix Chat: Messages, presence data, typing indicators (if you use Matrix integration)
• Jitsi Video Calls: Call metadata (not call content - Jitsi is end-to-end encrypted)
• Nextcloud Storage: File metadata (filename, size, upload date, modification history)

3. How We Use Your Data

3.1 Platform Functionality

We use your data to:

• Provide core platform features (stories, chat, video calling, document storage)
• Authenticate your identity and maintain your session
• Display your profile and content to other community members
• Send notifications about community activity (mentions, replies, updates)
• Enable search and discovery within your community

3.2 Communication

• Send transactional emails (password resets, account verification, security alerts)
• Deliver notification emails based on your preferences
• Respond to your support requests and inquiries
• Send important service announcements (security updates, policy changes)

3.3 Security and Compliance

• Detect and prevent fraud, abuse, and security threats
• Monitor system performance and troubleshoot technical issues
• Comply with legal obligations and respond to lawful requests
• Enforce our Terms of Service and community guidelines

3.4 Platform Improvement

• Analyze aggregated, anonymized usage patterns to improve features
• Identify and fix bugs and performance issues
• Develop new features based on user needs

4. Data Storage and Retention

4.1 Where We Store Your Data

Your data is stored in European data centers to comply with GDPR and ensure data sovereignty. Specifically:

• MongoDB: Application data (accounts, stories, comments, metadata) hosted in EU-region servers
• Nextcloud: Files, documents, photos stored in EU-compliant cloud infrastructure
• PostgreSQL: File metadata for Nextcloud integration
• Redis: Temporary session data and cache (ephemeral, not persisted long-term)

4.2 How Long We Keep Your Data

• Active Accounts: Data retained indefinitely while your account is active
• Deleted Content: Soft-deleted for 30 days (recoverable), then permanently deleted
• Closed Accounts: Data deleted within 90 days unless legally required to retain
• Backup Archives: Retained for 7 days, then automatically purged
• Legal Holds: Data retained as long as legally required if subject to investigation or litigation
• Session Logs: Retained for 90 days for security auditing

4.3 Backups and Disaster Recovery

We maintain daily automated backups of all data to protect against data loss. Backups are:

• Encrypted at rest using AES-256 encryption
• Stored in separate geographic locations from primary data
• Retained for 7 days, then automatically deleted
• Accessible only to authorized technical staff for disaster recovery

5. Data Sovereignty

5.1 You Own Your Data

Unlike traditional social platforms, you retain full ownership of all content you create. This includes:

• All stories, comments, and posts you write
• All photos, videos, and documents you upload
• All chat messages and voice recordings
• Your profile information and account data

5.2 Community Ownership

Your community (tenant) collectively owns the community's data. Community administrators can:

• Export all community data at any time
• Migrate to another platform (no vendor lock-in)
• Set privacy policies and access controls
• Manage member permissions and roles

5.3 Data Portability

You have the right to export your personal data in machine-readable formats:

• Personal Data Export: JSON format with all your account data, posts, comments
• File Downloads: Original files (photos, documents, videos) in their native formats
• Message History: Complete archive of your chat messages in JSON format
• Timeline: Within 30 days of request submission

6. Tenant Isolation

6.1 Multi-Tenant Architecture

My Digital Sovereignty Community uses a multi-tenant architecture where each community is completely isolated:

• Data Segregation: Each community's data is stored separately with unique identifiers
• Access Control: Users can only access data from communities they belong to
• No Cross-Contamination: Community A cannot see or access Community B's data
• Independent Backups: Each community can be backed up and restored independently

6.2 Technical Enforcement

Tenant isolation is enforced through multiple layers:

• Database-level filtering on all queries using tenantId
• File system separation in Nextcloud (/tenants/{subdomain}/)
• API-level authentication verifying tenant membership
• WebSocket namespaces preventing cross-tenant message leakage

7. Third-Party Services

7.1 Matrix (Chat Integration)

• Purpose: Real-time chat and messaging
• Data Shared: Username, messages, presence status
• Privacy: Messages can be end-to-end encrypted (optional)
• Provider: Self-hosted Matrix Synapse server (under our control)

7.2 Nextcloud (File Storage)

• Purpose: Document and file storage
• Data Shared: Files you upload, file metadata
• Privacy: Files stored in isolated tenant directories
• Provider: Self-hosted Nextcloud instance (under our control)

7.3 Jitsi (Video Calling)

• Purpose: Video and audio conferencing
• Data Shared: Call metadata only (not call content)
• Privacy: End-to-end encrypted by default
• Provider: Self-hosted Jitsi Meet server (under our control)

7.4 OpenAI Whisper (Voice Transcription)

• Purpose: Transcribe voice messages to text
• Data Shared: Audio files you choose to transcribe
• Privacy: Audio processed locally on our servers, not sent to OpenAI
• Provider: Self-hosted Whisper installation (under our control)

7.5 DeepL (Translation - Optional)

• Purpose: Translate chat messages between languages
• Data Shared: Text you choose to translate
• Privacy: Translations cached locally to minimize API calls
• Provider: DeepL API (third-party service)
• Policy: DeepL Privacy Policy

8. Cookies and Tracking

8.1 Essential Cookies

We use strictly necessary cookies for:

• Authentication: JWT tokens to keep you logged in
• Session Management: Track your session across pages
• Security: CSRF protection tokens
• Preferences: Language choice, theme (dark/light mode)

8.2 Functional Cookies

• User Preferences: Remember your settings (language, notification preferences)
• UI State: Remember sidebar collapse state, grid/list view preference

8.3 What We DON'T Use

• No Advertising Cookies: We never track you for ads
• No Third-Party Tracking: No Google Analytics, Facebook Pixel, or similar trackers
• No Cross-Site Tracking: Cookies are limited to our domain only

8.4 Cookie Management

You can control cookie preferences in your browser settings. Note that blocking essential cookies will prevent you from logging in and using the platform.

9. Your Rights (GDPR Compliance)

Under GDPR and other privacy laws, you have the following rights:

9.1 Right to Access

Request a copy of all personal data we hold about you. We will provide this within 30 days in a machine-readable format.

9.2 Right to Rectification

Correct any inaccurate or incomplete personal data. You can update most information directly in your profile settings.

9.3 Right to Erasure ("Right to Be Forgotten")

Request deletion of your personal data. We will delete all data within 90 days unless legally required to retain it.

9.4 Right to Data Portability

Export your data in JSON format to migrate to another platform. Includes all content, files, and messages.

9.5 Right to Restrict Processing

Request that we limit how we use your data while you contest its accuracy or processing legality.

9.6 Right to Object

Object to processing of your data for specific purposes. We will stop processing unless we have compelling legitimate grounds.

9.7 Right to Withdraw Consent

Withdraw consent for any processing based on consent (e.g., marketing emails). Does not affect lawfulness of processing before withdrawal.

9.8 Right to Lodge a Complaint

File a complaint with your local data protection authority if you believe we have violated your privacy rights.

10. Security Measures

10.1 Data Encryption

• In Transit: All data encrypted using TLS 1.3 (HTTPS)
• At Rest: Database and file storage encrypted using AES-256
• Passwords: Hashed using bcrypt with salt (never stored in plain text)
• Backups: Encrypted before transmission and storage

10.2 Access Controls

• Authentication: JWT-based authentication with token expiration
• Authorization: Role-based access control (RBAC) for all features
• Platform Admin Access: Platform administrators manage infrastructure only. They do NOT have application-level access to view, edit, or delete your content (stories, photos, messages). Content moderation is performed by tenant-appointed moderators only.
• Tenant Moderator Access: Community moderators (appointed by your tenant) can view and moderate content within their community only, never across communities.
• API Security: Rate limiting, input validation, CSRF protection

10.3 Infrastructure Security

• Firewalls: Network-level firewalls blocking unauthorized access
• Monitoring: 24/7 automated security monitoring and alerting
• Patching: Regular security updates and vulnerability patches
• Penetration Testing: Annual third-party security audits

10.4 Incident Response

In the event of a data breach:

• We will notify affected users within 72 hours
• We will notify relevant data protection authorities as required by law
• We will provide details about the breach and remediation steps
• We will conduct a post-incident review to prevent recurrence

11. Children's Privacy

My Digital Sovereignty Community is not intended for children under 13 years old. We comply with the Children's Online Privacy Protection Act (COPPA):

• We do not knowingly collect personal information from children under 13
• Users must confirm they are 13 or older during registration
• If we discover a child under 13 has registered, we will delete their account immediately
• Parents can contact us to request deletion of their child's data

For users aged 13-16 in the EU, we require parental consent as mandated by GDPR.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make changes:

• We will update the "Last Updated" date at the top of this policy
• We will notify you via email if changes are material
• We will display a prominent notice on the platform for 30 days
• Continued use of the platform after changes constitutes acceptance

We encourage you to review this policy periodically to stay informed about how we protect your data.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: