Disclaimer! We reserve the right to change any of the points. All changes will be publicly available and will be communicated to all users via email given in the registration process.
Who we are
KABI.tk is a private environment for web services and applications. We only offer the services for our families and friends. All privacy issues and references are clarified with the user prior becoming an account holder on KABI.tk, for the specific service used. KABI.tk is run privately and not associated with any company or business.
For services that need authentication, privacy please find the statements below.
What personal data we collect and why we collect it
We do and will never collect unnecessary user data. If you visit our website, your browser will send us your IP address along with the referrer ID and your used browser. This data is collected in the server log and we are not able to link this to any natural person.
We are using session cookies and others in order to provide you an proper view of the website.
We are not using any analytics service for our websites.
3rd Party integrations
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer as defined in Art. 6 para. 1 lit. f. GDPR), we make use of content or services offered by third-party providers in order to provide their content and services Services, such as Include videos or fonts (collectively referred to as “content”).
This always presupposes that the third-party providers of this content perceive the IP address of the users, since they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We endeavour to use only content whose respective providers use the IP address only for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information, such as visitor traffic, on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include, but is not limited to, technical information about the browser and operating system, referring web pages, time of visit, and other information regarding the use of our online offer.
Within our online offering, features and content of the Twitter service offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, may be incorporated. For this, e.g. Content such as images, videos, or text and buttons that allow users to share content from this online offering within Twitter.
What do we do with your data
We require a username and password to identify the account holder and provide the services offered by KABI.tk. All additional information you supply on any of the services provided by KABI.tk are optional.
Our processing of your information is limited to storing it for you to use.
We store logs of your activity for period no longer then 24h (unless specified otherwise per service). This data is used to help diagnose software issues, maintain security of the system against intrusion, and monitor the health of the platform.
Further access to your personal data and stored files and other information you provide to any of the services offered by KABI.tk is under your control. Whereever possible the data itself is stored encrypted on our servers.
What we do not do with your data
We do not collect any data other than what is needed to provide you the service.
We do not in any way process, analyse your behaviour or personal characteristics (profiling). We have no advertisements or business relationships with advertisers.
We do not share nor sell your data to third party unless in case of network inter-operable (federated) services require certain data to operate (eg. other email service provider needs to know your email address to be able to deliver emails).
We do not require any additional information that is not crucial for operation of the service (we do not ask for additional email addresses, phone numbers).
We do not read/look nor process your personal data, emails, files etc. stored on our servers unless needed for troubleshooting purposes, or under suspicion of breaking Terms Of Services in which case we ask for prior permission from you or inform you afterwards of all actions taken against the account in the transparency report addressed to account holder.
Access to your information
Some of the services provided by KABI.tk such as KABIcloud (Nextcloud), Email, KABIsocial (Mastodon) and KABIchat (Matrix) are operating based on so called Federation Protocols. This enables users signed up at different service providers to interact with each other. Because of the nature of the protocols (ability to send each other messages, likes, share files, chat) some of the data is naturally shared with other entities. However, sharing data with other service provider is the user’s choice and is configured by the users in their settings per service including the decision of with whom and what to share.
You may be shown embedded videos and link previews from other websites while using services provided by KABI.tk. This may expose you to web tracking by external services, such as (but not limited to) Facebook, Twitter, and Google.
All data and files stored on services that are bound to personal information (services that require logging in) are available for you to download for either archival purposes or to transfer to another compatible website.
Under the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA) you have a number of rights with regard to your personal data. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability. If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
You have the right to lodge a complaint to the Information Commissioners’ Office if you believe that we have not complied with the requirements of the GDPR or DPA 18 with regard to your personal data. Identity and contact details of controller and data protection officer:
KABI.tk is the controller of data for the purposes of the DPA 18 and GDPR. 3 If you have any concerns as to how your data is processed you can contact: firstname.lastname@example.org
Per Service additional privacy policies and exceptions
No data (IP address, session cookie etc) is stored on the server, unless for troubleshooting purposes, after which the log data is purged from the server.
All files uploaded to the service are end-to-end encrypted. we, KABI.tk admins have no way of decrypting that information
We do not collect IP addresses and other personal data that can be linked to the pad. If you use the Etherpad, all data entered in the sheet may be public, as stated in the description. If you want any deleting of data, maybe because you entered something in the Etherpad, just write us an email to hello (at) kabi.tk and we will help you right away.
md.kabi.tk CodiMD Markdown Pad
For the markdown pad the same rules as for Etherpad apply. Additionally you could register an account to keep all pads to the account holder. Anyways, for the registration there is no personal authentification nor a valid email-address required. Given email-addresses are saved in the database and can be deleted by the user or upon request.
All files send to the cloud are encrypted with a keypair created based on the user password, to create extra level of security. Note however that the keys are stored on the server which compromises the level of security
Everything else except for files (calendars, contacts, news, tasks, bookmarks etc) is stored in plain-text in a database, unless an app provides external encryption (non so far).
All emails, unless encrypted by user (with gpg for instance) are stored on our servers in plain-text.
IP addresses of currently logged in user via IMAP/POP3 protocol are stored as long as the device is logged in to the server. (per each device logged in)
Mastodon is a federated service, that means that your posts are spread through the Fediverse and stored or cached on other servers. Private messages sent via Mastodon stored on the server are not encrypted. Do not send content in private messages that you wouldn’t send via e-mail.
The open-source software Jitsi Meet is used to transmit video and audio signals within the video chat. On the basis of WebRTC, data or media streams are transmitted in encrypted form via Datagram Transport Layer Security (DTLS) and Secure Real-time Transport Protocol (SRTP). However, WebRTC does not (yet) offer end-to-end encryption of video chats with multiple people. This means: The video chat is encrypted on the transport route or in the network, all data traffic is decrypted on our server and is therefore potentially visible to us. Open rooms are closed after the last person left. Anyways the service will reset itself every day to whipe out any data left.
KABIblue (BigBlueButton / Greenlight)
KABIblue uses BigBlueButton and the Greenlight frontend to provide a professional videoconferencing. To use the service an invitation is required. We will store your contact information such as your email-address and organisation name. The video and presentation streaming data is encrypted. However, if you choose to record the meeting, the data could be read by the server. As stated in the general term, we won’t do that. The user database is managed by the Greenlight frontend. That means that the Usernames are potential public as they may be searchable by other registered users.
Impressum / Contact
13 Freeland Park