It seems like the FOSS community is continuing to grow, and FOSS apps keep getting better (Immich reallh blew my mind recently), which is a big win 😎 but there are still many apps I use that I would kill for an open source alternative. I am curious what you guys think? Are there any apps you'd love alternatives for?

you are viewing a single comment's thread
view the rest of the comments

[–] GolfNovemberUniform@lemmy.ml 6 points 10 months ago (1 children)

The privacy policy of their app's captcha solution is horrendous so no thank you

[–] Devorlon@lemmy.zip 0 points 10 months ago (1 children)

Doesn't seem that bad, when you go to log in it checks your IP, length of time on the site and mouse movements.

hCaptcha

This section has been adapted from hCaptcha's documentation.

We use the hCaptcha anti-bot service (hereinafter "hCaptcha") on our website. This service is provided by Intuition Machines, Inc., a Delaware US Corporation ("IMI"). hCaptcha is used to check whether the data entered on our website (such as on a login page or contact form) has been entered by a human or by an automated program. To do this, hCaptcha analyzes the behavior of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website or app with hCaptcha enabled.

When using the Revolt App, hCaptcha will only begin analysis when you:

Submit a login request.
Submit a registration request.
Submit a password reset / email resend request.

For the analysis, hCaptcha evaluates various information (e.g. IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI.

Data processing is based on Art. 6(1)(f) of the GDPR (DSGVO): the website or mobile app operator has a legitimate interest in protecting its site from abusive automated crawling and spam. IMI acts as a "data processor" acting on behalf of its customers as defined under the GDPR, and a "service provider" for the purposes of the California Consumer Privacy Act (CCPA). For more information about hCaptcha and IMI's privacy policy and terms of use, please visit the following links: https://hcaptcha.com/privacy/ and https://hcaptcha.com/terms.

[–] GolfNovemberUniform@lemmy.ml 0 points 10 months ago (1 children)

The Revolt's policy is not that bad. Look at the hCaptcha's one

[–] Devorlon@lemmy.zip 1 points 10 months ago (1 children)

That's the part of hCaptchas policy that's relevant to Revolt.

For the analysis, hCaptcha evaluates various information (e.g. IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI.

[–] GolfNovemberUniform@lemmy.ml 1 points 10 months ago* (last edited 10 months ago) (1 children)

Did you miss these parts or are they inapplicable?

How We Use Information We use the information we collect for the following purposes: To administer Integrator and Customer accounts and provide the Service. We use Personal Information in order to associate specific accounts with Integrators and Customers and to provide them the Service, to respond to requests or inquiries, to provide support or technical assistance, and to facilitate payments. To improve to Site and the Service. We use Analytics Information to improve our existing and develop new services and offerings and to customize existing and future product offerings. To derive market insights. We use Analytics Information to analyze the market and conduct business analyses related to the Site and our Services, and for other research purposes. To provide a market for Labeled Data. Our Service enables high volume data labeling and human review for machine learning systems as a service to website owners and companies who need help getting their data labeled. To that end, we disclose Labeled Data to our Customers interested in acquiring Labeled Data. To secure our services and systems. We use Analytics Information to secure our systems by identifying potential threats and vulnerabilities, and to otherwise protect the information we collect. For any legitimate business purpose, provided that the information is de-identified or aggregated such that it cannot be reasonably tied to an individual.

How We Share Information We share or disclose personal information in the following cases: Upon direct request from an Integrator to identify the fraud risk of a specific CAPTCHA challenge request or IP address, or otherwise where specific consent was given. With vendors we engage to provide essential aspects of the Sites and the Service, such as data storage, hosting, and Analytics, and only for those purposes. As necessary to comply with applicable law, including governmental requests, law enforcement requests, and otherwise to public and private entities in order to protect the rights, privacy, safety, or property of you, us, or others. With others for any legitimate business purpose, provided the information is de-identifiedor aggregated such that it cannot be reasonably tied to an individual.

Disclosure Regarding "Sales" of Personal Information under the CCPA. In the preceding twelve months, IMI has not "sold" any Personal Information (as defined by the CCPA), nor does IMI have actual knowledge of any "sale" of Personal Information of minors under 16 years of age (so they do sell information of people over 16). Disclosure Regarding "Sharing" for "Cross-Context Behavioral Advertising" under the CCPA. In the preceding twelve months, IMI has not "shared" any Personal Information for "cross-context behavioral advertising" (as such terms are defined in the CCPA), nor does IMI have actual knowledge of any "sharing" of Personal Information of minors under 16 years of age for "cross-context behavioral advertising".

[–] Devorlon@lemmy.zip 1 points 10 months ago

I based my assumptions on the parts in Revolts privacy policy, since reading the privacy policy of hCatpcha it alludes that each 'vendor' can select how much data they'd like to collect I assumed that Revolt only allowed them to collect IP, length of time on site and mouse movements. While they do sell information, they claim it to be anonymised and I contacted support to see how they did that for IP addresses.

Which is why I don't really mind. The information they have of me is at most how my cursor moved, how long I took to Submit a login request, Submit a registration request, Submit a password reset / email resend request and an obfuscated IP. Seems OK to me.