Deutsche Datenschutzerklärung folgt
These Terms of Service were originally written in English (US). We may translate these terms into other languages. In the event of a conflict between a translated version of these Terms of Service and the English version, the English version will control.
We recognize that privacy is extremely important to all visitors to our website. We do not share any individual information with anybody without your permission.
To download a whitepaper, you have to enter your email address. Unless you opt in for more information, we immediately delete your mail address from our database after sending the whitepaper.
Our website occasionally embeds content, like YouTube videos (behind a click-through wall) and others. We do not share any of your data with the parties behind them, however, they can gather some information when you watch a video or click the captcha. We are always looking for ways to decrease data sharing here and input is welcome.
We have been working on moving away from YouTube and towards videos hosted on Cloudflare. They keep very minimal logs and do not put tracking cookies or other stuff on your computer. They store a log of each http request with this data. It can be summarized as IP address and client device and a whole bunch of data on how their infrastructure is doing.
For tracking and marketing automation we use the open source Matomo (the former Piwik) tool to get information on how our website is used and use phpList to handle our newsletters. From neither will we hand over individual data to anybody else and any privacy breaches we will disclose as soon as possible. We also delete, anonymize and remove data regularly.
Our security scanner is strictly based on publicly available information, that is the list of known vulnerabilities relevant for ownCloud/Nextcloud releases as well as any applied hardenings/settings we can scan without having access to the server. We only scan on-demand and store the results, but do not update them automatically.
Our forums on help.nextcloud.com runs the open source discourse software. This is self-hosted and we do not share, disclose or otherwise distribute any data from it. You can disable your own account there if you need to. Note that this platform is meant for home users and home user questions! As enterprise visitor, please use our support portal. If you still use the forums, expect that we reach out to you at some point. To use our forums you must agree with our Terms of Service. See below for the complete TOS for the use of our forums.
As we do not host Nextcloud for anyone else, this privacy policy can not cover what a Nextcloud installation does. In general, we can say the following:
Our software, be it the Nextcloud server or the Android or iOS apps, are designed to not sent any user data to us. The optional Usage Survey app can sent usage statistics like installed apps to us to help us improve our service. You can review and approve the data before it is sent. We store the data aggregated and not per user, so a theft of our data can not be used to get any information about any specific installation. The Updater app, if enabled, sends Nextcloud version, PHP version, install time and the channel it wants to the Nextcloud updater server to receive update information. We store the install time and version on the instance to track statistics, all other data is discarded right away.
With regards to third party apps: we can not take any responsibility for third-party apps and the data they store or sent about users. We do have a policy in our app store against abusing private data and any app that is found to be in violation is removed and its author banned. However, we do not have the ability to check all code of all third party applications and thus we recommend you are careful when installing third party apps.
If you see any problems, please report it to abuse@nextcloud.com.
You can find details in our complete privacy policy below.
Our privacy policy is written to help you find out how Nextcloud handles “Personally identifiable information (“PII). PII is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.
Like most websites, nextcloud.com collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. nextcloud.com’s purpose in collecting non-personally identifying information is to better understand how nextcloud.com’s visitors use its website. From time to time, nextcloud.com may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.
nextcloud.com also collects potentially personally-identifying information like Internet Protocol (IP) addresses. nextcloud.com does not use such information to identify its visitors, however, and does not disclose such information to third parties unless legally obliged to do so.
We honour the do-not-track directive. nextcloud.com will not track anything if this is enabled.
Furthermore, our website visit statistics tool Mamoto is configured to anonymize visitor IP addresses data by not storing the last digits of all IP addresses.
When registering or submitting a form on our site, as appropriate, you may be asked to enter your name, email address, phone number or other details. See below on what happens with that data.
On our websites:
We collect information from you when you subscribe to a newsletter, fill out a form or enter information on our site.
Nextcloud Files
Our apps only communicate with your own Nextcloud server and do not sent any data to us. The Play Store version equal to or newer than 1.5.0 for Nextcloud supports push notifications which use the Google servers. However Google does not have access to the actual notification data. Only a header with a subject is sent via Google, but in encrypted form, and the rest of the content is retrieved directly from your Nextcloud server and not sent through Google. The iOS client works in a similar way.
We may use the information we collect from you when you register, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
Podlove
We use the Podlove player to serve podcast on nextcloud.com/podcasts. The Podlove Web Player is served by keycdn.com (keycdn GDPR statement).
Videos
Videos on our website are served by cloudflare (GDPR statement).
Yes. Cookies are small files that a site or its service provider transfers to your computer hard drive through your Web browser (if you allow) that enables the site or service provider systems to recognize your browser and capture and remember certain information. Cookies are used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Internet Explorer or firefox) settings. Each browser is a little different, so look at your browser Help menu to learn the correct way to modify your cookies settings.
If you disable cookies, some minor features might be disabled.
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses. Think aggregated statistics (number of website visitors in a particular month) or trends (“we see an increase in the number of visitors from Asia”).
We do not include or offer third-party products or services on our website.
According to the California Online Privacy Protection Act (CalOPPA) we agree to the following:
Users can visit our site anonymously.
Once this privacy policy is created, we will add a link to it on our home page or as a minimum on the first significant page after entering our website.
Our Privacy Policy link includes the word “Privacy” and can be easily be found on the page specified above.
Users will be notified of any privacy policy changes on our Privacy Policy Page.
Users are able to change their personal information:
We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
We do not allow or employ third-party behavioral tracking. Our website features no third party ads or tracking tools.
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices, should a data breach occur we will notify the users via email within 7 business days
We also agree to the Individual Redress Principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
To be in accordance with CANSPAM we agree to the following:
If at any time you would like to unsubscribe from receiving future emails follow the instructions at the bottom of each email and we will promptly remove you from correspondence by that tool. Note that you have to unsubscribe separately from our newsletter and our marketing automation tool.
If you wish to use our forums, you have to agree to the stipulations below.
To contribute to our forums, you need an account. For that we need a real email address. You can ask us to close your account and delete all private data (but not the posts, see below) any time. Use the contact form on the bottom of this page. Note that YOU are responsible for all actions taken with your account, whether authorized or not, unless you ask us to close your account or notify us it is compromised. You agree to pick a secure password and keep it safe! You agree all content posted on the forums is owned by you and by posting on our forums is shared and licensed under the Attribution-ShareAlike 4.0 International license.
Attribution-ShareAlike 4.0 International
Note that our forums contain content from our community. While we and our volunteer moderators do our best to keep dangerous or objectionable content off our forums, it is possible users break our rules. This also has privacy implications – if someone hotlinks an image, then the browser of the visitor will fetch the image and transfer the IP adresse (and some other data) to this server. You can configure your browser to not fetch any data from outside the forum, however.
If you do not wish to follow those rules or accept the above, please do not use our forums. We reserve the right to change, redact, and delete content on the forum for any reason.
The source code of the website can be found in our GitHub repository. It is licensed under the AGPLv3 license. Note that graphics and trademarks are of course not licensed freely, nor is text content. The license covers the code of the site.
If there are any questions regarding this privacy policy you may contact us using the information below.
Although most changes are likely to be minor, Nextcloud may change its Privacy Policy from time to time and at our sole discretion. We encourage visitors to frequently check this page for any changes to our Privacy Policy. Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.
Nextcloud GmbH
Hauptmannsreute 44A
70192 Stuttgart, Germany
HRB 227086 (AG München)
T +49 711 25 24 28 90
Contact form
Managing Director:
Frank Karlitschek
All product names and trademarks are the property of their respective owners, which might in no way be associated or affiliated with Nextcloud.
Last Edited on 2020-07-23
