Recently, we have received multiple requests / questions to clarify what data we (NetCore j.s.a.) collect from local (your) Unimus instances. Due to the recent events in the industry, and since Unimus requires a connection to our Licensing Server, we wanted to provide an official statement on what data is being sent to our Licensing Server.
We have always been transparent about this (there are multiple older forum threads on this topic), but in keeping with our full transparency policy, I wanted to post a single central thread that clarifies this.
Q1: Do you collect credentials, or any other sensitive data from local Unimus instances?
A: No, we have never collected, and we do not plan to collect any sensitive data (such as credentials, usernames/passwords or anything similar) from local Unimus instances.
Q2: Do you collect Backups or Config Push presets or any other data retrieved from devices in Unimus instances?
A: No, we have never collected, and we do not plan to collect Backups or Config Push presets / settings from local instances. We also do not collect, and we do not plan to collect any data retrieved from devices in Unimus.
Q3: Do you collect any statistical data or metadata from Unimus instances?
A: No, we do not currently collect any statistical data or metadata from Unimus instances. We do plan to implement statistics collection, but this will be opt-in and disabled by default.
Q4: Do you collect any data from local Unimus instances?
A: Yes, we collect licensing data from all Unimus instances.
Q5: What licensing data is being collected?
A: Device addresses and internal UUIDs. Zone names, numbers, default flags, proxy types and internal UUIDs. All internal UUIDs are randomly generated and do not hold any user data.
Q6: Are any data about my devices (such as vendor, model, type, or anything else) being collected?
A: No, we do not collect any data from your devices other than the device address and it's internal UUID. As mentioned in the answer to Q2, we do not collect any data that Unimus retrieves from your devices.
Q7: Are zone access keys or descriptions being collected?
A: No, as mentioned in the answer to Q1, we do not collect any sensitive data from Unimus instances. We also do not collect zone descriptions, we only collect the data as specified in the answer to Q5.
Q8: Why do you collect this (licensing) data?
A: We send basic information to our licensing server from Unimus for license validation purposes. We do this to track the use of the license keys, validate your license and to provide device and zone synchronization between multiple Unimus instances using the same license key for HA.
Hopefully this thread answers what we do and do not collect (what data is being sent to our Licensing Server). If you have any questions or would like more information about anything related to this topic, please feel free to ask!