@Gargron You record just what data your app keeps. Presumably you have a server list and logins. Do you cache anything? Report that.
Top-level
@Gargron You record just what data your app keeps. Presumably you have a server list and logins. Do you cache anything? Report that. 5 comments
Eugen, also what sends push (APNS) notifications? Or does each instance handle that on its own? @grishka There's a relay Web Push to APN server that sees device tokens (not sure how much of a PII this is), but does not see notification contents as they are encrypted @grishka Documentation says the device token is unique both to the device and the app, that means the device token should not be usable for identifying a user... I think @Gargron Afaik, unless if you’re tying the device token to the user on the server, or you have some way to identify the user who’s using the app, device token + app doesn’t really tell you who the user is. At least for Firebase, if the user logs out and logs into another account, the 2 accounts might even use the same device token. |
@mdhughes Hm. It connects to the public api.joinmastodon.org to get the list of servers, anonymously. Any cache is local within the phone.