Metrics and Diffgram Corporate Access
Introduction
An installation of Diffgram has limited "phone home" capabilities. Key points:
- No Personally Identifiable Information (PII) is sent to Diffgram Corporate (DC) servers.
- None of the primary forms of system data are sent to DC.
- Your data is your data. This includes annotations and BLOBs which DC never has direct access to.
- There are Limited Cases, as defined in this document, where DC has access or receives data.
- In the Limited Cases, only Metadata or Aggregate reports are sent, as defined in this document.
Customer Audit
It is strongly recommended for the Customer to audit the source code, including the linked items in this document to verify the data collected meets their compliance requirements. While all commercially reasonable methods are made to keep this document up to date and aligned with source code, it is the responsibility of the customer to verify it. It is also possible that coding errors, human error, or exceptional cases could cause Unexpected Data Transfer (UDT) case. In any UDT case to DC the data will be promptly reported and deleted.
Definitions
Definitions of terms.
Metadata
Metadata is defined as "data about data". All Metadata collected is detailed in the source code. Metadata is not annotations. Examples of Metadata include:
member_id
:int
error_log
:json
project_id
:int
input_id
:int
Personally Identifiable Information (PII)
Information that can identify or is about a specific person. All data collection methods only return events, metadata e.g. database integers, aggregate data, etc. No methods return access to BLOB data.
Aggregate Reports
Aggregate reports, or "Roll up" reports, are reports that combine multiple objects into counts or other similar mechanisms. An example report has a field like annotations : 10,000
. These reports do not contain any PII.
Diffgram Corporate (DC)
Diffgram Inc, or it's agents.
Limited Cases
The limited cases are as follows:
- Event.py error collection
- JS error collection
- Support
- Licensing
Summary Table
This table lays out all data collection or access cases.
Named Case | Scope of Data Collected | Personally Identifiable Information (PII) | Use Cases | Collection or Access | Customer Can Limit |
---|---|---|---|---|---|
Event.py error collection | Metadata | No | Error tracking | Collection | Yes - Voids Default SLA |
JS error collection | Metadata | No | Error tracking | Collection | Yes - Voids Default SLA |
Support | N/A | No | Support | Access | Yes - Voids Default SLA |
Licensing | N/A | No | Enforce Licensing | Access | No |
Event.py error collection
Types of Data Collected
- Metadata, such as Database IDs
The backend services log events. Data sent to DC is only sent through through event.py. By calling event.new()
. For a complete list of every field collected check event.py.
JS error collection
Types of Data Collected
- Webpage visit events
The frontend collects high level events of webpage users and JS errors. This does not include any PII, BLOB data or annotation data. The frontend methods uses a tag manager to load error collection scripts.
Support
Types of Access:
- Named routes, such as Installation configuration and Aggregate reporting.
There are named support routes in Diffgram that have access as defined by passing allow_support=True
in the permissions wrapper. These support routes do not allow only limited access and do not allow access to any PII blobs defined in an OIDC configuration.
Licensing
Types of Access:
- Access to enable or disable commercial licensing related functions.
The licensing server access and reporting is used exclusively for commercial licensing related items, including:
- Determine license status and revoke license
- Billing purposes, such as usage thresholds
Changes
From time to time the metrics and access may be changed. DC's commitment here is to
- Keep this document as up to date as possible
- Flag material changes
Updated over 1 year ago