Privacy Policy

This document describes what information we collect and what it’s used for. It applies to all interactions with riseup.net. Your use of riseup.net services will constitute your agreement to our Privacy Policy. Please also review our Terms of Service.

Summary

You have a reasonable expectation of privacy regarding any communication or data transiting or stored on this information system. We collect very little personal information, and none of the information we do collect is ever shared.

Information we collect and retain

Registration information

When you create an account, we retain the date you registered (rounded to the nearest quarter year). Account request information is removed after four months, and invite status is removed after one month. If you choose to set a reset email address, we retain this record but in a format that is unreadable by us (it is stored in a hashed digest, similar to how passwords are stored).

Help tickets

The content of any help ticket you create or comment on while authenticated will be associated with your user account. You can choose to fill out a help ticket anonymously by creating a ticket while not logged in. We periodically delete old help tickets that are closed.

Session identifiers

While currently logged in, we keep a temporary session identifier on your computer that your software uses to prove your authentication state. This is erased immediately after you log out or the session expires. We do not use any third party cookies or tracking of any kind.

Email transit logs

In order to detect when our servers are under attack from a “spam bomb” or when a spammer is using our system, we keep a log of the “from” or “to” information for every message relayed. These logs are purged on a daily basis.

Quarter of last log in

We keep a record of the quarter and year of your last successful authentication (in order to be able to disable and delete dormant accounts). We do not record the time or day of the last log in. For example, this information looks like “Q3 2018”.

Information we choose to not retain

IP addresses

No IP addresses of any user for any service are retained.

Browser fingerprint

Your web browser communicates uniquely identifying information to all web servers it visits by allowing the site to know details about your operating system, browser information, plugins installed, fonts installed, screen resolution, and much more. We do not retain any of this information.

Message metadata

Even when using end-to-end OpenPGP encryption for email messages, the email “subject” and routing information regarding the message “from” and “to” are seen by our servers in the clear when the email initially arrives. This is due to inherent limitations in the email protocol and in OpenPGP.

How we store and share collected information

Encryption

All of your data is stored in an encrypted format, and only Riseup has the keys to decrypt the data. Additionally, as of March 2017, the storage for all new accounts is personally encrypted. Riseup is unable to read any of the stored content for these accounts. Any user with an account created prior to March 2017 may opt-in to personally encrypted storage.

We do not share user information

We retain only the bare minimum of information about each user that is required to make the service work. We do not sell or share any of it.

Academic research

Anonymous, aggregated information that cannot be linked back to an individual user may be made available to experienced researchers for the sole purpose of developing better systems for anonymous and secure communication. For example, we may aggregate information on how many messages a typical user sends and receives, and with what frequency.

We will not read, search, or process any of your incoming or outgoing mail other than to protect you from viruses and spam or when directed to do so by you when troubleshooting.

Account deletion

You may choose to delete your riseup.net account at any time. Doing so will destroy all the data we retain that is associated with your account. The usernames associated with deleted accounts remain unavailable to use.

Changes to this policy

We reserve the right to change this policy. If we make major changes, we will notify our users in a clear and prominent manner (like our Newsletters). Minor changes may only be highlighted in the footer of our website.