Privacy Policy
Last updated: 2026-04-08 UTC
This Privacy Policy describes how BareProx processes data when you use the application. BareProx is deployed and operated by you (self-hosted). No telemetry is sent to the developers by default.
What BareProx Stores
- Configuration data: Proxmox and NetApp connection details, settings, schedules.
- Operational logs: Job history (backups, restores), warnings/errors, timestamps.
- User accounts: Authentication and authorization data via ASP.NET Identity (if enabled).
- Notifications: Email settings and recipients if you enable email notifications.
What BareProx Does Not Do
- No built-in analytics or third-party tracking.
- No automatic data sharing with external services, unless you configure features (e.g., email).
Cookies
BareProx may use cookies for authentication/session management. These are strictly necessary for the app to function. If you enable anti-forgery tokens (default), related cookies are also used to protect against CSRF.
Log & Diagnostic Data
Application and job logs are stored locally (e.g., database and/or rolling log files). You control retention policies. Logs may include VM names, storage names, cluster/host names, timestamps and error details.
Security
- Credentials and secrets should be stored encrypted at rest (e.g., Data Protection APIs / your key vault).
- Self-signed certificates can be generated in-app; consider replacing with a trusted certificate in production.
- Restrict network access to the management UI and APIs.
Data Export & Deletion
As the operator, you control the database and file storage. You may export or delete data using your database tools. For user-initiated deletion requests, follow your organization’s policy and remove data from the underlying stores.
Third-Party Services
Certain optional features may contact external endpoints (e.g., GitHub raw content for update checks). These are opt-in and documented in the settings UI.
Contact
For privacy questions, contact: nwtobbe@gmail.com.
BareProx is GPL-3.0 licensed. You are responsible for running and configuring it in compliance with your local laws and policies.