User Tools

Site Tools


Sidebar

LUCY MANUAL Applies to LUCY versions above 2.2.

confidentiality_of_campaign_data

What Data Gets Logged?

LUCY has different logging levels:

  • Normal logging: All campaign data is logged in the database.
  • Anonymous Mode: Use this mode to hide all victim data (IP address, login details etc.) from statistics, reports and database.

Details about anonymous mode

If the anonymous mode checkbox is selected within the scenario settings then all personalized data automatically gets deleted. There is no possibility to track any individual users anymore. Only generic statistics will be visible. The following screenshots show a few examples of the output, if the anonymous mode checkbox is enabled:

Questions about confidentiality

Is Data Shared among Clients or Sent Back to Us? All data is stored in a local PostgreSQL RDBMS that comes with LUCY. As a result, there is no centralized storage and data will never be send back to us. Even if you choose LUCY as a SAS, you will have a dedicated Linux server with a separate DB which is not shared with other clients.

How Can You Delete Campaign Data? Once you reset the statistics data in LUCY, delete a campaign or remove the recipients from a running campaign, the data is removed from the database and cannot be restored.

Does LUCY Send Any Confidential Data Back to Us? No - never. LUCY has the ability to send us log files. This needs to be initiated manually. Those logs contain only technical data about your installation (mainly Apache logs). However, all possible confidential data is deleted (we don't collect any information about your campaign settings). When running the checks in a campaign, LUCY connects to external servers to test certain settings (SPAM, accessibility etc.) without sending back any information about your settings, environment or campaign.

Is the data in the DB encrypted? Yes - all data in the DB is encrypted (AES).

confidentiality_of_campaign_data.txt · Last modified: 2017/01/31 04:02 by lucy