Mindly.Social Privacy
NOTE: This document is specific to Mindly.Social users because the version of software we're using may not match all instances so some features may not be available and some details are about this specific server and its policies.
Privacy is a key concern for a lot of people, that's why we want to provide you with the information you might need to help safeguard your privacy.
First off, I'd like to say that we use the default Mastodon privacy policy because it's very extensive and covers topics we're not qualified to speak on because we're not lawyers so too much is always better than not enough.
What I can speak on is that we have a very concise message about user privacy on Mindly.Social:
We will never sell or share your personal information with any other person or company for our benefit.
One thing that does need to be mentioned is that as a US-based company we are required to assist with any legal requests from government or law enforcement. This is not something we can change as even the cheapest lawyers are out of our budget.
Account Settings
Here are some of the things that you can do personally to help protect your privacy on the fediverse.
Profile -> Appearance
- Require follow requests - Check this box if you want to manually approve who can follow you and see your posts (this is important if you change your posting visibility settings later).
- Suggest account to others - Uncheck this if you do not want your profile to be suggested for new users.
- Hide your social graph - This will hide the list of who you follow and who follows you. It does not hide your follow and follower counts.
Preferences -> Notifications
- Block notifications from non-followers* - Check this to block notifications from people who don't follow you, this includes replies, DMs, and mentions.
- Block notifications from people you don't follow* - This will prevent notifications from people you aren't following, pretty self explanatory.
- Block direct messages from people you don't follow - This will prevent anybody from contacting you that you aren't following, effectively limiting who can DM you.
**Please note that these settings will not prevent somebody from mentioning you or replying to your posts, it just means you won't be notified of it.*
Preferences -> Other
- Opt-out of search engine indexing - Checking this should tell search engine crawlers not to list your posts/profile in search engines. Some respect this settings and some don't. It's not foolproof, but it should help with some of the more popular search engines.
(A table of these can also be found here.)
- Posting privacy - This is where you can control how public or private your posts are by default. This setting can also be changed on a post-by-post basis before you post.
- Public - This is the most open setting, everybody on the Fediverse who isn't blocked by you and isn't blocking/muting you can see your post, even people not on Mastodon.
- Unlisted - Same as public but it will not show up in public feeds such as the Federated timeline.
- Followers-only - This restricts your post to only people who follow you, nobody else can see this but if your follower is on a different server their server will receive the post and (depending on the software) cache it locally.
If you'd like a more detailed explanation about post visibility, please check out this much more in-depth guide.
- Disclose application used to send posts - Uncheck this box to prevent Mastodon from sharing what app you are using to send the post. This will usually let everybody who sees the post know whether you're on a mobile app and which mobile platform.
Automated post deletion
This might be a good option if you don't want your posts to hang around forever. This is something each individual needs to decide for themselves and all of the settings are up to you. I'm not going to go over all of the options because they are pretty self explanatory and there's a lot of them.
If there's a lot of demand for it, I might give this its own page because not even Mastodon's official site has documentation on this yet.
Server Settings
This section is for the server specific privacy settings and will be different per server. Here's a quick overview of the settings Mindly.Social uses to help you adjust your personal settings accordingly.
- Allow unauthenticated access to public timelines - We have this enabled, it allows anybody with internet access to view some of the recent public posts by members of Mindly.Social who have their posts set to "Public". We leave this enabled so potential users can see if this server is a good fit for them.
- Opt users out of search engine indexing by default - We have this enabled so users can choose if they want their public posts and profiles scraped by search engines that respect this setting.
- Publish aggregate statistics about user activity in the API - We have this enabled since we are a public server and the data about our size is helpful for users who are making a decision about whether or not to join the server.
- Publish list of discovered servers in the API - This is also enabled by default so those same sites who provide details for users looking for a server can see that we're well established.
- Enable profile directory - We have this enabled so our users who want to be discovered and grow their follow/follower counts and their home timeline can do so easier.
Now this is just a quick crash course that I wrote up just to get some of this information easily available for users. There are lots of other settings out there that can be used in combination with these such as filters and blocking users/servers that will help safeguard your privacy by limiting what you see and who can see you.
Unfortunately, this is only some of the information I could dig up and put together in the amount of time I had available. I am looking for more detailed resources to provide all of the other privacy focused features and functions that are built-in to Mastodon and ActivityPub to provide a complete picture of the safeguards in place within the code that you cannot see or alter.
I hope this information is a good start for you to make smart decisions and if you find yourself still questioning whether or not the risk is worth if you for, always remember that you can run your own server and put the ultimate control within your hands. It's not an impossible task either, you might be surprised how easy it is to setup a server for yourself even on something like a Raspberry Pi.
Please reach out to me if you have any questions about this guide or anything specific with Mastodon servers or privacy. Thanks!