mastodon.social privacy policy — score 25/100 (high risk)

Viimeksi analysoitu

Raportin sisältö (yhteenveto, havainnot, lainaukset) on luotu englanniksi eikä sitä ole lokalisoitu.

Aja uusi analyysi toiselle käytännölle

Mastodon GmbH · mastodon.social

Raportin tiedot

high riski

Mastodon GmbH's mastodon.social privacy policy page was not actually provided for analysis — only navigation chrome and marketing copy were included, making it impossible to assess compliance and leaving users without verifiable assurances.

The provided text contains only the website's navigation structure, footer links, and marketing taglines for mastodon.social, operated by Mastodon GmbH. The actual privacy policy content linked at /privacy-policy was not captured in the scrape. No substantive privacy language, data processing details, legal bases, user rights, or transfer mechanisms are present in the provided text. This means the analysis can only flag the absence of information rather than evaluate existing protections.

Viimeksi analysoitu
LähdeURL
Pituus2,703 merkkiä

Kategoria-arviointi

Käytännön jakautuminen keskeisille vaatimustenmukaisuusalueille. Hyvä = vahva, kohtalainen = ristiriitainen, heikko = huolestuttava.

Data Minimizationpoor

No policy text was provided, so there is no evidence of data minimization commitments or collection limits.

Transparencypoor

The privacy policy page link exists but its content was not captured, meaning transparency cannot be verified from the provided text.

Third-party Sharingpoor

Zero information available about subprocessors, analytics providers, or any third-party data recipients in the provided content.

International Transferspoor

No mention of data residency, transfer mechanisms, or geographic processing locations anywhere in the provided text.

AI/Model Trainingpoor

Silent — no language about whether user data is used for AI training, and no opt-out mechanism described.

User Rightspoor

No GDPR user rights (access, deletion, portability, objection) are documented in the provided text.

Keskeiset havainnot

Huomionarvoiset ehdot, ongelmat tai hyvät käytännöt (kriittiset ensin)

Kriittinen

Privacy policy content entirely missing from provided text

The linked privacy policy page at /privacy-policy was included in the scrape but only rendered navigation chrome and marketing copy — no substantive privacy language appeared. This makes it impossible to assess what data is collected, how it is processed, or what rights users have.

Kriittinen

No data processing details or legal bases stated

The provided text contains no information about what personal data mastodon.social collects, the legal bases under GDPR Article 6, or purposes of processing. This is a fundamental transparency failure if the policy itself is not accessible or readable.

Kriittinen

Fediverse data sharing implications unaddressed

Mastodon.social is part of the fediverse, meaning user data (posts, profiles, interactions) is federated to other independent servers. The provided text does not explain this cross-server data flow, its privacy implications, or how users can control it — a significant gap for a decentralized social network.

Varoitus

Marketing claims about privacy lack substantiation

The page states 'No algorithms, ads, or clickbait in sight' as a privacy-positive differentiator, but without an accessible privacy policy, these claims are unverifiable and potentially misleading under GDPR transparency requirements.

Yhteenveto käyttäjälle

You cannot evaluate mastodon.social's privacy practices from this text because the actual policy content is missing; visit the privacy policy page directly and review it before trusting the service with your data.

Vaatimustenmukaisuusasento

Unknown and unverifiable — the privacy policy content was not provided, so no compliance assessment can be made. This itself is a concern if the policy is not easily accessible or renderable.

EU-siirrot

No information provided about data storage locations, international transfers, or safeguard mechanisms such as Standard Contractual Clauses.

Havaitut signaalit

Tekstistä tunnistetut erityiset tiedot ja käytännöt

Kerätyt tiedot
Unknown — policy content not provided
Käsittelyn tarkoitukset
Unknown — policy content not provided
Jakaminen kolmansille osapuolille
Fediverse federation mentioned but not explained in privacy termsNo subprocessor or third-party disclosure present
Kansainväliset siirrot
No transfer information provided
Tekoäly / Mallin koulutus
No AI training disclosure present

Todisteiden otteet

Suorat lainaukset käytännöstä näiden havaintojen tueksi

The original server of Mastodon, operated by Mastodon GmbH for the common good.

Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.

mastodon.social is one of the many independent Mastodon servers you can use to participate in the fediverse.

Puuttuu tai epäselvä

  • Actual privacy policy text — the page content was not captured
  • Legal bases for data processing under GDPR
  • Data retention periods and deletion policies
  • List of subprocessors or third-party recipients
  • International data transfer mechanisms and safeguards
  • Cookie and tracking technology details
  • User rights procedures and contact information for the DPO
  • Fediverse federation data flow explanation and user controls
  • Data breach notification procedures
  • Children's privacy protections

Kysyttävät kysymykset

  • Why did the privacy policy page fail to render its substantive content, and is this a recurring accessibility issue for users trying to review their privacy rights?
  • How does mastodon.social handle the inherent data federation of the fediverse — what personal data flows to other servers, and what legal basis supports this?
  • Does Mastodon GmbH have a Data Protection Officer, and how can users exercise their GDPR rights (access, erasure, portability, objection)?
Tämän analyysin tuottaa tekoäly, eikä se ole oikeudellista neuvontaa. Kysy aina pätevältä juristilta vaatimustenmukaisuuspäätöksiin.

Jaa tämä analyysi

Kuka tahansa, jolla on tämä linkki, voi nähdä yllä olevan tuloksen.

DentroChatin rakentama

100 % eurooppalainen tekoälychat kaikille

Keskustele tekoälyn kanssa, käsittele tiedostoja, luo kuvia ja hae verkosta. Tiedot pysyvät Euroopassa.

EU:ssa isännöity infrastruktuuriTeksti, tiedostot, kuvat ja verkkohakuNopea-, Ajattelu- ja Luova-tilatTietosuoja ensin oletuksenaTiedot eivät poistu Euroopasta
Kokeile ilmaiseksi →