This information is best known by Matthias. Here’s what I know:
- Data stored on our own server.
- Server in Germany – best data protection law in the country.
- https all around (end-to-end encryption)
- the data is handled by a stack of software which is open-and-free (so the code can, in principle, be audited) and stewarded by substantial development communities (Drupal, MySQL, PHP, Apache, Linux – so the code is audited in actuality).
- We have moderators policing the activity feed every day, several times of day.
- We have explicit terms and conditions. /t/edgeryders-lbg/351/privacy-policy-and-terms-of-use
- One known security bug: https://edgeryders.eu/en/edgeryders-dev/task-1508. Does not affect credentials, and is easy to fix on a case-by-case basis reverting to the latest legit version of the wiki.