What is the privacy/data handling statement for the STANDALONE draw.io example?

On draw.io, we handle the data of your diagram, as well as allow JavaScript from external domains to run in order to provide certain functionality. This posting is a work in progress to describe in detail what we do with your information, what we believe the third parties do with your information and how you can restrict access to your data/information.

Please post requests for more information as comments, not answers.

draw.io uses 1 external domain:

We use google analytics because it draws us pretty pictures and tell us how many users we have.

You would be advised to refer to the privacy policy of Google to see what they do with the hits they receive from you to their domains. Rather than remove all external domains, if you are very concerned with privacy you would do better to install appropriate browser plugins that deal with tracking third-parties.

Ghostery is a useful Firefox plugin for blocking well known third-party sites tracking activity. I use that and RequestPolicy on Firefox, personally. Request Policy forces you to authorise all third-party domain access, but makes all such accesses explicit.

Data Handling

The JavaScript client only transmits your diagram to our servers in three cases, when loading from a diagram from your computer, when saving a diagram to your computer and when exporting an image or PDF.

If you use a modern browser with FileAPI (Chrome, Opera, Firefox), then we load your XML locally, without using the server. We still have to go to the server for Visio imports, that code isn't in the client. The latest versions of all major browsers support FileAPI, you can check support using this table.

When loading a diagram from our XML format, if you don't have FileAPI support, the XML is transmited to our server securely (using SSL in most cases, except for IE 6-8) and echoed back to the JavaScript client. After it has been echoed back nothing is left on our servers. The same applies for importing Visio files.

When saving XML, this is echoed from the server and nothing is stored on our servers, unless you enable Flash support for direct saving (see below). When exporting images or PDF, the XML model is translated to the export format, the export created, the export is transmitted insecurely to your computer and the export format and model deleted from our servers. SVG is generated client-side, but still requires a round-trip to save it.

In short, we do not retain any of your data nor do we pass it onto anyone else. We use Google App Engine, which offers no shell access, you cannot log into it, at all. 2 developer accounts at JGraph have access to write to the draw.io application on Google App Engine and both use 2 factor authentication on the account for security.

In order to avoid any use of our server (after the initial load of the page):

1. Avoid exporting as an image. You can create a print preview client-side and right click on the image and "save as" instead.
2. Use Chrome, Firefox, Safari or Opera so that the open is done locally.
3. When saving, click on Edit in the File menu. A popup will appear that shows the XML of your diagram. Copy and paste that into your local file to save it, instead of using the save option.
4. Use the flash=1 option (http://www.diagram.ly/?flash=1) to enable downloadify. Downloadify is a small JS/Flash library that allows JS to save and load directly to the local filesystem using the wider access that Flash allows. With this option enabled, saves of the draw.io domain do not go via the server.