> Browser type and operating system of the devices from which you have logged in to ente to ensure account security.
I can't imagine how that information could be used to stop an attack that otherwise would succeed. Is this just so that you can say "Your last login was from Safari on an iPhone" to the user to reassure them their password hasn't been stolen (or the attacker has correctly guessed the most popular browser on the most popular platform)?
If so, this seems like a string that could be generated client-side, and stored encrypted on your server, so that you never have to log this data in plaintext.
In addition to ensuring account security, we were collecting the user-agent to transform API responses depending on the client.
But your point is valid. Just the operating system and app version is enough to derive this information. We will make this change and update our privacy policy.
I can't imagine how that information could be used to stop an attack that otherwise would succeed. Is this just so that you can say "Your last login was from Safari on an iPhone" to the user to reassure them their password hasn't been stolen (or the attacker has correctly guessed the most popular browser on the most popular platform)?
If so, this seems like a string that could be generated client-side, and stored encrypted on your server, so that you never have to log this data in plaintext.