🔒 Privacy Notice
Also see Network Connections for more details.
Privacy Considerations when using Phoenix
1. Phoenix does not collect any data of any kind. It is impossible for us to even if we wanted to, due to the nature of this project.
2. Phoenix will never sell your data or use your data for any kind of tracking/profiling.
3. Phoenix will never expose your data to 3rd parties without clear user consent unless explicitly outlined here or elsewhere.
1st Party
uBlock Origin Assets
With Phoenix installed, uBlock Origin may connect to https://gitlab.com/celenityy/Phoenix/-/raw/pages/uBlock/assets.json for updates to our configuration. This configuration is primarily used for enabling and disabling filterlists in uBlock Origin by default, and for adding non-standard filterlists to uBlock Origin.
uBlock Origin may also connect to https://gitlab.com/celenityy/Phoenix/-/raw/pages/uBlock/badlists.txt - which contains a blocklist of filterlists known to cause issues with uBlock Origin, overly generic whitelisting, and whitelists that some invasive services co-erce users to enable.
assets.json and badlists.txt are hosted on GitLab; with the exception of your IP address, no sensitive or identifying data is shared with GitLab. See GitLab's privacy policy here.
See more details on other connections uBlock Origin might make below.
3rd Parties
Mozilla
While we fully disable telemetry, studies, crash reports, diagnostics, & any other form of data collection that we can from Firefox, we still rely on Mozilla for infrastructure that provides critical functionality. This functionality may include but is not limited to:
- Browser Updates
- Browsing, Downloading, & Updating Extensions & Plug-ins
- Certificate Revocation Checks
- Downloading & Updating Mozilla's blocklist for malicious & unsafe add-ons, plugins, & graphics drivers
- Downloading & Updating Mozilla's Tracking Protection database
- Signing/Verification of requests
- Mozilla's 'Remote Settings' Service
You can check out Mozilla's Privacy Policy here to better understand what kind of data is collected by these services & how it is handled. You can also see Mozilla's documentation here for more info & to learn how you can disable this functionality. Note that Phoenix neuters or disables most of the functionality outlined in Mozilla's privacy policy & documentation that isn't specified above
Additionally, while not enabled by default, Phoenix also supports Firefox Sync. Firefox Sync uses E2EE, meaning Mozilla has no access to your sensitive browsing data. You can learn more about what data is collected & how it's handled by Mozilla here & here. You can also learn more about Sync's design here.
Search
Firefox's default search engine is currently Google. This is not the case for Phoenix.
Phoenix's default search engine is DuckDuckGo, due to its strong focus on privacy, high quality results, and good reputation.
See DuckDuckGo's privacy policy here for information on what data they collect & how they handle it.
In addition to DuckDuckGo & Firefox's built-in search engines, Phoenix also adds the following for you to choose from:
- DuckDuckGo (HTML) - Privacy Policy
- DuckDuckGo (Lite) - Privacy Policy
- Mojeek - Privacy Policy
- Startpage - Privacy Policy
Phoenix even gives you the option to use no search engine at all!
It should also be noted that Phoenix disables "search suggestions" by default, meaning that the only data sent to your search engine of choice is explicitly what you choose to send it.
Google Safe Browsing
By default, Firefox (& Phoenix) make use of Google's Safe Browsing technology to provide real-time protection against malicious domains & downloaded files. You can see here and here to better understand how this works, as well as what specific data is shared and to whom.
Out of the box, if Firefox can't determine the safety of a file you download, it may send metadata of the downloaded file to Google. Phoenix disables this functionality, meaning that downloaded files are only checked locally.
It should also be noted that unlike standard installations of Firefox, Phoenix proxies connections to Google Safe Browsing (safebrowsing.googleapis.com) via our own endpoint (safebrowsing.ironfoxoss.org). This is similar to the approach of Brave and Safari. This means that your IP address is never exposed to Google Servers. This proxy is hosted on Cloudflare R2 Storage under the European Union jurisdiction. Additionally, Cloudflare's Observability/Worker Logs are explicitly disabled. As the name suggests, this same proxy/instance is used by IronFox, and you can see the proxy's implementation here.
You can see Google's privacy policy here and Cloudflare's privacy policy here.
Mullvad
Phoenix enables DNS over HTTPS (without Fallback), with Mullvad (Base) as the default resolver.
DNS over HTTPS provides a substantial improvement to privacy and security over standard DNS resolution (especially when compared to the default DNS servers operated by ISPs...), so we believe that it's in the best interest of our users to enable in this manner.
Mullvad (Base) was chosen as our default resolver due to their strict privacy policy, strong track record, support for DNSSEC validation, and protection under Swedish jurisdiction. You can check out their privacy policy for more details here.
Additionally, Mullvad (Base) provides protection against domains used for advertising, tracking, and malware. This provides our users with enhanced protection and online safety.
In addition to Mullvad (Base), we also include the following carefully considered DNS providers as built-in options to choose from:
- Cloudflare -
Unfilteredprivacy policy,Malware Protectionprivacy policy - DNS4EU - Privacy Policy
You can disable this functionality or change providers via the DNS over HTTPS section found at about:preferences#privacy.
Geolocation
Some websites may request access to your geolocation for various functionality.
Your geolocation is only shared with websites that you explicitly grant permission to access it. Phoenix disables Geolocation access to all websites by default (no annoying prompts!)- meaning you are always in control & will explicitly determine who you want to share your location with, when, & even if at all.
We would generally recommend avoiding granting websites this permission if possible, as it's typically unnecessary & the functionality it provides can be accomplished through other means. If you do need this functionality, we would highly recommend you set it to Always Ask instead of Allow, so that you have more fine-grained control of when your location is used & by whom. Please only grant this permission to websites you trust!
When you grant a website the location permission, in order to determine your position, Standard installations of Firefox will currently use Microsoft's Location Services on Windows, Apple's Location Services on macOS, & Google's Location Services on Linux & as a fallback for Windows & macOS.
Phoenix takes a different approach:
We completely disable Microsoft Location Services & Google Location Services functionality.
Geolocation for Windows and GNU/Linux users is currently provided by BeaconDB. BeaconDB is a privacy-focused free & open location service, created as the spiritual successor to Mozilla Location Services. It should be noted that this support (as well as BeaconDB itself) is experimental. Additionally, as BeaconDB is a new service, it may not have coverage for your area. While this is not ideal, we don't have many options unfortunately due to the closure of MLS. I'm not comfortable exposing the location or any sensitive data about my users to Google or Microsoft... so BeaconDB is better than no support at all. Feel free to submit your own data to improve it! See BeaconDB's privacy policy here. Data sent may include nearby access points, cell towers, & the srength of those signals.
On macOS, by default, if enabled on the system, we use Apple's Location Services for geolocation, with BeaconDB acting as a fallback if Apple's services are unavailable. This provides macOS users with a more reliable & accurate geolocation service, but without compromising their privacy to ex. Google or Microsoft. See Apple's privacy policy here to learn more about what data is shared & how this data is processed. You can also check out Apple's Whitepaper for more details on how their Location Services are designed.
uBlock Origin
Out of the box, Phoenix includes the uBlock Origin browser extension for strong content blocking. See uBlock Origin's privacy policy here. By default, assets may be fetched from (but not limited to) the following:
- AdGuard - Privacy Policy
- Cloudflare - Privacy Policy
- Fanboy
- GitHub - Privacy Policy
- GitLab - Privacy Policy
- jsDelivr - Privacy Policy
- Mozilla - Privacy Policy
- Statically - Privacy Policy
- Yoyo Internet Services
No sensitive information is sent to any of these providers besides your IP address!
Note that all of this also applies to any standard installation of uBlock Origin.
Misc.
Phoenix currently receives updates via your operating system's package manager. On macOS, this is via our own Homebrew Tap Repository. On Arch Linux, this is via the AUR. On Debian/Ubuntu & derivatives, this is via our OBS repository. On Fedora Linux, this is done via our COPR repository.
No sensitive data is shared with GitLab, Arch Linux, makedeb, or the Fedora Project besides your IP address. See GitLab's privacy policy here, Arch Linux's privacy policy here, and Fedora's privacy policy here.
To disable this functionality, you may install Phoenix manually.
OCSP Checks
Phoenix may additionally connect to various 3rd party OCSP servers for revocation checks when a domain doesn't support CRLite and doesn't enable stapling. No sensitive information is shared in these cases besides your IP address. This is similar behavior to Standard Firefox (though connections are made even less in our case due to our use of CRLite), and can be disabled from the Security section in about:preferences#privacy, though disabling this is NOT recommended.
Phoenix - A suite of configurations & advanced modifications for Mozilla Firefox, designed to put the user first.