The privacy of your data when using the Snippets service

The short answer

For your safety, you should assume that everything you put into the service is public.

The long answer

Our intent is as follows:

• We (staff) will look at your scripts and data for the purposes of improving the service.
• We intend to publish compatibility data for code snippets already hosted on rdrr.io (i.e. the ones that ship with R packages or the R language).
• We might cache the output of scripts so we can return them without actually executing your scripts (this saves us money).
• We log every script that goes into the service and any output that is generated. You should assume that we will keep those logs forever.
• We might start publishing data on which packages require what privileges on your system (security research). We'd be using metadata from your scripts but not the scripts themselves, in that case.
• We might change our plans at any time, so you should check this page if you want to do anything sensitive with the service.

At this time, we don't plan to publish your scripts or the output (except for the aforementioned caching).

As this is a beta service, it's possible that there are security problems which will later reveal your scripts to attackers. We're working hard to ensure that your data is private, but we're not perfect, and part of the free nature of this service is that you're sharing resources with other people. This makes security much, much harder.

We intend to provide a paid service later. Part of what you'll get in return for paying for the service is that we can provide much stronger security and hence stronger guarantees around the privacy of your data. For a free service, it isn't viable (from a performance or a financial standpoint) to provide that level of security.

So while we have the best of intentions, we can't promise anything, and we do want to use metadata from your scripts to improve the service and provide better security to the R ecosystem in the long term.