Privacy

Troy is built with privacy by design — no tracking, no domain collection, no data you don't control.

Privacy by Design, Not by Policy

Most update systems collect data because they can. Some plugins collect domain names, IP addresses, all plugins and themes, settings, admin and user email-addresses, sales revenue—all funneled to someone else's servers.

Troy works differently. It can't leak data it never collects.

Privacy isn't a setting you toggle. It's baked into the architecture.

Troy Client

Troy Client runs on sites that receive updates. Here's exactly what it sends to Troy Servers:

What it sends

  • Rotating Site ID
    Changes weekly, no fingerprinting
  • Plugin Slugs & Versions
    Only Troy-registered items
  • Locale Preferences
    For language packs
  • PHP & WordPress Versions
    Compatibility checks

What it doesn't send

  • Domain names
    Your URL stays local
  • User data
    Nothing identifying
  • Settings
    Your config is private
  • Full plugin lists
    Only Troy plugins

Nothing more. That's the complete list.

Troy Client also filters data sent to other update systems. When WordPress checks for updates with WordPress.org, Troy removes its plugins from the request—so even WordPress.org never learns which Troy plugins you have installed.

Troy Server

Troy Server runs on your infrastructure and receives update requests. Here's what you see as a plugin author:

Data you receive:

  • Update request counts
    Identify sites via unique rotating IDs
  • Version distribution
    What versions are currently deployed
  • Download counts
    How many times packages were downloaded
  • PHP & WordPress versions
    Aggregate compatibility data
  • Locales
    Which languages are being used

Data you don't receive:

  • Domain names
    Sites using your plugin stay anonymous
  • User information
    Nothing identifying from those sites
  • Server configurations
    No filesystem paths exposed
  • Installed plugins or themes
    Only sees what points to your repository
  • IP addresses
    Troy discards them; server logs may retain them

Each repository only sees requests for plugins and themes registered with it. You never see requests meant for other servers.

This is intentional. You don't need identifying data to ship good software.

Rotating Site IDs are retained for 2 weeks to track week-over-week growth, then dropped. After that, only aggregate statistics remain.

HTTPS-Only Communication

All communication between Troy Client and Troy Server happens over HTTPS. No exceptions.

Update checks, package downloads, header verification—everything is encrypted in transit. This isn't optional. Troy rejects insecure connections by design.

Self-Hosted Means Self-Controlled

Cloud services promise privacy policies. Self-hosting gives you actual control.

With Troy Server on your infrastructure:

  • Logs stay on your servers
    Review, rotate, or delete them as you see fit
  • No third-party processing
    Update requests never touch external infrastructure
  • Compliance is your choice
    Meet GDPR, CCPA, or any standard without depending on vendor compliance
  • No terms of service
    The code is MIT licensed; your data governance is up to you

Our Infrastructure

This website and update repository are owned and operated by CyberWire B.V., a company registered in the Netherlands.

Deploy Troy
A trademark of CyberWire B.V.
Leidse Schouw 2
2408 AE Alphen aan den Rijn
The Netherlands
KvK: 83230076
Director: Sybre Waaijer

About This Website

deploytroy.org is hosted on infrastructure we control. Here's the full picture:

ComponentProviderDetails
Hosting (VPS)TransIP (Netherlands, Amsterdam)Performance VPS running AlmaLinux with cPanel
  ⤷ Access logsCyberWire B.V.Retained for 1 month
  ⤷ VPS backupsCyberWire B.V.Retained for 7 days
  ⤷ Offsite backupsTransIP (Netherlands, Delft)Retained for 36 hours
DNS & CDNBunny.netWebsite CDN for deploytroy.org only (not subdomains)
  ⤷ LoggingBunny.netIP dropped, retained for 3 days
Cookies𒉡No tracking, no cookies, no third-party analytics

About repo.deploytroy.org

repo.deploytroy.org is the official distribution channel for Troy Client and Troy Server. It runs on the same TransIP VPS as the main website, with the same backup and log retention policies.

The repository runs Troy Server. This means it follows the same privacy model described in the Troy Server section above—no domain names, no user information, no identifying data. Only aggregate statistics: update request counts, version distribution, and locale preferences.

Privacy & Security Measures

Our development environment is built with privacy and security in mind. Here's an overview of the key components:

ComponentTechnologyDetails
Communication, VPN, GPTProton AG42-character password + YubiKey
WorkstationsCyberWire B.V.Developer machines with infrastructure access
  ⤷ FirewallUniFi Cloud GatewayIDS/IPS + DoH
    ⤷ macOSApple Secure EnclaveHardware-backed encryption
    ⤷ WindowsBitLocker + TPM, Core IsolationXTS-AES-128 full-disk encryption
    ⤷ ContingencyHammer 🔨Emergency data destruction
iOSApple Secure EnclaveFace ID biometrics, MFA for Workstations

An Indie Dev's Approach to Privacy

Troy has no investors demanding growth metrics. No advertising model that needs user profiles. No "data-driven" roadmap requiring behavioral analytics.

Data is a liability. It attracts hackers. It creates compliance headaches. And it erodes the trust users place in developers.

I designed Troy to never collect anything personally identifiable in the first place. You trusted me with your update infrastructure—you shouldn't have to trust me with your data.

Want to verify these claims?