// Module included in the following assemblies:
//
// server_admin/topics/users.adoc

[id="ref-personal-data-collected_{context}"]
= Personal data collected by {project_name}

By default, {project_name} collects the following data:

* Basic user profile data, such as the user email, first name, and last name.

* Basic user profile data used for social accounts and references to the social account when using a social login.

* Device information collected for audit and security purposes, such as the IP address, operating system name, and the browser name.

The information collected in {project_name} is highly customizable. The following guidelines apply when making customizations:	

* Registration and account forms can contain custom fields, such as birthday, gender, and nationality.  An administrator can configure {project_name} to retrieve data from a social provider or a user storage provider such as LDAP.

* {project_name} collects user credentials, such as password, OTP codes, and WebAuthn public keys. This information is encrypted and saved in a database, so it is not visible to {project_name} administrators. Each type of credential can include non-confidential metadata that is visible to administrators such as the algorithm that is used to hash the password and the number of hash iterations used to hash the password.	

* With authorization services and UMA support enabled, {project_name} can hold information about some objects for which a particular user is the owner.