aboutsummaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2018-05-20 23:40:10 -0700
committerzotlabs <mike@macgirvin.com>2018-05-20 23:40:10 -0700
commit49f7d63290b3520f3758617952b3b59d43abeca1 (patch)
treedc6c81be8ef030936adfe244efb8146e60464adc /doc
parent0044906fabbfeb837326982bbc8d3fcc64b47fa8 (diff)
downloadvolse-hubzilla-49f7d63290b3520f3758617952b3b59d43abeca1.tar.gz
volse-hubzilla-49f7d63290b3520f3758617952b3b59d43abeca1.tar.bz2
volse-hubzilla-49f7d63290b3520f3758617952b3b59d43abeca1.zip
first cut at a general purpose gdpr document. What we would like to do is use a conditional expression so that a site document will be loaded if it exists, and fallback to a project boiler plate document if it does not. This is an exercise for the community.
Diffstat (limited to 'doc')
-rw-r--r--doc/TermsOfService.md6
-rw-r--r--doc/gdpr1.md114
2 files changed, 120 insertions, 0 deletions
diff --git a/doc/TermsOfService.md b/doc/TermsOfService.md
index 97e9881aa..1e085559e 100644
--- a/doc/TermsOfService.md
+++ b/doc/TermsOfService.md
@@ -1,3 +1,9 @@
+Privacy Policy
+==============
+
+#include doc/gdpr1.md;
+
+
Terms of Service
================
diff --git a/doc/gdpr1.md b/doc/gdpr1.md
new file mode 100644
index 000000000..daa401a3d
--- /dev/null
+++ b/doc/gdpr1.md
@@ -0,0 +1,114 @@
+
+Privacy Notice May 2018
+
+How your information will be used
+=================================
+
+Information you provide to this website may be stored and used to provide services to you.
+
+We require an email address to idenitfy the account holder. This will not be shared with
+any other website or service. It is used to send you notifications about your account and
+perform administrative tasks such as resetting your password. You have the option to
+opt-out of all email notifications through your settings.
+
+Communication channels created on this website require a name and a photo or avatar. A
+default avatar will be chosen if you do not supply one. The name, avatar, and a link to
+the channel webpage will be shared with other servers and services in order to refer to
+this identity. The name does not need to be your real name and the photo or avatar does
+not need to resemble you.
+
+All other information you supply to this website is optional.
+
+As a social communication and cloud storage service, you will usually be using this website
+to share information with others. We provide a range of privacy options to allow you to
+restrict this sharing to only those you choose.
+
+
+Processing of your information
+==============================
+
+Our processing of your information is limited to storing it for you to use. We MAY keep logs
+of activity to help diagnose software issues and to maintain security of the system against
+intrusion. These logs are routinely deleted after a few days.
+
+We MAY (if you have provided this permission) try to suggest frendships or connections based
+on analysing publicly available information about your connections. This is currently the most
+advanced data "processing" performed at this website. You may restrict access to this information
+if this processing is undesired.
+
+If supplied, we MAY use your gender to formulate text messages in your native language, for
+instance "Bob commented on HIS post."
+
+In all other cases, your data is stored under your desired privacy policy and to the best
+of our ability is only shared with those who you have elected to share it with.
+
+We do not share your private information with third parties or analyse your behaviour or personal
+characteristics. We have no advertisements or business relationships with advertisers.
+
+We MAY be asked or forced to divulge information provided by you in response to legitimate
+criminal and legal proceedings. Where possible we will notify you if this happens.
+
+
+Access to your information
+==========================
+
+Some communications are shared with other websites. Those using the same software will usually
+have similar privacy policies.
+
+
+You may be shown embedded videos and provided links to visit other websites as part of your
+day-to-day activities using this website. This MAY expose you to monitoring by external services, such
+as (but not limited to) Facebook, Twitter, and Google. Each website operator is allowed to configure
+whether or not embedded content is permitted.
+
+Further access to your personal data and stored files is under your control.
+
+Our storage of your data is provided under your implied consent through your continued use of
+the service. You may withdraw this consent at any time and on account deletion we will remove
+all data which belongs to you. The process of deletion may take several days as we also make a good faith
+effort to delete it from any internetworked websites that have been provided a copy.
+
+
+All data and files stored for a communications channel are available for you to
+download for either archival puposes or to transfer to another compatible website.
+
+
+
+Your rights
+===========
+
+Under the General Data Protection Regulation
+(GDPR) and The Data Protection Act 2018
+(DPA) you have a number of rights with regard to your personal data.
+You have the right to request from us access to and rectification or erasure of your personal data,
+the right to restrict processing, object to processing as well as in certain circumstances the right
+to data portability.
+
+If you have provided consent for the processing of your data you have the right (in certain
+circumstances) to withdraw that consent at any time which will not affect the lawfulness of
+the processing before your consent was withdrawn.
+
+You have the right to lodge a complaint to the Information Commissioners’ Office if you
+believe that we have not complied with the requirements of the GDPR or DPA 18 with regard
+to your personal data.
+
+Identity and contact details of controller and data protection officer
+
+[NAME OF COMPANY]
+is the controller
+[and processor]
+of data for the purposes of the DPA 18 and GDPR. 3
+
+If you have any concerns as to how your data is processed you can contact:
+
+[
+[NAME]
+Data Protection Offer at
+[EMAIL ADDRESS]
+]
+[NAME] [JOB TITLE]
+at
+[EMAIL ADDRESS]
+or you can write to these
+individuals using the address of
+[]