Browse Source

Outdated PP

pull/25/head
Fede.- 2 years ago
parent
commit
9fff29ad04
  1. 273
      pp_draft.md

273
pp_draft.md

@ -1,273 +0,0 @@
---
title: Privacy Policy
bgcolor: '#1F5C60'
fontcolor: '#FFF'
---
** v1.2 - October 2019**
<br><br>
<a name="top"></a>
# Table of Contents
!. [What this Privacy policy covers?](#coverage)
- [Definitions used on this Privacy Policy](#definitions)
1. [What data do we collect?](#data_we_collect)
- 1.1. [What do we do with your data?](#what_we_do)
- 1.2. [How do we store your data?](#how_we_store)
2. [What we do not do with your data](#what_we_do_not)
3. [Where the data is stored?](#where_store)
4. [Per service detailed privacy notices](#per_service)
- [4.1. Email](#email)
- [4.2. Cloud](#cloud)
- [4.3. XMPP Chat](#chat)
- [4.4. Search](#searx)
- [4.5. Upload](#upload)
- [4.6. Pads](#pads)
- [4.7. Polls](#polls)
- [4.8. Bin](#bin)
- [4.9. Forum](#forum)
- [4.10. Project Board](#project_board)
- [4.11. Calls](#calls)
- [4.12. Social](#diaspora)
- [4.13. GIT](#git)
5. [Your rights](#rights)
- [5.1. Access to your information](#access_information)
6. [Changes on this Privacy Policy](#changes)
----
<a name="coverage"></a>
# What this Privacy Policy covers?
This Privacy Policy applies to all services hosted on **Disroot.org** and its sub-domains. It does not extend to any websites or web services that can be accessed from our platform including, but not limited to, any federated services and social media websites outside **Disroot**. In the specific case of the so-called federated services, and because of the very nature of the protocols they use (which has the ability to send messages, likes, share files, chat, among others features) some of the data is necessarily shared with other entities or transferred to them, therefore these interactions are out of this Privacy Policy's scope.<br>
In any case, is important to **note that sharing data with other services providers is a user's choice** and is configured by the users in their settings per service including the decision of with whom and what to share.
<a name="definitions"></a>
## Definitions used on this Privacy Policy
- **Data**: According to the **GDPR**, data is any information that can be used to identify a person, either directly (real name, phone number, IP address, etc.) or indirectly (any combination of the aforementioned plus device fingerprints, cookies, etc). In the specific context of the use of our platform, it is the minimum information required for the proper operation of the services provided by **Disroot.org** as well as the information the user optionally submit on any of them.
- **Services**: the set of differents softwares, protocols and standards used to exchange data between web applications.
- **GDPR**: General Data Protection Regulation (EU).
- **User** or **you**: any person or third party that access and uses the services provided by **Disroot.org**.
- **Disroot, Disroot.org, we** or **us**: Stichting Disroot.org
- **Platform**: is the set of services provided by **Disroot.org** and that are hosted on our servers.
- **Federated services**: Services that operates on the basis of so-called **federation protocols** which enables users signed up at different services providers to interact with each other. Examples of these services are **Nextcloud**, **Email**, **Diaspora\***, **Hubzilla** and **XMPP**.
[Back to top](#top)
---
<a name="data_we_collect"></a>
# 1. What data do we collect?
- Account creation requires a valid email address which is deleted from our database after the account has been approved/denied.
- We require a username and password to identify the account holder and provide the services offered by **Disroot.org**.
- Necessary information related to the operation and functioning of the services, which may include, for example, IP address, User Agent, etc. *More detailed information about this and how we handle it can be found in the [Per service privacy notices](#per_services).*
- When you make an online donation to **Disroot.org**, we only collect personal data such as, but not limited to, username (if any), country, transaction IDs or bank account/reference. The only purpose for which we use this data is administrative (verification of regular donations, accounting management) and is maintained under the same security measures described in the "How do we store your data?" section. Since all the data we collect is previously processed by a third-party payment processor such as PayPal, Patreon or Liberapay, by using these or similar services, their use of your information is based on their terms of service and policies, not ours, so we encourage you to review those policies carefully.
- All additional information you supply on any of the services provided by us is **optional**.
(For more detailed information, please refer to the [Per service privacy notices](#per_services) section below)
<a name="what_we_do"></a>
## 1.1. What do we do with your data?
- Our processing of your information is limited to storing it for you to use.
- We store logs of your activity for a period no longer than 24hs (unless specified otherwise per service). This data is used to help diagnose software issues, maintain security of the system against intrusion, and monitor the health of the platform.
(Detailed information on [Per service privacy notices](#per_services) section)
<a name="how_we_store"></a>
## 1.2. How do we store your data?
To protect your data we use the following security measures:
* a. We use disk encryption on all data to prevent data leak in case the servers are stolen, confiscated, or in any way physically tampered with.
* b. We provide and require SSL/TLS encryption on all provided services.
* c. We utilise “end to end” and/or “server-side” encryption whenever it is possible in software used to provide maximum security for the users.
[Back to top](#top)
<a name="what_we_do_not"></a>
# 2. What we do not do with your data
- We do not collect any other data than what is needed to provide you the service.
- We do not in any way process, analyze your behavior or personal characteristics (profiling). We have no advertisements or business relationships with advertisers.
- We do not sell your data to third party.
- We do not share your data to third party unless in case of federated services which requires certain data to operate (e.g. other email service provider needs to know your email address to be able to deliver emails).
- We do not require any additional information that is not crucial for the operation of the service (we do not ask for phone numbers, private personal data, home address).
- We do not read/look nor process your personal data, emails, files, etc., stored on our servers unless needed for troubleshooting purposes, or under suspicion of breaking **Terms Of Services** in which case we ask for prior permission from you or inform you afterwards of all actions taken against the account in the transparency report addressed to account holder.
[Back to top](#top)
<a name="where_store"></a>
# 3. Where the data is stored?
We store all data in our own servers located in the Netherlands.
[Back to top](#top)
<a name="per_service"></a>
# 4. Per service detailed privacy notices
<a name="email"></a>
## 4.1 - **Email Service** (https://mail.disroot.org)
- All emails, unless encrypted by the user (with GPG for example) are stored unencrypted on our servers.
- IP addresses of currently logged in users via IMAP/POP3 protocol are stored as long as the device is logged in to the server *(per each device logged in)*.
- Server logs which store information such as, but not limited to, your username and your IP Address, *from* and *to* email addresses, IP addresses of servers the emails come in or go out to, are stored for a period of 24 hours after which they are deleted from the server. No backup of logfiles are created. Logs are kept mainly to prevent brute-force attacks on accounts as well as provide quick insight when debugging issues.
- Given the email is a **federated** protocol, when interacting with email addresses hosted on third party servers, data is sent to other independently operated and owned servers in the network over which we have no control.
- Service requires login with Disroot credentials.
<a name="cloud"></a>
## 4.2 - **Disroot Cloud** (https://cloud.disroot.org)
- All files sent to the cloud are encrypted with a key-pair created based on the user password, to add an extra level of security. Note however that the keys are stored on the server, which compromises the level of security to some degree (e.g.: once an attacker knows your password and obtained the encryption key-pair, can decrypt the data). However **no** "Master Key" does exist on our setup, which means the Admins cannot decrypt any files stored on the cloud without knowing user's password prior.
- Everything else except for files (calendars, contacts, news, tasks, bookmarks, etc) is stored unencrypted in a database, unless an app provides external encryption (none so far). This is a disadvantaged restriction of the software we are utilizing for this service (Nextcloud).
- Server logs, which store information such as, but not limited to, your IP address, your username, an app currently used, error messages and User Agent, are stored for a period of 24 hours after which they are deleted from the server. No backup of logfiles are created. Logs are kept mainly to prevent brute-force attacks on accounts as well as provide quick insight when debugging issues.
- Service requires login with Disroot credentials.
<a name="chat"></a>
## 4.3 - **Disroot XMPP Chat** (https://webchat.disroot.org)
- Roster (your XMPP contact list) is stored on the server's database.
- Chat history is stored on the server in the same form as on the chat itself, meaning unencrypted chat is stored in plain-text and encrypted chat is stored encrypted. Additionally, the chat history, if specified by user on per chatroom basis, is stored on the server for a period of 6 months.
- Server logs, which store information such as, but not limited to, your IP address and your username are stored for a period of 24 hours after which they are deleted from the server. No backup of logfiles are created. Logs are kept mainly to prevent brute-force attacks on accounts as well as provide quick insight when debugging issues.
- Given the XMPP is a **federated** chat protocol, when interacting with users or chat-rooms hosted on third party servers, data is sent to other independently operated and owned servers in the network over which we have no control.
- Files uploaded to the server are stored as is for a period of 6 months.
- Service requires login with Disroot credentials.
<a name="search"></a>
## 4.4 - **Disroot Search** (https://search.disroot.org)
- **No log data** (IP address, session cookie, etc) is stored on the server.
- The only situation where logs can be enabled is in case of troubleshooting. Logs are then enabled only for duration of the problem fixing time and are purged immediately after.
- No search queries are saved on the server nor any personal information of our users is leaked to the other search engine.
- Service does not require login or providing any personal data.
<a name="upload"></a>
## 4.5 - **Disroot Upload** (https://upload.disroot.org)
- **No log data** (IP address, session cookie, etc) is stored on the server.
- The only situation where logs can be enabled is in case of troubleshooting. Logs are then enabled only for duration of the problem fixing time and are purged immediately after.
- All files uploaded to the server are **end-to-end encrypted** which means no one with access to the server can decrypt/read the data.
- Files uploaded to the server are wiped based on the retention period set by user upon upload.
- Service does not require login or providing any personal data.
<a name="pads"></a>
## 4.6 - **Disroot Pads** (https://pad.disroot.org and https://calc.disroot.org)
- **No log data** (IP address, session cookie, etc) is stored on the server.
- We do not collect any other personal data that can be linked to the pads.
- Pad content is stored on the server in the database as is (plain-text).
- Untouched pads and calcs expire after 6 months and are then removed from the server.
- Service does not require login or providing any personal data.
<a name="polls"></a>
## 4.7 - **Disroot Polls** (https://poll.disroot.org)
- **No log data** (IP address, session cookie, etc) is stored on the server.
- The only situation where logs can be enabled is in case of troubleshooting. Logs are then enabled only for duration of the problem fixing time and are purged immediately after.
- Poll data is stored on the server in the database as is (plain-text).
- Expired polls (depending on user setting during poll creation) are removed from the database.
- Service does not require login or providing any personal data.
<a name="bin"></a>
## 4.8 - **Disroot Bin** (https://bin.disroot.org)
- **No log data** (IP address, session cookie, etc) is stored on the server.
- The only situation where logs can be enabled is in case of troubleshooting. Logs are then enabled only for duration of the problem fixing time and are purged immediately after.
- All files uploaded to the server are **end-to-end encrypted** which means no one with access to the server can decrypt/read the data.
- Files uploaded to the server are wiped based on the retention period set by user upon upload.
- Comments and discussions under pastes are **end-to-end encrypted**.
- Service does not require login or providing any personal data.
<a name="forum"></a>
## 4.9 - **Disroot Forum** (https://forum.disroot.org)
- **No log data** (IP address, session cookie, etc) is stored on the server.
- Service does store your last used IP address in the database.
- All forum data (groups, threads, posts, usernames, email addresses) is stored on the server in the database as is (plain-text).
- Service requires you to create separate forum only account or use Disroot credentials to interact with discussions.
<a name="project_board"></a>
## 4.10 - **Disroot Project Board** (https://board.disroot.org)
- Server logs which store information such as, but not limited to, your IP address, your username, error messages and User Agent, are stored for a period of 24 hours after which they are deleted from the server. No backup of logfiles are created. Logs are kept mainly to prevent brute-force attacks on accounts as well as provide quick insight when debugging issues.
- All board data (usernames, project data, email addresses) is stored on the server in the database as is (plain-text).
- Service requires login with Disroot credentials.
<a name="calls"></a>
## 4.11 - **Disroot Calls** (https://calls.disroot.org)
- **No log data** (IP address, session cookie, etc) is stored on the server.
- No user data is permanently stored on the server.
<a name="diaspora"></a>
## 4.12 - **Disroot Social (Diaspora\* pod)** (https://pod.disroot.org)
- Server logs which store information such as, but not limited to, your IP address, your username, error messages and User Agent, are stored for a period of 24 hours after which they are deleted from the server. No backup of logfiles are created. Logs are kept mainly to prevent brute-force attacks on accounts as well as provide quick insight when debugging issues.
- Due to the **federated** nature of the service, your public posts are shared/transfered to other independently operated servers in the network over which we have no control.
- Private posts/messages are only sent to users on other servers if you intentionally interact with them.
- All pod data (usernames, email addresses, posts and messages,polls, contacts, photos and images) is stored on the server in the database as is (plain-text).
<a name="git"></a>
## 4.13 - **Disroot GIT** (https://git.disroot.org)
- Server logs which store information such as, but not limited to, your IP address, your username, error messages and User Agent, are stored for a period of 24 hours after which they are deleted from the server. No backup of logfiles are created. Logs are kept mainly to prevent brute-force attacks on accounts as well as provide quick insight when debugging issues.
- All git data such as, but not limited to, usernames, email addresses, messages, code, files, versions, pull request data is stored on the server in the database as is (plain-text).
- Service requires you to create separate git only account to interact with others.
[Back to top](#top)
<a name="rights"></a>
# 5. Your rights
Under the **GDPR** you have a number of rights with regard to your personal data:
* a. **Right to access** - The right to request (I) copies of your personal Data or (II) access to the information you submited and we hold at any time.
* b. **Right to correct** - The right to have your Data rectified if it is inaccurate or incomplete whenever it possible*.
* c. **Right to erase** - The right to request delete or remove your Data from our servers.
* d. **Right to restrict the use of your Data** - The right to restrict processing or limit the way we use your Data.
* e. **Right to Data portability** - The right to move, copy or transfer your Data.
* f. **Right to object** - The right to object to our use of your Data.
\* *This not applies to* **username** *and* **email address** *as they are integral part of your user account and cannot be modified*.
To make enquires, excercise any of the rights described above or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via email to:
- **data.protection.officer@disroot.org** - Person responsible for this Privacy Policy
- **info@disroot.org** - General contact information
For the purposes of the **GDPR**, **Disroot.org** is the "data controller". This means that **Disroot** determines the purposes for which and the manner which your data is processed.
If you are not satisfied with the way a compliant you make regarding to how your Data is handled by us, you have the right to send a complaint to the **Information Commissioners’ Office**.
**Dutch Data Protection Authority (Dutch DPA)**
**Postal address**<br>
Autoriteit Persoonsgegevens<br>
PO Box 93374<br>
2509 AJ DEN HAAG<br>
<br>
**Phone:** (+31) - (0)70 - 888 85 00<br>
**Fax:** (+31) - (0)70 - 888 85 01<br>
<a name="access_information"></a>
## 5.1. Access to your information
Access to your personal data, stored files and other information you provide to any of the services offered by **Disroot.org** is under your control. This means that all data stored on services that are bound to personal information (services that require logging in) are available for you to download either for archival purposes or to transfer to another compatible website.
**How to access and self-export your personal data**<br>
https://howto.disroot.org/en/tutorials/user/gdpr
**To modify your personal data or delete your account**<br>
https://user.disroot.org
[Back to top](#top)
<a name="changes"></a>
# 6. Changes on this Privacy Policy
From time to time we may need to update this Privacy Policy. If we decide to do so, all changes will be publicly available and will be communicated to all users via the forum, our social networks, and blog post. We recommend that you regularly check for any changes on this policy.
Last update of this Privacy Policy:
[Back to top](#top)
Loading…
Cancel
Save