What do we do with the data and how do we process it
- The tone should be more about letting the users know what they can do with their data rather than Disroot "wanting" it.
- We're mixing account creation with other processes"
- Contradiction in How we process the data: We process the data to provide the services. Although the paragraph says we only do for troubleshooting purposes. Maybe it needs to be written in a clearer way.
1. What data do we collect?
- Account creation requires a valid email address which is deleted from our database after the account has been approved/denied.
- We require a username and password to identify the account holder and provide the services offered by Disroot.org.
- Necessary information related to the operation and functioning of the services, which may include, for example, IP address, User Agent, etc. More detailed information about this and how we handle it can be found in the Per service privacy notices.
- When you make an online donation to Disroot.org, we only collect personal data such as, but not limited to, username (if any), country, transaction IDs or bank account/reference. The only purpose for which we use this data is administrative (verification of regular donations, accounting management) and is maintained under the same security measures described in the "How do we store your data?" section. Since all the data we collect is previously processed by a third-party payment processor such as PayPal, Patreon or Liberapay, by using these or similar services, their use of your information is based on their terms of service and policies, not ours, so we encourage you to review those policies carefully.
- All additional information you supply on any of the services provided by us is optional.
(For more detailed information, please refer to the Per service privacy notices section below)
1.1. What do we do with your data?
- Our processing of your information is limited to storing it for you to use.
- We store logs of your activity for a period no longer than 24hs (unless specified otherwise per service). This data is used to help diagnose software issues, maintain security of the system against intrusion, and monitor the health of the platform.
(Detailed information on Per service privacy notices section)
1.2. How do we store your data?
To protect your data we use the following security measures:
a. We use disk encryption on all data to prevent data leak in case the servers are stolen, confiscated, or in any way physically tampered with.
b. We provide and require SSL/TLS encryption on all provided services.
c. We utilise “end to end” and/or “server-side” encryption whenever it is possible in software used to provide maximum security for the users.
Deleting a branch is permanent. It CANNOT be undone. Continue?