Disroot
/
Disroot-Privacy-Policy
8
0
Fork 0
Code Pull Requests Releases Activity
Disroot-Privacy-Policy/privacy_policy.md

5.1 KiB
Raw Blame History

title bgcolor fontcolor
Privacy Policy #1F5C60 #FFF

** v1.2 - October 2019**

Table of Contents

!. What this Privacy policy covers?

  • Definitions used on this Privacy Policy
  1. What data do we collect?
  • What do we do with your data?
  1. What we do not do with your data
  • How do we store your data?
  1. Where the data is stored?
  2. Per service detailed privacy notices
  3. Your rights
  • Access to your information
  1. Changes on this Privacy Policy

What this Privacy Policy covers?

This privacy policy applies to all services hosted on Disroot.org and its sub-domains. It does not extend to any websites or web services that can be accessed from our platform including, but not limited to, any federated services and social media websites outside Disroot. In the specific case of the so-called federated services, and because of the very nature of the protocols they use (which has the ability to send messages, likes, share files, chat, among others features) some of the data is necessarily shared with other entities, therefore these interactions are out of this Privacy Policy's scope. In any case, is important to note that sharing data with other services providers is a user's choice and is configured by the users in their settings per service including the decision of with whom and what to share.

Definitions used on this Privacy Policy

  • Data: According to the GDPR, data is any information that can be used to identify a person, either directly (real name, phone number, IP address, etc.) or indirectly (any combination of the aforementioned plus device fingerprints, cookies, etc). In the specific context of the use of our platform, it is the minimum information required for the proper operation of the services provided by Disroot.org as well as the information the user optionally submit on any of them.
  • Services: the set of differents softwares, protocols and standards used to exchange data between web applications.
  • GDPR: General Data Protection Regulation (EU).
  • User or you: any person or third party that access and uses the services provided by Disroot.org.
  • Disroot, Disroot.org, we or us: Stichting Disroot.org
  • Platform: is the set of services provided by Disroot.org and that are hosted on our servers.
  • Federated services: Services that operates on the basis of so-called Federation Protocols which enables users signed up at different services providers to interact with each other. Examples of these services are Nextcloud, Email, Hubzilla and XMPP.

1. What data do we collect?

What do we do with your data?

2. What we do not do with your data

How do we store your data?

3. Where the data is stored?

4. Per service detailed privacy notices

5. Your rights

Under the GDPR you have a number of rights with regard to your personal data:

  • a. Right to access - The right to request (I) copies of your personal Data or (II) access to the information you submited and we hold at any time.
  • b. Right to correct - The right to have your Data rectified if it is inaccurate or incomplete whenever it possible*.
  • c. Right to erase - The right to request delete or remove your Data from our servers.
  • d. Right to restrict the use of your Data - The right to restrict processing or limit the way we use your Data.
  • e. Right to Data portability - The right to move, copy or transfer your Data.
  • f. Right to object - The right to object to our use of your Data.

* This not applies to username and email address as they are integral part of your user account and cannot be modified.

To make enquires, excercise any of the rights described above or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via email to:

For the purposes of the GDPR, Disroot.org is the "data controller". This means that Disroot determines the purposes for which and the manner which your data is processed.

If you are not satisfied with the way a compliant you make regarding to how your Data is handled by us, you have the right to send a complaint to the Information Commissioners Office.

Dutch Data Protection Authority (Dutch DPA)

Postal address
Autoriteit Persoonsgegevens
PO Box 93374
2509 AJ DEN HAAG

Phone: (+31) - (0)70 - 888 85 00
Fax: (+31) - (0)70 - 888 85 01

Access to your information

Access to your personal data, stored files and other information you provide to any of the services offered by Disroot.org is under your control. This means that all data stored on services that are bound to personal information (services that require logging in) are available for you to download either for archival purposes or to transfer to another compatible website.

How to access and self-export your personal data
https://howto.disroot.org/en/tutorials/user/gdpr

To modify your personal data or delete your account
https://user.disroot.org

6. Changes on this Privacy Policy