first cut at a general purpose gdpr document. What we would like to do is use a conditional expression so that a site document will be loaded if it exists, and fallback to a project boiler plate document if it does not. This is an exercise for the community.

2018-05-20 23:40:10 -07:00 · 2018-05-20 23:40:10 -07:00 · 49f7d63290
commit 49f7d63290
parent 0044906fab
2 changed files with 120 additions and 0 deletions
--- a/doc/TermsOfService.md
+++ b/doc/TermsOfService.md
@ -1,3 +1,9 @@
 Privacy Policy
 ==============
 #include doc/gdpr1.md;
 Terms of Service
 ================
--- a/doc/gdpr1.md
+++ b/doc/gdpr1.md
@ -0,0 +1,114 @@
 Privacy Notice May 2018
 How your information will be used
 =================================
 Information you provide to this website may be stored and used to provide services to you.
 We require an email address to idenitfy the account holder. This will not be shared with
 any other website or service. It is used to send you notifications about your account and
 perform administrative tasks such as resetting your password. You have the option to 
 opt-out of all email notifications through your settings. 
 Communication channels created on this website require a name and a photo or avatar. A
 default avatar will be chosen if you do not supply one. The name, avatar, and a link to 
 the channel webpage will be shared with other servers and services in order to refer to
 this identity. The name does not need to be your real name and the photo or avatar does
 not need to resemble you.
 All other information you supply to this website is optional. 
 As a social communication and cloud storage service, you will usually be using this website
 to share information with others. We provide a range of privacy options to allow you to
 restrict this sharing to only those you choose. 
 Processing of your information
 ==============================
 Our processing of your information is limited to storing it for you to use. We MAY keep logs
 of activity to help diagnose software issues and to maintain security of the system against
 intrusion. These logs are routinely deleted after a few days. 
 We MAY (if you have provided this permission) try to suggest frendships or connections based
 on analysing publicly available information about your connections. This is currently the most
 advanced data "processing" performed at this website. You may restrict access to this information
 if this processing is undesired. 
 If supplied, we MAY use your gender to formulate text messages in your native language, for
 instance "Bob commented on HIS post."
 In all other cases, your data is stored under your desired privacy policy and to the best
 of our ability is only shared with those who you have elected to share it with.  
 We do not share your private information with third parties or analyse your behaviour or personal
 characteristics. We have no advertisements or business relationships with advertisers.  
 We MAY be asked or forced to divulge information provided by you in response to legitimate
 criminal and legal proceedings. Where possible we will notify you if this happens. 
 Access to your information
 ==========================
 Some communications are shared with other websites. Those using the same software will usually 
 have similar privacy policies. 
 You may be shown embedded videos and provided links to visit other websites as part of your
 day-to-day activities using this website. This MAY expose you to monitoring by external services, such
 as (but not limited to) Facebook, Twitter, and Google. Each website operator is allowed to configure
 whether or not embedded content is permitted.
 Further access to your personal data and stored files is under your control.  
 Our storage of your data is provided under your implied consent through your continued use of
 the service. You may withdraw this consent at any time and on account deletion we will remove
 all data which belongs to you. The process of deletion may take several days as we also make a good faith
 effort to delete it from any internetworked websites that have been provided a copy. 
 All data and files stored for a communications channel are available for you to
 download for either archival puposes or to transfer to another compatible website. 
 Your rights
 ===========
 Under the General Data Protection Regulation
 (GDPR) and The Data Protection Act 2018 
 (DPA) you have a number of rights with regard to your personal data. 
 You have the right to request from us access to and rectification or erasure of your personal data,
 the right to restrict processing, object to processing as well as in certain circumstances the right
 to data portability.
 If you have provided consent for the processing of your data you have the right (in certain 
 circumstances) to withdraw that consent at any time which will not affect the lawfulness of 
 the processing before your consent was withdrawn.
 You have the right to lodge a complaint to the Information Commissioners’ Office if you 
 believe that we have not complied with the requirements of the GDPR or DPA 18 with regard 
 to your personal data.
 Identity and contact details of controller and data protection officer
 [NAME OF COMPANY]
 is the controller 
 [and processor]
 of data for the purposes of the DPA 18 and GDPR. 3
 If you have any concerns as to how your data is processed you can contact:
 [
 [NAME]
 Data Protection Offer at 
 [EMAIL ADDRESS]
 ]
 [NAME] [JOB TITLE]
 at 
 [EMAIL ADDRESS]
 or you can write to these
 individuals using the address of 
 []