Improve privacy policy structure and contents #2
Loading…
Reference in a new issue
No description provided.
Delete branch "pp-v2"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
@ -50,3 +98,3 @@
## Where is the personal data stored?
We run our all of our services on servers of the company [Greenbaum Cloud](https://greenbaum.cloud/).
We run our all of our services on dedicated servers of the company [Hetzner GmbH](https://hetzner.com/). The data on these servers is encrypted at rest. Backups are made to several locations, the data is encrypted before it is sent to the backup locations.
I would make this more broad to be flexible:
I think we could use this PR to also include information about our wiki.
Bunch of comments. If you want, I can make the changes, just ping me here.
@ -30,1 +30,3 @@
"Matrix" is an open, decentralized communication service for real-time communication. It enables members of pub.solar n.e.V., as well as other interested parties, to communicate with other users of this server as well as other Matrix users of federated Matrix servers via chat and audio/video telephony by means of a Matrix account.
The services we offer each require their own dataset to be able to function. A specific service only records data if you use it.
If you become a member of the association, we'll have to process personal data to make sure we oblige by German law.
... we'll have to process personal data to make sure we comply with German law.
@ -43,3 +41,4 @@
Any additional information that the user chooses to supply while using the services provided by us (whether it is chats, posts, emails, etc.). This additional information is optional and with the user's consent.
If you become a member in the association, we record your full name, email address, and home address.
If you become a member of the association...
@ -46,0 +45,4 @@
### Keycloak (auth.pub.solar)
A valid email address: required for account creation. This email address is deleted from our database after the account has been approved/denied, unless the user chooses during the registration process, to keep it for password reset process.
A user's email address is not getting deleted automatically right now. Would you like to add this here as an incentive for us to create such an automation?
@ -46,0 +47,4 @@
A valid email address: required for account creation. This email address is deleted from our database after the account has been approved/denied, unless the user chooses during the registration process, to keep it for password reset process.
An username and a password: required to identify the account holder and provide the services offered by pub.solar.
An username (called pub.solar ID).
Also maybe mention possible second factor here?
@ -46,0 +51,4 @@
### Nextcloud (cloud.pub.solar)
This service requires login with pub.solar credentials.
Let's stick to pub.solar ID everywhere.
@ -46,0 +55,4 @@
Everything (files, calendars, contacts, news, tasks, bookmarks, etc.) is stored unencrypted in a database, unless an application provides external encryption (none so far). This is a limitation of the software we are utilizing for this service (Nextcloud).
We do not currently encrypt files when you upload them because we've had some bad experiences with dataloss incurred through end-to-end encryption.
dataloss -> data loss
@ -46,0 +57,4 @@
We do not currently encrypt files when you upload them because we've had some bad experiences with dataloss incurred through end-to-end encryption.
Server logs, which store information such as, but not limited to, your IP address, your username, an app currently used, error messages and User Agent, are stored for a period of 24 hours after which they are deleted from the server. No backup of log files is created. Logs are kept to prevent brute-force attacks on accounts and to provide quick insight when debugging issues.
Let's make this 7 days. We're not working full time on pub.solar, so we might notice an issue with a delay and still want to be able to debug it.
@ -46,0 +61,4 @@
### Git (git.pub.solar)
This service requires login with pub.solar credentials.
Let's stick to pub.solar ID everywhere.
View command line instructions
Checkout
From your project repository, check out a new branch and test the changes.