|
Size: 5916
Comment:
|
Size: 2801
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| = FSFE Data processing = | Here is a list of services: |
| Line 3: | Line 3: |
| The goal of this page is to provide information regarding data processing at FSFE. ||'''Service'''||'''What data is processed?'''||'''Why is the data processed?'''||'''What legal authorization do we have according to [[https://gdpr-info.eu/art-6-gdpr/|Article 6]] of GDPR?'''||'''Who has access?'''||'''What is our Data retention policy?'''|| ||Account Managing Software (AMS)||Only that which is included in the community database no separate information.|| || || |||| ||art13 savecodeshare.eu||IP addresses, SQL statements for error messages contain personal information|| Error message are used for debugging, the webserver needs to know the source IP address|| || || || ||Blogs|| ||Error message are used for debugging, the webserver needs to know the source IP address|| || || || ||Community Database||Data for our donors, supporters, staff, contractors, and volunteers: registration status, blacklisting status, name, ''birthday'', ''sex'', ''preferred language'', ''postal address'', primary ''and secondary'' email address, opt-in information for communication, information about donations transferred, information about automatic donation renewal status, information about donation receipts issued, ''username and password (hashed) for FSFE services'', information about fellowship cards received, data modification history. ''Italic'' information is voluntary.||(1) Donor liaison, including the creation of donation receipts.<<BR>>(2) Sending out information emails to those who opted in.<<BR>>(3) Maintenance of access to FSFE's online services.<<BR>> (4) Statistical queries.||(1) Legal requirements and legitimate interest.<<BR>>(2) Explicit consent.<<BR>>(3) ?<<BR>>(4) Legitimate interest.||Community database administrator (currently: Reinhard), system administrators.||Data is automatically deleted if the registration is not confirmed (through payment of a donation or through approval by a team coordinator) within 6 weeks after signup. Upon explicit request, data is anonymised.|| ||Discourse||IP Addresses, post timings, usernames||Ip addresses are collected by discourse to prevent and block spam||Consent||ADMIN-TECH|| || ||DNS||logging IP Addresses for errors and for exmaple denied queries, more if debug logging is temporary necessary|| || ||ADMIN-TECH|| || ||Docker environment||Docker containers activities. No personal data|| - || - || - || - || ||docker status service||Docker containers activities. No personal data|| - || - || - || - || ||Drone||Building scripts. No personal data|| - || - || - || - || ||Finance accounting||Transaction data from all bank accounts, includes names of all people who send or receive money to/from FSFE.||To do our accounting||Legal requirements||Financial team, tax consultant, legal authorities.||Currently none defined. Data must be kept at least 10 years by law.|| ||Finance repo||IP Addresses + username logging|| || || || || ||Forms API||No personnal data stored in the logs, but the service processes emails||The service needs the email of the users submitting a form so the emails can reach them||Consent|| || || ||Friendica|| || || || || || ||GDPR process|| || || || || || ||Gitea||Emails and usernames of registered users and the files they work with; webserver logs (source IPs)||For authentication and operation of the platform; webserver logs for debugging || Consent || Service maintainers, system administrators || None; 1 week for logs || ||IRC Cloaks|| || || || || || ||Jabber||Account rosters, logs (connect, disconnect, IP addresses, messages process and possibly stored temporally on the server (offline storage + muc preview), status messages,with debug logging up to who talks to whom)|| || || || || ||LDAP||ldap queries are logged to syslog (we log who tries to login on what service and when)|| || || || || ||Limesurvey|| || || || || || ||Link shortener|| || || || || || ||Email||Email addresses + logs (send, receive emails, hostnames, IP addresses of messages sent through SMTP, etc)|| To manage the forward email service and assure a basic level of spam control || Consent for providing emails and legitimate interest for spam control || Albert Jonas Matthias Max Paul fellowship@klaproth || 1 month || ||Mailing lists||Email address, full name, subscription details, logging see Mail and the [[https://wiki.list.org/DOC/What%20log%20files%20%28logs%29%20does%20Mailman%20write|official Maiman page]] || || Consent || ADMIN-TECH,List-Admins,team@ || Posts and subscriptions are stored for 1 year, bounces and errors are stored for 1 month, messages sent by Mailman itself are stored for 1 week, digests are stored for 4 months || ||Mailtrain + ZoneMTA||Email address, full name, subscription details|| || || || || ||Nlformat script|| || || || || || ||OpenVPN|| || || || || || ||OTRS||All communication around the tickets, in the format of emails exchanged.||Answering of incoming requests.||?||All members of the team which is responsible for the kind of request.||None.|| ||Personell management|| || || || || || ||Planet|| || || || || || ||PMPC website||Source IP, Date, HTTP request, User-agent|| || || || || ||Registration system||Can be configured per event. For LLW, it is name, email address, affiliation, position, telephone number, ticket type, postal address, VAT Id, promotion code used, information about dinner attendance, dieatary preferences (!), participation in mentor system.||Necessary to organise the event.||Fulfillment of a contract.||Ulrike + Polina + ? + System administrators||None defined yet.|| ||SSL certificates||Personal information of the person requesting them|| || || || || ||Subversion|| || || || || || ||Webserver + build system|| || || || || || ||Wekan||Technical logs, no personal data|| || || || || ||Wiki||Source IP addresses||Debugging and security purposes||||Wikicare takers, system-hackers||We store for 14 days|| |
|| '''Name''' || '''Server''' || '''Owner''' || '''Importance''' || '''Links''' || || Supporter database || lund || Reinhard || High || || || Discourse || lund || Björn, Jan, Nikos || Low || [[https://git.fsfe.org/fsfe-system-hackers/community|Deployment code]], [[https://www.discourse.org|Official website]], [[https://community.fsfe.org/|Our Discourse instance]] || || DNS || tennant, scaliger || Albert || High || [[https://wiki.fsfe.org/TechDocs/TechnicalProcesses/UpdateDNSEntries|Update entries]] || || Drone || lund || Max || High || [[https://git.fsfe.org/fsfe-system-hackers/drone|Deployement code]], [[https://wiki.fsfe.org/TechDocs/TechnicalProcesses/DockerDeployment#Drone_configuration|How to use it]], [[https://drone.io/|Official website]] || || Financial repository || hatchett || Albert || High || [[https://wiki.fsfe.org/TechDocs/TechnicalProcesses/FinancialRepository|How does it work]] || || Forms API || lund || || Low || [[https://git.fsfe.org/FSFE/forms|Documentation]] || || Giteat || fajans || Max || High || [[https://wiki.fsfe.org/TechDocs/Git|User documentation]] || || IRC cloaks || || Max || Low || || || Jabber / XMPP || arfwedson || Albert || High || || || LDAP || berzelius || Albert || High || [[https://wiki.fsfe.org/TechDocs/TechnicalProcesses/ChangeuserNameLDAP|Change a username]] || || Limesurvey || lund || || Low || [[https://git.fsfe.org/FSFE/survey|Deployment code]] || || Link shortener || || Paul, Max || Low || || Mails || cavendish, gadolin || Albert || High || [[https://wiki.fsfe.org/TechDocs/Postfix|Documentation]] || || Mailing lists || cavendish || Albert || High || [[https://wiki.fsfe.org/TechDocs/MailingLists|Documentation]] || || Mailtrain || lund || || Low || [[https://git.fsfe.org/fsfe-system-hackers/mailtrain|Deployment code]] || || OpenVPN || winkler || Albert || Low || || OTRS || svedberg || Max, Rienhard || High || [[https://wiki.fsfe.org/TechDocs/Wiki|Documentation]] || || SVN || auer || Albert || High || [[https://wiki.fsfe.org/TechDocs/Subversion|User documentation]] || || Supporters letters || klaproth || Reinhard || Low || || || PMPC website || lund || Max || Low || [[https://git.fsfe.org/pmpc/website|Code repository]] || || Reverse proxy || lund || || High || [[https://git.fsfe.org/fsfe-system-hackers/reverse-proxy|Documentation + Deployement code]], [[https://wiki.fsfe.org/TechDocs/TechnicalProcesses/DockerDeployment|How to use it]] || || Webserver + build system || ekeberg, claus || Paul || High || [[https://wiki.fsfe.org/TechDocs/Mainpage|Documentation]] || || Wekan || lund || || Low || [[https://git.fsfe.org/pmpc/website|Deployment code]] || || Wiki || scheele || Paul, Wikicare takers || High || [[https://wiki.fsfe.org/WikiAdmin|Documentation]] || |
Here is a list of services:
Name |
Server |
Owner |
Importance |
Links |
Supporter database |
lund |
Reinhard |
High |
|
Discourse |
lund |
Björn, Jan, Nikos |
Low |
|
DNS |
tennant, scaliger |
Albert |
High |
|
Drone |
lund |
Max |
High |
|
Financial repository |
hatchett |
Albert |
High |
|
Forms API |
lund |
|
Low |
|
Giteat |
fajans |
Max |
High |
|
IRC cloaks |
|
Max |
Low |
|
Jabber / XMPP |
arfwedson |
Albert |
High |
|
LDAP |
berzelius |
Albert |
High |
|
Limesurvey |
lund |
|
Low |
|
Link shortener |
|
Paul, Max |
Low |
|
Mails |
cavendish, gadolin |
Albert |
High |
|
Mailing lists |
cavendish |
Albert |
High |
|
Mailtrain |
lund |
|
Low |
|
OpenVPN |
winkler |
Albert |
Low |
|
OTRS |
svedberg |
Max, Rienhard |
High |
|
SVN |
auer |
Albert |
High |
|
Supporters letters |
klaproth |
Reinhard |
Low |
|
PMPC website |
lund |
Max |
Low |
|
Reverse proxy |
lund |
|
High |
|
Webserver + build system |
ekeberg, claus |
Paul |
High |
|
Wekan |
lund |
|
Low |
|
Wiki |
scheele |
Paul, Wikicare takers |
High |