TechDocs/Privacy/PolicyDraft

This is a draft for the privacy policy stated on FSFEs website

For feedback, join the discussion on the legal and team list or write to Fellows/paul

Annotations:

General Policy

The restrictions described here on the dissemination of personal information are not subject to change. This policy is updated occasionally but the changes will not reduce the privacy protection of visitors. If there are changes made in the future, the changes will not affect information already collected.

Internal handling of private information

All people working directly for FSFE, including volunteers, are introduced to the privacy policy when they start their work /!\ . People handling non-public information sign a confidentiality statement either as part of a working contract or - in case of volunteers - independently of one. Consequently people who did not sign a confidentiality statement will not have access to personal information <!> .

Processing by third parties

Neither statistical data nor private information is ever sold or handed over to external parties. We will indicate the occasions where data is processed by service providers /!\ . Those contractors will either be subject to data protection laws (i.e. in case of the postal service or regular banks), or will make a separate contract with you to provide the service (i.e. Paypal).

We will also not submit personal data to governmental bodies, except if explicitly required by law or if ordered by a court of competent jurisdiction. In those cases data will be submitted only to the appointed body.

Right to Information, Correction and Deletion

You can request details about your information stored by us and request correction as well as deletion or removal of information. Write an email to privacy@fsfe.org /!\ .

Website Users

Web Server Logging

Web server log entries are recorded each time, a visitor requests a web page or file from one of our web servers. The entries are used to respond to technical issues, particularly for blocking IP addresses or deactivating parts of the web page on the occurence of (D)DOS attacks or targeted attacks on web forms including our payment system.

A reduced version of the server logs will also be used to generate statistics (see "Web Analytics")

Web server logs include

{o} I think we need the full IP address for certain affairs. Recording the address without consent is however problematic in some jurisdictions (including Germany and France depending on the court). We could limit storage of the IP address to certain pages like the payment page, and inform visitors of this before they proceed.

Web server logs will be kept for no more than fourteen days {o} /!\ . The log files are stored on the web server and can be accessed only by our admin staff. On request the admin staff may send excerpts of the log files to employees involved with handling of payments or website development. Those excerpts will be reduced to the information required to track down irregularities with payment processors or server side scripts.

Web Tracking, Web Analytics and Cookies

Web analytics are not performed on the main web server logs /!\ . Statistics are generated daily/weekly ( {o} ) from a reduced copy of the server logs /!\ , containing:

We are interested in the statistics in particular

All analytics information is handled internally and information is processed entirely on infrastructure under the exclusive control of FSFE.

We do not issue permanent cookies containing a unique ID. Some of our systems may use cookies to store user data but this data will not be linked to server side data collection facilities. Systems requiring a login, will usually hand out non-permanent session cookies. Rejection or discarding of permanent cookies will not affect the operability of our websites.

TODO: Decide whether to continue to use Piwik

Embedding of third party content

We do not embed elements from third parties into our website. This applies to graphics, java script and iframes from external websites and also to other means suitable for third party tracking. In particular we will not automatically include social media buttons and embedded content from Disqus, Facebook, Flattr, Google+ and Twitter nor from other social media, content sharing, content hosting and similar services. We may include non-interactive buttons from said services which do either function as web links (i.e. Flattr) or become functional and capable of third party tracking after explicit user interaction. We do not allow dynamic scripts on our website to connect to external services without deliberate user interaction.

Client side Scripting

Even though we may use Java Script to ease user interaction where applicable, our websites can be operated without any dependance on client-side scripting. You can

without enabling java script or similar techniques in your browser.

Submission of user data

At some places on our websites you can sign petitions, announce fellowship events, or enter other information. The information entered at these points is processed in ways dependent on the purpose. Whenever you encounter a web form where you can enter information you should find a description text on the same page, that states in what form the entered information is stored, processed and published. Should such information not be present, write an email to web@fsfeurope.org and we will see that it gets added to the page {o} .

Mail order

Mail order of unpaid material

If you request promotion material (or any other kind of item which we send to you free of charge) your order detail, postal address and contact information will be sent to our staff members by internal email. The information is not stored in a database on the web server. Your address and contact information will only be used to send the material to you and to make inquiries regarding your request of said material. In particular the information is not used to send out newsletters or solicitation letters after you receive your material <!> . Should you choose to place a donation with your request for material this donation will be handled in accordance with our donation policy (see next paragraph).

You do not require an account on our website to place a request for unpaid material.

{o} For how long do we keep promo order mails? The mails will have to be removed manually by all staff members. We could make the order form send out two mails, one containing the order with address and donation info and one containing only the order details and mail contact. This way we can delete the mail containing the postal address while keeping contact info and possible communication for further reference.

Mail order of merchandise material

If you order paid material from our merchandise store (like T-shirts, coffee mugs, etc.) the procedure is similar as with promotional material. Your order detail, postal address and contact information will be sent to our staff members by internal email. The information is not stored in a database on the web server. Your address and contact information will only be used to send the material to you and to make inquiries regarding your request of said material. In particular the information is not used to send out newsletters or solicitation letters after you receive your material <!> .

We will store your payment details and material order for book keeping purposes to extent required by German law.

You do not require an account on our website to order material from the shop.

{o} What exact information do we have to store for how long?

Donations

Should you make a donation to us, we will store accounting information regarding any payment to the extent required by German law. In addition we will publish information about monetary and material donations in accordance with our transparency policy.

TechDocs/Privacy/PolicyDraft (last edited 2017-04-06 19:47:31 by doczkal)