|
Size: 10044
Comment: add acls to only allow team to edit
|
Size: 19943
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| #acl Group/Team,Group/WikiCareTakers:read,write,delete,revert,admin All:read | #acl Group/Team:read,write,delete,revert,admin All:read |
| Line 3: | Line 3: |
| = FSFE Data processing = | = FSFE Records of processing activities = The goal of this page is to provide information regarding data processing at FSFE. It is still a work in progress and we are constantly improving the information. In case you have any questions about it, please get in contact with privacy@fsfe.org. |
| Line 5: | Line 6: |
| The goal of this page is to provide information regarding data processing at FSFE. | The FSFE e.V., Schönhauser Allee 6/7 Stairway 2, 5. floor 10119 Berlin Germany, is controller for all those processings, the most effective ways to contact the association are on our [[https://fsfe.org/contact/contact.html|contact]] page. == Web sites : visitors == || '''Service''' ||'''Processing'''||'''What data is processed?'''||'''Why is the data processed?'''||'''What legal authorization do we have according to [[https://gdpr-info.eu/art-6-gdpr/|Article 6]] of GDPR?'''||'''Who has access?'''||'''What is our Data retention policy?'''|| || FSFE website || Users visiting the website|| ?? || The web server needs the public IP addresses to serve the pages, we also use those data for debugging and security purposes || Legitimate Interest || || || || PMPC website || Users visiting the website|| Source IP, Date, HTTP request, User-agent.<<BR>>The source IP is the IP address of our reverse proxy, not a personnal information || The web server needs the public IP addresses to serve the pages, we also use those data for debugging and security purposes || Legitimate Interest || Sysadmin || The campaign's duration (to be confirmed 1)|| || PMPC website || Signing the open letter || Email and name, ''country, ZIP code, comment'' <<BR>> ''Italic'' information is voluntary|| To display signature of the open letter; <<BR>> to give updates about the campaign(specific consent) <<BR>> To add the signature to the public list(specific consent) || Consent <<BR>> [[https://publiccode.eu/privacy/|Link to privacy policy]] || The public list is accessible to everyone <<BR>> PMPC coordinator and Sysadmin for others information || The campaign's duration || || art13 savecodeshare.eu || Signing the open letter || Name, email, ''country'' <<BR>> ''Italic'' information is voluntary|| To display signature of the open letter; <<BR>> to give updates about the campaign (specific consent) || Consent <<BR>> [[https://wiki.fsfe.org/Activities/Privacy/PolicyDraft/Art13|Link to privacy policy]] || Signatures will be handed over to the Members of the European Parliament and the EU Council <<BR>> Sysadmin access everything || Data is stored for the container lifetime (i.e. the campaign's duration) <<BR>> Data may be kept by the Members of the European Parliament and the EU Council for an unknown time || || art13 savecodeshare.eu || Visiting the website || IP addresses, SQL statements for error messages contain personal information <<BR>>The IP is the IP address of our reverse proxy, not a personnal information || The web server needs the public IP addresses to serve the pages, we also use those data for debugging and security purposes || Legitimate interest || system administrators || Data is stored for the container lifetime (? 2) || || Blogs || User visiting the website || IP addresses ||The web server needs the public IP addresses to serve the pages, we also use those data for debugging and security purposes || Legitimate Interest || (missing information 3) || (missing information 3)|| || Wiki || User visiting the website || Source IP addresses || The web server needs the public IP addresses to serve the pages, we also use those data for debugging and security purposes || Legitimate Interest||Wikicare takers, system-hackers || We store data for 14 days|| == Social Media == If you do not click on any external buttons to external sides, data will not be transferred. [TODO : Add references to privacy policies of the services we use.] == Collaboration == |
| Line 8: | Line 29: |
| ||Account Managing Software (AMS)|| Storage of supporter data ||Only that which is included in the community database no separate information.|| - || - || - || - || || art13 savecodeshare.eu || Webserver || IP addresses, SQL statements for error messages contain personal information|| Error message are used for debugging, the webserver needs to know the source IP address || consent [[https://wiki.fsfe.org/Activities/Privacy/PolicyDraft/Art13|Link to privacy policy]] || system administrators || Data is stored for the container lifetime || || Blogs || User visiting the website||Error message are used for debugging, the web server needs to know the source IP address|| || || || || || Community Database|| Donations || Data for our donors: information about donations transferred, information about automatic donation renewal status, information about donation receipts issued, emails if opted in|| Donor liaison, including the creation of donation receipts.||Legal requirements ||Community database administrator (currently: Reinhard), system administrators.|| None || || Community Database || Emails of donors || emails if opted in|| Donor liaison, including the creation of donation receipts.|| Consent ||Community database administrator (currently: Reinhard), system administrators.|| none || ||Community Database|| Supporters account || Data for our, supporters, staff, contractors, and volunteers: registration status, blacklisting status, name, ''birthday'', ''sex'', ''preferred language'', ''postal address'', primary ''and secondary'' email address, opt-in information for communication, username and password (hashed) for FSFE services, information about fellowship cards received, data modification history. ''Italic'' information is voluntary.|| Maintenance of access to FSFE's online services.<<BR>> Statistical queries.|| Consent||Community database administrator (currently: Reinhard), system administrators.||Data is automatically deleted if the registration is not confirmed (through approval by a team coordinator) within 6 weeks after signup. Upon explicit request, data is anonymised.|| || Discourse || Webserver||IP Addresses, post timings, usernames|| IP addresses are collected by discourse to prevent and block spam|| Consent || system administrators + service maintainers || Data is stored for the container lifetime || |
||<rowspan="2"> Community Database and LDAP server || FSFE account management || Name, email address, username, password hash || Managing access to FSFE's online services || Legitimate interest || Community database administrator || Data is stored as long as the account exists || || Community data maintenance || Birthday, sex, preferred language, postal address, secondary email address || Managing FSFE's community of contributors || Consent || Community database administrator || Data can be changed or deleted at any time by the subject || || Wiki || FSFE Wiki || Account data (Name or Username, Pseudonym, email address from the FSFE account, optionally jabber ID), a dedicated personal page (optional), attribution for all contributions <<BR>> || Wiki management and attribution of work || Contract || Public pages are accessible to everyone, other pages may have limited access depending on [[https://wiki.fsfe.org/TechDocs/Wiki)|ACL]] || As long as the account exist (to be confirmed 1) <<BR>> As the account is the base to attribution of contribution, we do not delete account without the data subject request.|| || Gitea || FSFE Gitea contributions || Emails and usernames of registered users and the files they work with; webserver logs (source IPs)||For authentication and operation of the platform; attribution of contribution; webserver logs for debugging || Contract || contribution are public, logs are accessible only to Service maintainers, system administrators || As long as the account exist (to be confirmed 1) <<BR>> As the account is the base to attribution of contribution, we do not delete account without the data subject request. <<BR>> <<BR>> 1 week for logs || || FSFE website ||Translators of the website|| name or pseudonym of translators of each page || To attribute translation to its translators whenever they accept to be cited || Consent || public information || Attribution is kept as long as the translation exist || || Reimbursements || Financial reimbursements for expenses || All communication around the reimbursement including payment data || Reimbursing (paid and volunteer) contributors for their expenses || Contract || Financial team, parties involved in the payment processing, tax consultant, public authorities || Data is stored according to statutory storage periods || == Orders == ||'''Processing'''||'''What data is processed?'''||'''Why is the data processed?'''||'''What legal authorization do we have according to [[https://gdpr-info.eu/art-6-gdpr/|Article 6]] of GDPR?'''||'''Who has access?'''||'''What is our Data retention policy?'''|| ||<rowspan="3"> Promotion material orders ||<rowspan="2"> Order information from [[https://fsfe.org/contribute/spreadtheword|this]] form || Answering of incoming requests, sending packages, and requesting feedback || Contract ||<rowspan="2"> FSFE office staff and financial team ||<rowspan="2"> Data is stored for 13 months after the order || || Generating statistics about promotion material orders || Legitimate interest || || Payment information in case a donation is made along with the order || Accounting || Legal requirements || Financial team, parties involved in the payment processing, tax consultant, public authorities || Data is stored according to statutory storage periods || ||<rowspan="2"> Merchandise orders || Order information from [[https://fsfe.org/order/order|this]] form || Answering of incoming requests, and sending packages || Contract || FSFE office staff and financial team. || Data is stored for 13 months after the order || || Payment information || Accounting || Legal requirements || Financial team, parties involved in the payment processing, tax consultant, public authorities || Data is stored according to statutory storage periods || == Donations == ||'''Processing'''||'''What data is processed?'''||'''Why is the data processed?'''||'''What legal authorization do we have according to [[https://gdpr-info.eu/art-6-gdpr/|Article 6]] of GDPR?'''||'''Who has access?'''||'''What is our Data retention policy?'''|| || All Donations || Name, email address, date of payment, payment method, amount || Processing the donation, accounting || Legal requirements || Community database administrator, financial team, parties involved in the payment processing, tax consultant, public authorities || Data is stored according to statutory storage periods || || Supporter contributions || Name, email address, date/method/amount of last payment, automatic renewal status || Reminding supporters of the next contribution || Contract || Community database administrator || Data is processed as long as the subject participates in FSFE's supporter program || || Donations for which a donation receipt is requested || Name, postal address, date of payment, amount, date of donation receipt || Issuing donation receipts || Legal requirements || Community database administrator, financial team, tax consultant, public authorities || Data is stored according to statutory storage periods || || Donations >= 480 € per year or 40 € per month || Name, donation category || Maintaining the public [[https://fsfe.org/donate/thankgnus.en.html|donors list]] for reasons of transparency and recognition || Consent || This data is public || As long as the FSFE exists or until the person revoke his or her consent || == Communications means == || '''Service''' ||'''Processing'''||'''What data is processed?'''||'''Why is the data processed?'''||'''What legal authorization do we have according to [[https://gdpr-info.eu/art-6-gdpr/|Article 6]] of GDPR?'''||'''Who has access?'''||'''What is our Data retention policy?'''|| || Community emails || Emails from the FSFE to its communiy || Name, email address, preferred language (optional), sex (optional, to allow for correct grammar), postal address (optional, to allow for region-specific information) || Keeping the FSFE community informed || Consent || Community database administrator || Data is stored until consent is revoked || || Mailman || Mailing lists (https://lists.fsfe.org/mailman/listinfo) || Email address, full name or pseudonym (if the person choose to insert one), subscription details, logging see the [[https://wiki.list.org/DOC/What%20log%20files%20%28logs%29%20does%20Mailman%20write|official Mailman page]] || To manage the mails going from and to the list the individual subscribed to. || Consent (for each mailing list) || Mails on the mailing list may have different level of publicity from public (archive included) to restricted to a given group (see description of the list for more information) <BR> ADMIN-TECH,List-Admins,team@ may have access to all mails || Posts and subscriptions are stored for 1 year, bounces and errors are stored for 1 month, messages sent by Mailman itself are stored for 1 week, digests are stored for 4 months || || QuickML ||Mailing list || Email addresses || To manage the mails going from and to the list the individual subscribed to. || Consent (for each mailing list) || ?? || ?? || || Newsletter ||Newsletter ||Email addresses, preferred language || To send the newsletter in the good language || Consent || Sysadmin, PR team || As long as subscribed. || || OTRS || Tickets processing || All communication around the tickets, in the format of emails exchanged || Answering of incoming requests.|| Consent ||FSFE core team.||The time to close the issue raised + X months (To Be determined 1)|| || Discourse || Webserver||IP Addresses, post timings, usernames, posts|| IP addresses are collected by discourse to prevent and block spam|| Consent || system administrators + service maintainers || Data is stored for the container lifetime || ||CARE Team|| CoC and sanction management (To be confirmed 2) ||Depending on the situation, identification data (name/pseudo/description), contact (emails, phone number) etc. || Data are processed to solve CoC infringement <<BR>> It may imply to enforce sanction like banishment of mailing-list or events || Legitimate interest || CARE Team || The time needed to solve the situation. Information regarding blacklisted individuals are kept for the time of the sanction. || == Communications tools for the FSFE community == || '''Service''' ||'''Processing'''||'''What data is processed?'''||'''Why is the data processed?'''||'''What legal authorization do we have according to [[https://gdpr-info.eu/art-6-gdpr/|Article 6]] of GDPR?'''||'''Who has access?'''||'''What is our Data retention policy?'''|| || Email server || Emails processing and forwarding || Email addresses + logs (send, receive emails, hostnames, IP addresses of messages sent through SMTP, etc) || To manage the forward email service and assure a basic level of spam control || Consent for providing emails and legitimate interest for spam control || Albert Jonas Matthias Max Paul fellowship@klaproth || 1 month || || IRC Cloaks || || || || || || || || Jabber / XMPP || Massage processing || Account rosters, logs (connect, disconnect, messages process and possibly stored temporally on the server (offline storage + muc preview), status messages, with debug logging up to who talks to whom) || Debugging purposes || Consent for accessing the service || system administrators || 2 weeks || || Blogs || Writing your blog || Your account (Username, nickname, email addresses, more is optional), your articles, log data || To provide a platform for blogs || Contract || article publicity depends on the owner choosing <<BR>> sysadmin || Until you delete your blog or we discontinue the service || == Employee information and tools == || '''Service''' ||'''Processing'''||'''What data is processed?'''||'''Why is the data processed?'''||'''What legal authorization do we have according to [[https://gdpr-info.eu/art-6-gdpr/|Article 6]] of GDPR?'''||'''Who has access?'''||'''What is our Data retention policy?'''|| ||Finance Archive || Storage of financial and employee records ||Transaction data from all bank accounts, includes names of all people who send or receive money to/from FSFE.||To do our accounting||Legal requirements (we have to keep them for 10 years by law) ||Financial team, tax consultant, legal authorities.|| Information older than X>10 (11?) years are deleted after the annual closure of our accounts (to be confirmed 2)|| ||Finance Archive|| (not an independent processing) || SSH connections are logged (IP Addresses + username) || for debugging and security purposes || not applicable (not an independent processing) || coordinator and deputy coordinator system administration team , finance team|| 1 month || || FSFE website || [[https://fsfe.org/internal/pd|Per diem calculator]] (used for travels reimbursement) || The data entered in the form || To help staffers to calculate allowance || Contract (employment/Intern contract) || Website administrators can access log (to be confirmed 1) || The data is not stored|| || Nextcloud || Nextcloud Account management || Emails and usernames of registered users and the files they work with; calendar and contact entries; webserver logs (user agent)|| Main working tool for everyday tasks (from sharing documents to calendar and conatact management) || Contract (employment/Intern contract)|| Service maintainers, system administrators || account: (missing information 3) Data: unlimited / until user deletes data; logs of data: until service update || || Nextcloud || (not an independent processing) || webserver logs (user agent) || Security and debugging || not applicable (not an independent processing) || Service maintainers, system administrators || logs: until service update || || OTRS || Job and internship applications || Job and internship applications are stored as OTRS tickets, after a decision the ticket with attachments will be deleted ||Answering and reviewing applications || Consent ||FSFE council members and staff. We may share the application with advisors and members|| (missing information 4).|| {{{#!wiki comment/dotted == Newsletter / Press releases == || '''Service''' ||'''Processing'''||'''What data is processed?'''||'''Why is the data processed?'''||'''What legal authorization do we have according to [[https://gdpr-info.eu/art-6-gdpr/|Article 6]] of GDPR?'''||'''Who has access?'''||'''What is our Data retention policy?'''|| || Newsletter and Press lists || ||Information about who did what including names and where things happened || To inform the public about Free Software|| || || || || Nlformat script || || || || || || || == Misc == || '''Service''' ||'''Processing'''||'''What data is processed?'''||'''Why is the data processed?'''||'''What legal authorization do we have according to [[https://gdpr-info.eu/art-6-gdpr/|Article 6]] of GDPR?'''||'''Who has access?'''||'''What is our Data retention policy?'''|| |
| Line 16: | Line 97: |
| || Finance repo || Storage of financial records ||Transaction data from all bank accounts, includes names of all people who send or receive money to/from FSFE.||To do our accounting||Legal requirements||Financial team, tax consultant, legal authorities.||Currently none defined. Data must be kept at least 10 years by law.|| ||Finance repo|| SSH connections || IP Addresses + username logging || debugging purposes || consent || Albert, Francesca, Matthias, Max, Polina, Ulrike || 1 month || || Emails processing || Forms API|| No personal data stored in the logs, but the service processes emails || The service needs the email of the users submitting a form so the emails can reach them||Consent|| system administrators || Data is stored for the container lifetime || ||Friendica|| || || || || || || Gitea || Accounts management || Emails and usernames of registered users and the files they work with; webserver logs (source IPs)||For authentication and operation of the platform; webserver logs for debugging || Consent || Service maintainers, system administrators || None; 1 week for logs || || Gitea || Webserver || web server logs (source IPs)|| ogs for debugging || Consent || Service maintainers, system administrators ||1 week for logs || || IRC Cloaks || || || || || || || || Jabber / XMPP || Massage processing || Account rosters, logs (connect, disconnect, messages process and possibly stored temporally on the server (offline storage + muc preview), status messages, with debug logging up to who talks to whom) || Debugging purposes || Consent || system administrators || 2 weeks || |
|| SSL certificates || Certificate processing (openssl) || Personal information of the person requesting them, email addresses and names (or whatever data is inserted by the person who is doing the certificate request) || Because the CA needs to know who requested a certificate|| Consent || System administrators || Data are stored as long as the certificate exists || || OpenVPN || || || || || || || || Personell management || || || || || || || || Subversion || svn use || No personal information are stored. Public IP addresses are processed by the webserver || The webserver needs the public IP addresses to serve requests || Consent || System administrators || - || || Registration system || Data entered in surveys || Can be configured per event. For LLW, it is name, email address, affiliation, position, telephone number, ticket type, postal address, VAT Id, promotion code used, information about dinner attendance, dieatary preferences (!), participation in mentor system.||Necessary to organise the event.||Fulfillment of a contract.||finance team + + System administrators||None defined yet.|| |
| Line 27: | Line 105: |
| || Email server || Emails processing and forwarding || Email addresses + logs (send, receive emails, hostnames, IP addresses of messages sent through SMTP, etc) || To manage the forward email service and assure a basic level of spam control || Consent for providing emails and legitimate interest for spam control || Albert Jonas Matthias Max Paul fellowship@klaproth || 1 month || || Mailman || Maing lists || Email address, full name (if the person choose to insert it), subscription details, logging see Mail and the [[https://wiki.list.org/DOC/What%20log%20files%20%28logs%29%20does%20Mailman%20write|official Mailman page]] || The mailing list service needs to know email addresses to achieve its goal || Consent || ADMIN-TECH,List-Admins,team@ || Posts and subscriptions are stored for 1 year, bounces and errors are stored for 1 month, messages sent by Mailman itself are stored for 1 week, digests are stored for 4 months || |
||Planet || || || || || || || || Emails processing || Forms API|| No personal data stored in the logs, but the service processes emails || The service needs the email of the users submitting a form so the emails can reach them||Consent|| system administrators || Data is stored for the container lifetime || |
| Line 30: | Line 108: |
| || Nextcloud || Nextcloud Account management || Emails and usernames of registered users and the files they work with; calendar and contact entries; webserver logs (user agent)||Proposer operation of service; debugging || Consent || Service maintainers, system administrators || Data: unlimited / until user deletes data; logs: until service update || || Nextcloud || Webserver || webserver logs (user agent) ||Proposer operation of service; debugging || Consent || Service maintainers, system administrators || Data: unlimited / until user deletes data; logs: until service update || || Nlformat script || || || || || || || || OpenVPN || || || || || || || || OTRS || Internship applications || Internship applications are stored as OTRS tickets ||Answering and reviewing applications || Consent ||All members of the team which is responsible for the kind of request.||None.|| || OTRS || Promo orders|| We store promo orders information from [[https://fsfe.org/contribute/spreadtheword|this]] form ||Answering of incoming requests and sending packages|| Consent ||All members of the team which is responsible for the kind of request.||None|| || OTRS || Tickets processing || All communication around the tickets, in the format of emails exchanged || Answering of incoming requests.|| Consent ||All members of the team which is responsible for the kind of request.||None.|| || Personell management || || || || || || || ||Planet || || || || || || || || PMPC website || Users visiting the webiste|| Source IP, Date, HTTP request, User-agent|| The web server needs the public IP addresses to serve requests || Consent. [[https://publiccode.eu/privacy/|Link to privacy policy]] || Sysadmin || The campaign's duration || || PMPC website || Signing the open letter || Email and name, country, ZIP code, comment || To display signature of the open letter and to give updates about the campaign || consent. [[https://publiccode.eu/privacy/|Link to privacy policy]] || Sysadmin || The campaign's duration || || Registration system || Data entered in surveys || Can be configured per event. For LLW, it is name, email address, affiliation, position, telephone number, ticket type, postal address, VAT Id, promotion code used, information about dinner attendance, dieatary preferences (!), participation in mentor system.||Necessary to organise the event.||Fulfillment of a contract.||Ulrike + Polina + ? + System administrators||None defined yet.|| || SSL certificates || Certificate processing (openssl) || Personal information of the person requesting them, email addresses and names (or whatever data is inserted by the person who is doing the certificate request) || Because the CA needs to know who requested a certificate|| Consent || System administrators || Data are stored as long as the certificate exists || || Subversion || svn use || No personal information are stored. Public IP addresses are processed by the webserver || The webserver needs the public IP addresses to serve requests || Consent || System administrators || - || || Webserver + build system|| Webserver || || || || || || || FSFE website || [[https://fsfe.org/internal/pd|Per diem calculator]] (used for travels reimbursement) || The data entered in the form || To help staffers to calculate allowance || Consent || Website administrators || The data is not stored|| || FSFE website || [[https://fsfe.org/donate/thankgnus.en.html|Donors page]] || All data stored in [[https://git.fsfe.org/FSFE/fsfe-website/src/branch/master/donate|thankgnus*.xhtml]] || To display a list of our donors || Consent || This data is public || None || || Wiki || Webserver || Source IP addresses || Debugging and security purposes || ||Wikicare takers, system-hackers || We store data for 14 days|| |
|| Webserver + build system|| Webserver || || || || || ||}}} == Security principles == [DRAFT] By default, we apply the following principles to assure the security of your data: * we use only Free Software and open standards; * we apply a need to know principle for all our processing; * no password is in cleartext; * we log the minimum amount of information to allow us to debug or assure the security of our system; * we in general encourage staff and volunteers to use encryption for communication and file storage; * very few people have access to servers where the data is stored |
FSFE Records of processing activities
The goal of this page is to provide information regarding data processing at FSFE. It is still a work in progress and we are constantly improving the information. In case you have any questions about it, please get in contact with privacy@fsfe.org.
The FSFE e.V., Schönhauser Allee 6/7 Stairway 2, 5. floor 10119 Berlin Germany, is controller for all those processings, the most effective ways to contact the association are on our contact page.
Web sites : visitors
Service |
Processing |
What data is processed? |
Why is the data processed? |
What legal authorization do we have according to Article 6 of GDPR? |
Who has access? |
What is our Data retention policy? |
FSFE website |
Users visiting the website |
?? |
The web server needs the public IP addresses to serve the pages, we also use those data for debugging and security purposes |
Legitimate Interest |
|
|
PMPC website |
Users visiting the website |
Source IP, Date, HTTP request, User-agent. |
The web server needs the public IP addresses to serve the pages, we also use those data for debugging and security purposes |
Legitimate Interest |
Sysadmin |
The campaign's duration (to be confirmed 1) |
PMPC website |
Signing the open letter |
Email and name, country, ZIP code, comment |
To display signature of the open letter; |
Consent |
The public list is accessible to everyone |
The campaign's duration |
art13 savecodeshare.eu |
Signing the open letter |
Name, email, country |
To display signature of the open letter; |
Consent |
Signatures will be handed over to the Members of the European Parliament and the EU Council |
Data is stored for the container lifetime (i.e. the campaign's duration) |
art13 savecodeshare.eu |
Visiting the website |
IP addresses, SQL statements for error messages contain personal information |
The web server needs the public IP addresses to serve the pages, we also use those data for debugging and security purposes |
Legitimate interest |
system administrators |
Data is stored for the container lifetime (? 2) |
Blogs |
User visiting the website |
IP addresses |
The web server needs the public IP addresses to serve the pages, we also use those data for debugging and security purposes |
Legitimate Interest |
(missing information 3) |
(missing information 3) |
Wiki |
User visiting the website |
Source IP addresses |
The web server needs the public IP addresses to serve the pages, we also use those data for debugging and security purposes |
Legitimate Interest |
Wikicare takers, system-hackers |
We store data for 14 days |
Social Media
If you do not click on any external buttons to external sides, data will not be transferred. [TODO : Add references to privacy policies of the services we use.]
Collaboration
Service |
Processing |
What data is processed? |
Why is the data processed? |
What legal authorization do we have according to Article 6 of GDPR? |
Who has access? |
What is our Data retention policy? |
Community Database and LDAP server |
FSFE account management |
Name, email address, username, password hash |
Managing access to FSFE's online services |
Legitimate interest |
Community database administrator |
Data is stored as long as the account exists |
Community data maintenance |
Birthday, sex, preferred language, postal address, secondary email address |
Managing FSFE's community of contributors |
Consent |
Community database administrator |
Data can be changed or deleted at any time by the subject |
|
Wiki |
FSFE Wiki |
Account data (Name or Username, Pseudonym, email address from the FSFE account, optionally jabber ID), a dedicated personal page (optional), attribution for all contributions |
Wiki management and attribution of work |
Contract |
Public pages are accessible to everyone, other pages may have limited access depending on ACL |
As long as the account exist (to be confirmed 1) |
Gitea |
FSFE Gitea contributions |
Emails and usernames of registered users and the files they work with; webserver logs (source IPs) |
For authentication and operation of the platform; attribution of contribution; webserver logs for debugging |
Contract |
contribution are public, logs are accessible only to Service maintainers, system administrators |
As long as the account exist (to be confirmed 1) |
FSFE website |
Translators of the website |
name or pseudonym of translators of each page |
To attribute translation to its translators whenever they accept to be cited |
Consent |
public information |
Attribution is kept as long as the translation exist |
Reimbursements |
Financial reimbursements for expenses |
All communication around the reimbursement including payment data |
Reimbursing (paid and volunteer) contributors for their expenses |
Contract |
Financial team, parties involved in the payment processing, tax consultant, public authorities |
Data is stored according to statutory storage periods |
Orders
Processing |
What data is processed? |
Why is the data processed? |
What legal authorization do we have according to Article 6 of GDPR? |
Who has access? |
What is our Data retention policy? |
Promotion material orders |
Order information from this form |
Answering of incoming requests, sending packages, and requesting feedback |
Contract |
FSFE office staff and financial team |
Data is stored for 13 months after the order |
Generating statistics about promotion material orders |
Legitimate interest |
||||
Payment information in case a donation is made along with the order |
Accounting |
Legal requirements |
Financial team, parties involved in the payment processing, tax consultant, public authorities |
Data is stored according to statutory storage periods |
|
Merchandise orders |
Order information from this form |
Answering of incoming requests, and sending packages |
Contract |
FSFE office staff and financial team. |
Data is stored for 13 months after the order |
Payment information |
Accounting |
Legal requirements |
Financial team, parties involved in the payment processing, tax consultant, public authorities |
Data is stored according to statutory storage periods |
Donations
Processing |
What data is processed? |
Why is the data processed? |
What legal authorization do we have according to Article 6 of GDPR? |
Who has access? |
What is our Data retention policy? |
All Donations |
Name, email address, date of payment, payment method, amount |
Processing the donation, accounting |
Legal requirements |
Community database administrator, financial team, parties involved in the payment processing, tax consultant, public authorities |
Data is stored according to statutory storage periods |
Supporter contributions |
Name, email address, date/method/amount of last payment, automatic renewal status |
Reminding supporters of the next contribution |
Contract |
Community database administrator |
Data is processed as long as the subject participates in FSFE's supporter program |
Donations for which a donation receipt is requested |
Name, postal address, date of payment, amount, date of donation receipt |
Issuing donation receipts |
Legal requirements |
Community database administrator, financial team, tax consultant, public authorities |
Data is stored according to statutory storage periods |
Donations >= 480 € per year or 40 € per month |
Name, donation category |
Maintaining the public donors list for reasons of transparency and recognition |
Consent |
This data is public |
As long as the FSFE exists or until the person revoke his or her consent |
Communications means
Service |
Processing |
What data is processed? |
Why is the data processed? |
What legal authorization do we have according to Article 6 of GDPR? |
Who has access? |
What is our Data retention policy? |
Community emails |
Emails from the FSFE to its communiy |
Name, email address, preferred language (optional), sex (optional, to allow for correct grammar), postal address (optional, to allow for region-specific information) |
Keeping the FSFE community informed |
Consent |
Community database administrator |
Data is stored until consent is revoked |
Mailman |
Mailing lists (https://lists.fsfe.org/mailman/listinfo) |
Email address, full name or pseudonym (if the person choose to insert one), subscription details, logging see the official Mailman page |
To manage the mails going from and to the list the individual subscribed to. |
Consent (for each mailing list) |
Mails on the mailing list may have different level of publicity from public (archive included) to restricted to a given group (see description of the list for more information) <BR> ADMIN-TECH,List-Admins,team@ may have access to all mails |
Posts and subscriptions are stored for 1 year, bounces and errors are stored for 1 month, messages sent by Mailman itself are stored for 1 week, digests are stored for 4 months |
QuickML |
Mailing list |
Email addresses |
To manage the mails going from and to the list the individual subscribed to. |
Consent (for each mailing list) |
?? |
?? |
Newsletter |
Newsletter |
Email addresses, preferred language |
To send the newsletter in the good language |
Consent |
Sysadmin, PR team |
As long as subscribed. |
OTRS |
Tickets processing |
All communication around the tickets, in the format of emails exchanged |
Answering of incoming requests. |
Consent |
FSFE core team. |
The time to close the issue raised + X months (To Be determined 1) |
Discourse |
Webserver |
IP Addresses, post timings, usernames, posts |
IP addresses are collected by discourse to prevent and block spam |
Consent |
system administrators + service maintainers |
Data is stored for the container lifetime |
CARE Team |
CoC and sanction management (To be confirmed 2) |
Depending on the situation, identification data (name/pseudo/description), contact (emails, phone number) etc. |
Data are processed to solve CoC infringement |
Legitimate interest |
CARE Team |
The time needed to solve the situation. Information regarding blacklisted individuals are kept for the time of the sanction. |
Communications tools for the FSFE community
Service |
Processing |
What data is processed? |
Why is the data processed? |
What legal authorization do we have according to Article 6 of GDPR? |
Who has access? |
What is our Data retention policy? |
Email server |
Emails processing and forwarding |
Email addresses + logs (send, receive emails, hostnames, IP addresses of messages sent through SMTP, etc) |
To manage the forward email service and assure a basic level of spam control |
Consent for providing emails and legitimate interest for spam control |
Albert Jonas Matthias Max Paul fellowship@klaproth |
1 month |
IRC Cloaks |
|
|
|
|
|
|
Jabber / XMPP |
Massage processing |
Account rosters, logs (connect, disconnect, messages process and possibly stored temporally on the server (offline storage + muc preview), status messages, with debug logging up to who talks to whom) |
Debugging purposes |
Consent for accessing the service |
system administrators |
2 weeks |
Blogs |
Writing your blog |
Your account (Username, nickname, email addresses, more is optional), your articles, log data |
To provide a platform for blogs |
Contract |
article publicity depends on the owner choosing |
Until you delete your blog or we discontinue the service |
Employee information and tools
Service |
Processing |
What data is processed? |
Why is the data processed? |
What legal authorization do we have according to Article 6 of GDPR? |
Who has access? |
What is our Data retention policy? |
Finance Archive |
Storage of financial and employee records |
Transaction data from all bank accounts, includes names of all people who send or receive money to/from FSFE. |
To do our accounting |
Legal requirements (we have to keep them for 10 years by law) |
Financial team, tax consultant, legal authorities. |
Information older than X>10 (11?) years are deleted after the annual closure of our accounts (to be confirmed 2) |
Finance Archive |
(not an independent processing) |
SSH connections are logged (IP Addresses + username) |
for debugging and security purposes |
not applicable (not an independent processing) |
coordinator and deputy coordinator system administration team , finance team |
1 month |
FSFE website |
Per diem calculator (used for travels reimbursement) |
The data entered in the form |
To help staffers to calculate allowance |
Contract (employment/Intern contract) |
Website administrators can access log (to be confirmed 1) |
The data is not stored |
Nextcloud |
Nextcloud Account management |
Emails and usernames of registered users and the files they work with; calendar and contact entries; webserver logs (user agent) |
Main working tool for everyday tasks (from sharing documents to calendar and conatact management) |
Contract (employment/Intern contract) |
Service maintainers, system administrators |
account: (missing information 3) Data: unlimited / until user deletes data; logs of data: until service update |
Nextcloud |
(not an independent processing) |
webserver logs (user agent) |
Security and debugging |
not applicable (not an independent processing) |
Service maintainers, system administrators |
logs: until service update |
OTRS |
Job and internship applications |
Job and internship applications are stored as OTRS tickets, after a decision the ticket with attachments will be deleted |
Answering and reviewing applications |
Consent |
FSFE council members and staff. We may share the application with advisors and members |
(missing information 4). |
Security principles
- [DRAFT]
By default, we apply the following principles to assure the security of your data:
- we use only Free Software and open standards;
- we apply a need to know principle for all our processing;
- no password is in cleartext;
- we log the minimum amount of information to allow us to debug or assure the security of our system;
- we in general encourage staff and volunteers to use encryption for communication and file storage;
- very few people have access to servers where the data is stored