Bug 452 - Privacy policy is still a draft
Summary: Privacy policy is still a draft
Alias: None
Product: Websites
Classification: Unclassified
Component: www.mageia.org (show other bugs)
Version: trunk
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Atelier Team
QA Contact:
URL: https://wiki.mageia.org/en/Privacy_po...
Depends on: 13566
Blocks: 1045
  Show dependency treegraph
Reported: 2011-03-19 13:38 CET by Michael Scherer
Modified: 2016-06-11 21:28 CEST (History)
5 users (show)

See Also:
Source RPM:
Status comment:


Description Michael Scherer 2011-03-19 13:38:34 CET
The privacy policy is still a draft (http://mageia.org/wiki/doku.php?id=privacy_policy ). While we of course do not plan to do much with the data, we need to have one ( and I think a definite one ) to comply with Google Analytics TOS : http://www.google.com/intl/en/analytics/privacyoverview.html

The privacy policy should also ( IMHO ) be easier to find on the front page.


Steps to Reproduce:
Comment 1 Romain d'Alverny 2011-03-19 14:13:12 CET
Yes and yes.

I'm afraid we won't get to a definitive one easily/fast, so keeping it a draft, while still discussing/improving it is a good work plan - it doesn't make it less effective, especially if we keep on publishing transparently what is actually done.

About the plan of what to do with the data, we ought to be clear about what we would like to do, and what we won't do. One of the goal of the project is "improve our understanding of computers and electronics devices users" that goes through proper usage metrics analytics (among other things).

So making clear what is the goal, what is the data and how it is used is crucial here.

How can we move forward here? open the topic on -discuss with a work plan and gather ideas first (with a deadline)?

As for making it easier to find, we can put it in the global footer (not set yet). Both the About section and the general Website design (influencing global footer) are in the works (pending a direction doc sent earlier to web & marcom teams) but didn't go far at this time. Milestone for this is beta1 release.

CC: (none) => rdalverny

Ahmad Samir 2011-04-29 01:03:13 CEST

Blocks: (none) => 1045

Romain d'Alverny 2011-06-02 15:02:29 CEST

Assignee: mageia-webteam => rdalverny

Comment 2 Romain d'Alverny 2011-06-21 15:35:32 CEST
And we must declare this to CNIL (http://www.cnil.fr/ ) too.
Comment 3 Michael Scherer 2011-06-21 19:23:32 CEST
I think we are exempted from the CNIL, at least according to my understanding of the law and exception :

But maybe we are not talking of the same "this", or maybe I misunderstood the law.

So far, we have :
- a ldap database with email, surname, first name
- various mailling list ( technically at zarb.org but well that's the same )
- various database derivated from the ldap database
- log of connexions

So I guess we can count this as 1 database of personnal information ( ldap + databases such as bugzilla, forums ), since I think the apache log do not count as such ( there is no personal information AFAIK ).

The database is used for :
- managing member of the association
- managing member of the community 
- sending non commercial announce

So to me, it is ok, but I can send a email to cnil asking for clarification.
And looking at the declaration, there is nothing that correspond to what we do ( and the whole process is a little bit complex, so I would not start it if not needed )
Romain d'Alverny 2011-07-29 18:15:12 CEST


Comment 4 Romain d'Alverny 2011-10-05 18:02:50 CEST
Ok. Indeed for CNIL, it looks like we are exempted, for LDAP + public community web apps usage (as you said, bugzilla, forums, mls, code repos, buildsystem).

However, can we consider a public user/group directory (with maps) fall into the same category?

I think I will reformat the current policy document and tag it for public discussion and review on the list for a first limited time (like, 1 month).
Comment 5 Marja Van Waes 2012-01-08 18:36:16 CET
our privacy policy draft is now here

URL: (none) => https://wiki.mageia.org/en/Privacy_policy
CC: (none) => marja11

Romain d'Alverny 2012-08-21 16:39:53 CEST

Assignee: rdalverny => mageia-webteam

Dimitrios Glentadakis 2014-03-03 08:56:01 CET

CC: (none) => dglent

Rémi Verschelde 2014-07-06 10:02:54 CEST

CC: (none) => remi
Depends on: (none) => 13566

Comment 6 Filip Komar 2016-06-11 21:28:10 CEST
Not a draft anymore.

CC: (none) => filip.komar
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.