-
-
Notifications
You must be signed in to change notification settings - Fork 3
/
GDPR.txt
97 lines (84 loc) · 3.17 KB
/
GDPR.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# This file lists processing purposes and the personal data gathered by Flus.
# It is intended to hosting providers who want to provide a service based on
# Flus, to help them to comply to GDPR requirements. Note that the services
# powered by Flus may collect more data, HTTP logs in particular. As a
# hosting provider, you must inform your users of their rights and how their
# data are used and protected.
purpose: Connect users to their accounts
lawfulness: legitimate interest
purpose: Adapt the interface for the users
lawfulness: legitimate interest
purpose: Identify illegitimate sessions to prevent attacks
lawfulness: legitimate interest
purpose: Personalize the users' profiles
lawfulness: consent
purpose: Import data from Pocket
lawfulness: consent
data: email
required: yes
visibility: private
description:
The email address is used to connect users to the service. It is required
and must be verified to allow the hosting provider to communicate with its
users in case of compromise of personal data. It also can be used to notice
users of changes in the terms of service. Users can receive instructions to
reset their password at this address.
mitigation:
Users can use a relay service to anonymize their address to the hosting
provider. Users with non-validated email addresses are deleted from the
database 6 months after their inscription.
data: password
required: yes
visibility: private
description:
The password is used to connect users to the service.
mitigation:
Only hashes of the passwords are stored in database. It uses bcrypt with
default options to create the hashes (see PHP password_hash function).
data: username
required: yes
visibility: public
description:
The username is used to identify users publicly over the service.
mitigation:
Users can use a pseudonyme if they don’t want to use their real name.
data: ip
required: yes
visibility: private
description:
The IP is used to allow the users and the administrators to identify their
sessions, and eventually to detect a login by an attacker.
mitigation:
The last bit of the IP is anonymized.
data: user agent
required: yes
visibility: private
description:
The User Agent is used to allow the users and the administrators to
identify their sessions, and eventually to detect a login by an attacker.
mitigation:
Only the browser and the platform are stored (e.g. 'Firefox on Linux').
data: locale
required: yes
visibility: public
description:
The locale is used to translate the interface to the user's language.
mitigation:
The locale is not directly revealed publicly, but it can be guessed by
other users via the Atom feeds (which are automatically set to their
owners' language).
data: avatar
required: no
visibility: public
description:
Avatars are images used to distinguish users visually and express their
identity.
data: Pocket email
required: no
visibility: private
description:
The email used on https://getpocket.com, in order to connect to the service
and import data from it.
mitigation:
Flus can access this data only if the user explicitely allows it on
Pocket. The feature can be disabled by the hosting provider.