[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#43796: Privacy policy
From: |
pelzflorian (Florian Pelz) |
Subject: |
bug#43796: Privacy policy |
Date: |
Sun, 4 Oct 2020 17:34:19 +0200 |
IANAL but I think Guix needs a privacy policy for both its website and
the Guix software in general.
Attached is a patch for the website that also documents data use by
Guix and Guix System. Maybe I’ve overdone some parts and probably
something important is missing.
In particular, the GDPR requires IP addresses to be deleted from logs
after a reasonable time. I think but am not sure the current process
for nginx is to delete only when the log files become too big. A more
suitable policy must be implemented and the users must be told about
it, I think. See <https://gdpr-info.eu/art-13-gdpr/>.
In general I think it is better to have an incomplete policy than to
have none.
Comments?
Regards,
Florian
0001-website-Add-privacy-policy.patch
Description: Text document