GNU bug report logs - #43796
Privacy policy

Previous Next

Package: guix;

Reported by: "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de>

Date: Sun, 4 Oct 2020 15:35:03 UTC

Severity: normal

Full log

View this message in rfc822 format

From: "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de>
To: 43796 <at> debbugs.gnu.org
Subject: bug#43796: Privacy policy
Date: Sun, 4 Oct 2020 17:34:19 +0200

[Message part 1 (text/plain, inline)]
IANAL but I think Guix needs a privacy policy for both its website and
the Guix software in general.

Attached is a patch for the website that also documents data use by
Guix and Guix System.  Maybe I’ve overdone some parts and probably
something important is missing.

In particular, the GDPR requires IP addresses to be deleted from logs
after a reasonable time.  I think but am not sure the current process
for nginx is to delete only when the log files become too big.  A more
suitable policy must be implemented and the users must be told about
it, I think.  See <https://gdpr-info.eu/art-13-gdpr/>.

In general I think it is better to have an incomplete policy than to
have none.

Comments?

Regards,
Florian

[0001-website-Add-privacy-policy.patch (text/plain, attachment)]
This bug report was last modified 4 years and 251 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.