Browse Source

Add GDPR privacy policy

develop 201805171109
Sam Black 2 years ago
parent
commit
ab898147f6
4 changed files with 469 additions and 59 deletions
  1. +36
    -2
      build.py
  2. +17
    -6
      templates/_footer.html
  3. +295
    -0
      templates/privacy.html
  4. +121
    -51
      templates/termsconditions.html

+ 36
- 2
build.py View File

@ -21,6 +21,7 @@ import distutils.dir_util
import logging
import os
import shutil
import subprocess
import time
import click
@ -56,6 +57,10 @@ config = {
"a Docker-like way, without using Docker.",
"https://code.lapwing.org/devops/sponson"),
),
"datestamps": (
("privacy", "templates/privacy.html"),
("termsconditions", "templates/termsconditions.html"),
),
"output": os.path.join(pwd, "build", "html"),
"templates": os.path.join(pwd, "templates"),
"assets": os.path.join(pwd, "assets"),
@ -124,6 +129,28 @@ def safe_copy(src, dest):
shutil.copy2(src, dest)
def git_date_stamp(file_path):
"""
Get the git recorded date stamp for the given file.
:param file_path: path to the file to get the date stamp
:type file_path: str
:return: date stamp of the file
:rtype: str
"""
cmd = ["git", "log", "-1", "--format=%cd", "--date=format:%Y-%m-%d",
file_path]
today = datetime.now().strftime("%Y-%m-%d")
try:
file_date = subprocess.run(cmd, stdout=subprocess.PIPE, check=True,
universal_newlines=True).stdout.strip()
except subprocess.CalledProcessError:
return today
return file_date if file_date else today
def build_website(minimize=False, lock=None):
"""
Build website.
@ -170,18 +197,25 @@ def build_website(minimize=False, lock=None):
srcpath = os.path.join(pwd, "assets", staticpath)
safe_copy(srcpath, config["output"])
current_year = datetime.now().year
if datetime.now() > datetime(current_year, 12, 25):
now = datetime.now()
current_date = now.strftime("%Y-%m-%d")
current_year = now.year
if now > datetime(current_year, 12, 25):
current_year += 1
env_globals = {
"site_name": config["site"]["name"],
"site_email": config["site"]["email"],
"current_year": current_year,
"current_date": current_date,
"menu": config["menu"],
"projects": config["projects"]
}
for datestamp, datestamp_file in config["datestamps"]:
env_globals["datestamp_{}".format(datestamp)] = git_date_stamp(
datestamp_file)
renderer = staticjinja.make_site(config["templates"], config["output"],
extensions=[AssetsExtension])
# We need to add webassets and globals to the Jinja Environment


+ 17
- 6
templates/_footer.html View File

@ -1,9 +1,20 @@
<hr class="uk-margin-remove">
<footer class="uk-container uk-margin">
<p>
<a href="/legal.html" rel="copyright">
<img alt="Creative Commons Licence" src="/img/cc-by-sa.png" />
{{ site_name }} &copy; Copyright 2012-{{ current_year }} Sam Black
</a>
</p>
<div data-uk-grid>
<div class="uk-width-2-3">
<a href="/legal.html" rel="copyright">
<img alt="Creative Commons Licence" src="/img/cc-by-sa.png" />
{{ site_name }} &copy; Copyright 2012-{{ current_year }} Sam Black
</a>
</div>
<div class="uk-width-1-3">
<a href="/termsconditions.html">
Terms and Conditions
</a>
:-:
<a href="/privacy.html">
Privacy Policy
</a>
</div>
</div>
</footer>

+ 295
- 0
templates/privacy.html View File

@ -0,0 +1,295 @@
{% extends "_base.html" %}
{% block page_content %}
<div class="uk-container uk-margin">
<h1>
Lapwing.Org Privacy Policy
<small class="uk-text-meta uk-text-small">
Last updated: {{ datestamp_privacy }}
</small>
</h1>
<p class="uk-text-lead">
We use your personal data to provide services and software from {{ site_name }}.
</p>
<article>
<section>
<h2 class="uk-heading-divider">Your rights</h2>
<p>
You have a number of rights that can be exercised with our use of your personal data, including;
</p>
<ul class="uk-list uk-list-bullet">
<li>
<span class="uk-text-bold">right to be informed</span>:
what, how and why we use your personal data
</li>
<li>
<span class="uk-text-bold">right of access</span>
you can request a copy of the personal data we hold on you
</li>
<li>
<span class="uk-text-bold">right to rectification</span>
any data we hold on you should be accurate, and where it is not,
you can have us correct it
</li>
<li>
<span class="uk-text-bold">right to erasure</span>
you can request we delete any personal data we have on you
</li>
<li>
<span class="uk-text-bold">right to restrict processing</span>
if you make a complaint to us about our use of your personal data,
we will stop using your data until we have concluded your complaint
</li>
<li>
<span class="uk-text-bold">right to data portability</span>
you can ask for a copy of your data that can be used in another service
</li>
<li>
<span class="uk-text-bold">right to object</span>
you can object to our processing of your personal data,
and we will respond to the complaint
</li>
<li>
<span class="uk-text-bold">rights related to automated decision making</span>
if we use your personal data in automated decision making,
you have the right to request a review of any decisions made by the automated process
</li>
</ul>
<p>
If you have provided consent for us to use your personal data,
you have the right to retract that consent at any point.
</p>
<p>
If you think we have not respected your personal data rights,
you can contact the <a href="https://ico.org.uk/concerns/">UK Information Commissioners' Office</a>,
or your local data protection authority, to lodge a complaint.<br/>
You are also allowed to pursue normal legal remedies through the UK courts.
</p>
</section>
<section>
<h2 class="uk-heading-divider">Contact us</h2>
<p>
If you have updates, objections or other inquiries about our use of your personal data,
please email Sam Black, the {{ site_name }} data controller,
using <a href="mailto:contact@lapwing.org">contact@lapwing.org</a>.
</p>
</section>
<section>
<h2 class="uk-heading-divider">How we use your data</h2>
<p>
We use your personal data for our legal obligations under UK law,
our legitimate interests listed below,
or where you have given explicit consent for us to process your personal data.
</p>
<p>
Our legitimate interests to process your personal data are:
</p>
<ul class="uk-list uk-list-bullet">
<li>
to provide the services or software you wish to access,
such as an email address to create an account
</li>
<li>
to respond to communications from you, via email, telephone or other methods
</li>
<li>
to ensure copyright is recorded for code or content you send to us,
using your email address and name to provide the appropriate attribution
</li>
<li>
to ensure the security of our services,
where we check for malicious behaviour from IP addresses and
restrict access to our services
</li>
<li>
to monitor the operation and performance of our services,
using your IP address to determine your country or
corresponding with you to fix faults with our services
</li>
</ul>
<p>
We use third parties that may collect your personal data, these are listed below.<br>
We do not otherwise transfer, sell, acquire or otherwise use your personal data with third parties.
</p>
<p>
You can read more detailed information about how we use your data below.
</p>
</section>
</article>
<article>
<h2 class="uk-heading-divider">Details of data processing by {{ site_name }}</h2>
<section>
<p>
{{ site_name }} operates principally from the UK,
as is subject to the laws and regulations of the UK.<br>
We may use your personal data for our legal obligations under UK law,
or to assist with law enforcement activities where legally required to do so.
</p>
</section>
<p>The following are a detailed list of legitimate interests for our use of your personal data.</p>
<section>
<h3 class="uk-heading-line"><span>Provision of services</span></h3>
<p>
To provide some services, an email address is required to be able to log in to {{ site_name }}.<br/>
We use this email address, and your IP address,
to provide services and information related to your account, such as:
</p>
<ul class="uk-list uk-list-bullet">
<li>
authenticate your log in, and check for unauthorised access to your account
</li>
<li>
to provide security information about your account,
such as password resets, or notifications of changes to your account
</li>
<li>
send your notifications of interactions on our services,
such as other users responding to your comments
</li>
</ul>
<p>
We will keep this data until 6 months after the last log in or other communication from you,
then, after contacting you to confirm deletion,
if we receive confirmation or no reply,
we will delete your email address and associated personal data.
</p>
</section>
<section>
<h3 class="uk-heading-line"><span>Responding to correspondence</span></h3>
<p>
If you contact us, we will need to keep your
email address, telephone number or other contact information
to allow us to respond to your queries or comments.
</p>
<p>
We will keep your personal data for up to 1 month after the last communication,
to allow us to determine if we have adequately fulfilled the correspondence.
</p>
</section>
<section>
<h3 class="uk-heading-line"><span>Record of copyright</span></h3>
<p>
Content submissions, such as source code, images or video, are automatically copyrighted,
and to allow for proper attribution, an email address is used for contacting the author.
</p>
<p>
We will keep this data for the lifetime of the copyrighted work.
</p>
</section>
<section>
<h3 class="uk-heading-line"><span>Security of services</span></h3>
<p>
Your IP address is collected when you connect to {{ site_name }},
and this is logged with the date and time, the nature of your connection,
and other information specific to the service.<br/>
This data is deleted after 7 days.
</p>
<p>
The logged data is processed to determine if the connection is attempting to
access the service in a malicious, disruptive, or otherwise harmful manner, and if so,
the IP address is restricted or blocked from accessing {{ site_name }}. <br/>
These IP addresses are stored for up to 1 month to enforce the restriction and
limit the harm caused to {{ site_name }},
and, if they have not tried to access {{ site_name }} maliciously again,
the IP address is deleted.
</p>
</section>
<section>
<h3 class="uk-heading-line"><span>Monitoring and improvement</span></h3>
<p>
Your IP address is collected when you connect to a {{ site_name }},
and this is logged, along with what information you requested.
</p>
<p>
We use the IP address to determine the country you are connecting from,
and store the country, along with non identifiable information from the connection,
such as application type, language, information requested, and time taken to process the request.<br>
We do not store your IP address once the country has been determined,
and your IP address is removed from the logs after 7 days.
</p>
<p>
This allows us to check popularity, performance,
and areas where we can improve in the future
for users of {{ site_name }}.
</p>
<p>
The logged data may also be processed to assess any technical faults with our services,
and your personal data will only be kept until we have fixed the fault,
or we do not need your personal information to fix the fault.<br>
We may use your email address, or other contact information,
to correspond with you to check if we've fixed the problem.
</p>
</section>
<section>
<h2 class="uk-heading-divider">Third Party Data Processing</h2>
<p>
{{ site_name }} use <a href="https://www.ovh.co.uk">OVH</a> for hosting {{ site_name }},
and are a Data Processor for {{ site_name }}.<br/>
OVH policies are available for:
</p>
<ul class="uk-list uk-list-bullet">
<li><a href="https://www.ovh.co.uk/personal-data-protection/">General policies</a></li>
<li><a href="https://www.ovh.co.uk/personal-data-protection/gdpr.xml#quality">GDPR policy for Data Processing</a></li>
</ul>
</section>
</article>
<article>
<h2 class="uk-heading-divider">Cookies</h2>
<p>
We use "cookies", small blobs of text stored on your computer by your browser,
to identify you with our services.<br>
These cookies do not store any personally identifiable information.
</p>
<p>
These cookies are strictly necessary for our services to operate correctly,
and are only used when you have an account with our service,
and provide:
</p>
<ul class="uk-list uk-list-bullet">
<li>personalization options</li>
<li>account preferences</li>
<li>log in security</li>
</ul>
<p>
You can set your browser to block these cookies,
but some parts of oru services will not work.
</p>
<p>
If you want to learn more about cookies,
please visit <a href="https://cookiesandyou.com" target="_blank">https://cookiesandyou.com</a>.
</p>
</article>
</div>
{% endblock %}

templates/legal.html → templates/termsconditions.html View File

@ -1,7 +1,13 @@
{% extends "_base.html" %}
{% block page_content %}
<div class="uk-container uk-margin">
<h1 class="uk-h2">Policies and Copyrights</h1>
<h1>
Lapwing.Org Terms and Conditions
<small class="uk-text-meta uk-text-small">
Last updated: {{ datestamp_termsconditions }}
</small>
</h1>
<p>
{{ site_name }} is owned and run by Sam Black.<br/>
@ -15,12 +21,121 @@
otherwise stated. No challenge to their status is intended.
</p>
<h2 class="uk-heading-divider">Products</h2>
<h4>Terms used</h4>
<dl>
<dt>{{ site_name }}, We</dt>
<dd>
The owners, operators or other authorised people who run {{ site_name }}.
</dd>
<dt>"{{ site_name }} Services"</dt>
<dd>
Online services, such as website, messaging or other services,
provided by {{ site_name }},
either directly or by third parties on {{ site_name }}'s behalf.
</dd>
<dt>"{{ site_name }} Software"</dt>
<dd>
Software or other products created by {{ site_name }}.
</dd>
<dt>You, Your, User</dt>
<dd>
Individuals or groups not affiliated with {{ site_name }}.
</dd>
</dl>
<hr>
<h2 class="uk-heading-divider">Governing Law and Jurisdiction</h2>
<p>
Your use of this website, products or other interactions with {{ site_name }},
and any dispute arising out of such use of the website, products or other interactions,
is subject to the laws of England, Northern Ireland, Scotland and Wales.
</p>
<h2 class="uk-heading-divider">Website and Online Services</h2>
<p>
For the purposes of this section, any services obtained
from "{{ site_name }}" (or "{{ site_name }}" operated accounts on third party servers),
is referred to as "{{ site_name }} Services",
regardless of type, application, distribution or other criteria.
</p>
<p>
All media or part thereof, unless otherwise stated,
are created by {{ site_name }} and
released under the
<a href="https://creativecommons.org/licenses/by-sa/4.0/">
Creative Commons Attribution-ShareAlike 4.0 International License</a>.<br/>
All other copyrights and trademarks are used without permission,
unless otherwise stated. No challenge to their status is intended.
</p>
<h3 class="uk-heading-line"><span>Third Party Sites</span></h3>
<p>
This site is not related to or affiliated with any other sites.
{{ site_name }} are not responsible for the consequences, content or other outcomes,
of using an external site.
</p>
<p>
Links to third party sites does not constitute
endorsement, promotion or other activities by {{ site_name }},
unless expressly otherwise stated.
</p>
<h3 class="uk-heading-line"><span>User Generated Content</span></h3>
<p>
{{ site_name }} is not responsible for the content
posted to "{{ site_name }} Services" by Users;
whilst {{ site_name }} try to keep "{{ site_name }} Services"
an open and safe place to communicate, invariably some uploads which
are, but not limited to, racist, obscene, inflammatory, sexist, or
ageist will be uploaded, and will be removed as soon as possible.
</p>
<h3 class="uk-heading-line"><span>Availability of Services</span></h3>
<p>
No guarantee is provided for the availability, quality, quantity or any fitness for purpose
of any "{{ site_name }} Services", or those provided by third parties for {{ site_name }}.<br/>
{{ site_name }} may alter, suspend, discontinue or limit any "{{ site_name }} Services" at any time,
without prior warning.
</p>
<p>
For the purposes of this section, any software or services obtained
from "{{ site_name }}" (or "{{ site_name }}" operated accounts on third party
servers), is referred to as "{{ site_name }} Software", regardless of type,
application, distribution or other criteria.
Whilst best effort is made to ensure services operate without errors, viruses or other malware,
{{ site_name }} do not give any warranty or guarantee in this regard.
</p>
<h3 class="uk-heading-line"><span>No Warranty Disclaimer</span></h3>
<p>
{{ site_name }} provided services are offered "as is" and on an "as available" basis,
and "{{ site_name }} Services" are offered without warranty of any kind, either expressed or
implied, including, but not limited to, the implied warranties of
design, merchantability, accurracy, compatibility or fitness for a particular purpose.
</p>
<p>
In no event, unless required by applicable UK law,
will {{ site_name }}, or any other third party who may contribute or operate the "{{ site_name }} Services",
be liable to you for damages, including any
general, special, incidental or consequential damages arising out of
the use or inability to use "{{ site_name }} Services"
(including but not limited to loss of data or data being rendered inaccurate or losses
sustained by you or third parties or a failure of
"{{ site_name }} services" to operate with any other programs or services),
even if such User or other party has been advised of the possibility of such damages.
</p>
<h2 class="uk-heading-divider">Products and Software</h2>
<p>
For the purposes of this section, any software obtained
from "{{ site_name }}" (or "{{ site_name }}" operated accounts on third party servers),
is referred to as "{{ site_name }} Software",
regardless of type, application, distribution or other criteria.
</p>
<h3 class="uk-heading-line"><span>Licenses</span></h3>
@ -111,50 +226,5 @@
HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
</p>
<h2 class="uk-heading-divider">Website</h2>
<p>
All media or part thereof, unless otherwise stated,
are created by the Developers of "{{ site_name }}" and
released under the
<a href="https://creativecommons.org/licenses/by-sa/4.0/">
Creative Commons Attribution-ShareAlike 4.0 International License</a>.<br/>
All other copyrights and trademarks are used without permission,
unless otherwise stated. No challenge to their status is intended.
</p>
<h3 class="uk-heading-line"><span>Disclaimer</span></h3>
<p>
This site is not related to or affiliated with any other sites.
{{ site_name }} are not responsible for the consequences of using an
external site.<br/>
{{ site_name }} is not responsible for the content of posts to the website
(or other services) by users; whilst Moderators try to keep the website
an open and safe place to communicate, invariably some uploads which
are, but not limited to, racist, obscene, inflammatory, sexist, or
ageist will be uploaded, and will be removed as soon as possible.
</p>
<h3 class="uk-heading-line"><span>Privacy Policy</span></h3>
<p>
Any communication with {{ site_name }} services, such as, but not limited
to, updating, downloading or querying packages or software in a repository,
visiting the website, using the issue tracker, or other means, is
treated with the strictest confidence.<br/>
The {{ site_name }} site may place a cookie on your computer if you
register on the website; this is to provide authentication with our
servers and is not used to track, harvest or scrape surfing information
from your computer.<br/>
We do not disclose any information to third parties, unless compelled
to by UK law.<br/>
We will not send you unsolicited emails ("spam"), nor unsolicited
instant messages ("spim"). If you receive emails from {{ site_name }},
please check the {{ site_name }} website for confirmation of any details.
</p>
</div>
{% endblock %}

Loading…
Cancel
Save