Default privacy policy is not GDPR style

sbenthall · December 1, 2018, 2:41am

The default Privacy Policy has not been updated since 2013.

Since then, the GDPR has come into effect, and it would be good if the default privacy policy was compliant with it, perhaps modeled on the new CDCK privacy policy.

github.com

discourse/discourse/blob/55945ec7c8f975d1ac3e1695b0d8779b28823cfa/config/locales/server.en.yml#L3656

    
      
              You may notify the company under these terms, and send questions to the company, at <%{contact_email}>.
          
          
    The company may notify you under these terms using the e-mail address you provide for your account on the forum, or by posting a message to the homepage of the forum or your account page.
          
          
    <h2 id="heading--changes"><a href="#heading--changes">Changes</a></h2>
          
          
    The company last updated these terms on July 12, 2018, and may update these terms again.  The company will post all updates to the forum.  For updates that contain substantial changes, the company agrees to e-mail you, if you've created an account and provided a valid e-mail address.  The company may also announce updates with special messages or alerts on the forum.
          
          
    Once you get notice of an update to these terms, you must agree to the new terms in order to keep using the forum.
          
          
privacy_topic:
            title: "Privacy Policy"
            body: |
              <a name="collect"></a>
          
          
    ## [What information do we collect?](#collect)
          
          
    We collect information from you when you register on our site and gather data when you participate in the forum by reading, writing, and evaluating the content shared here.
          
          
    When registering on our site, you may be asked to enter your name and e-mail address. You may, however, visit our site without registering. Your e-mail address will be verified by an email containing a unique link. If that link is visited, we know that you control the e-mail address.

(I would love to work on this, but got hung up on the fact that all these server configurations are internationalized, and I can’t do that myself.)

[Forgive me if this is not the right place to log this. I’m trying to follow through on something discussed here, which may not have been the right place:

]

Topic		Replies	Views
Is the default privacy policy updated for the GDPR and can I leave it as is? support	5	580	October 16, 2020
GDPR compliance when using public user profiles feature	12	1580	August 22, 2018
Privacy Policy Link required for Facebook login App creation is not accepted support	26	3612	January 16, 2021
Privacy concerns for global Gen-Z audiences support privacy	7	339	December 4, 2023
Discourse Meta Privacy site feedback	6	1842	May 26, 2018

Default privacy policy is not GDPR style

Related Topics