From a6149c9d7ae37b04f1b8bd06fc15795450f7bd63 Mon Sep 17 00:00:00 2001 From: dpgabot <96251909+dpgabot@users.noreply.github.com> Date: Thu, 5 May 2022 16:16:17 +0000 Subject: [PATCH 1/3] BLD: Add xcapit --- digitalpublicgoods/xcapit.json | 103 +++++++++++++++++++++++++++++++++ 1 file changed, 103 insertions(+) create mode 100644 digitalpublicgoods/xcapit.json diff --git a/digitalpublicgoods/xcapit.json b/digitalpublicgoods/xcapit.json new file mode 100644 index 000000000..7bde5fc8c --- /dev/null +++ b/digitalpublicgoods/xcapit.json @@ -0,0 +1,103 @@ +{ + "name": "Xcapit ", + "clearOwnership": { + "isOwnershipExplicit": "Yes", + "copyrightURL": "https://xcapit-foss.gitlab.io/documentation/" + }, + "platformIndependence": { + "mandatoryDepsCreateMoreRestrictions": "Yes", + "isSoftwarePltIndependent": "Yes", + "pltIndependenceDesc": "All components are open source and a small number have hard dependencies. These components have been developed in a modular way and using interfaces that can be implemented to break the dependency. For example, we have used Firebase Remote Config, but we have developed it using interfaces that can be implemented so as not to depend on Firebase services." + }, + "documentation": { + "isDocumentationAvailable": "Yes", + "documentationURL": [ + "https://xcapit-foss.gitlab.io/documentation/docs/app-wallet/getting_started", + "https://xcapit-foss.gitlab.io/documentation/docs/app-service/getting_started", + "https://xcapit-foss.gitlab.io/documentation/docs/notifications-service/getting_started" + ] + }, + "NonPII": { + "collectsNonPII": "Yes", + "checkNonPIIAccessMechanism": "Yes", + "nonPIIAccessMechanism": "Supports a REST API for data Access" + }, + "privacy": { + "isPrivacyCompliant": "Yes", + "privacyComplianceList": [ + "GDPR", + "Law 25326 Protection of Personal Data (Argentina)" + ], + "adherenceSteps": [ + "Consultations with specialists and lawyers", + "Terms and Conditions – Privacy Policy", + " Terms and conditions: https://xcapit.com/terms-and-conditions/", + "Privacy Policy: https://xcapit.com/privacy-policy/" + ] + }, + "standards": { + "supportStandards": "Yes", + "implementBestPractices": "Yes", + "standardsList": [ + " ISO/IEC 27001:2013", + "OWASP TOP TEN (10)", + "HTTPS", + "SSL", + "JWT (JSON Web Tokens)", + "REST (Representational State Transfer)", + "JSON (JavaScript Object Notation)" + ], + "evidenceStandardSupport": [ + "https://xcapit-foss.gitlab.io/documentation/docs/security-certifications-and-audits/iso27001certificate" + ], + "bestPracticesList": [ + "Test driven development", + "Pair Programming", + "Agile Development", + "CI", + "Code Review", + "Principles For Digital Development", + "Protect data in transit", + "Protect data at rest" + ] + }, + "doNoHarm": { + "preventHarm": { + "stepsToPreventHarm": "Yes", + "additionalInfoMechanismProcessesPolicies": "Xcapit Wallet uses the https protocol to ensure safe communication between the user and the system. The implementation of this product does not indicate any harmful intentions. We communicate to the user, for example, the importance of the 12 words in the wallet. The wallet is encrypted and is only stored on the user's device. All new functionality is tested using tests and subsequently functionality tested by Xcapit QAs before it's deployed to production." + }, + "dataPrivacySecurity": { + "collectsPII": "Yes", + "typesOfDataCollected": [ + "email", + "IP" + ], + "thirdPartyDataSharing": "No", + "ensurePrivacySecurity": "Unknown" + }, + "inappropriateIllegalContent": { + "collectStoreDistribute": "No" + }, + "protectionFromHarassment": { + "userInteraction": "No" + } + }, + "locations": { + "developmentCountries": [ + "Argentina", + "Mexico", + "Spain" + ], + "deploymentCountries": [ + "Argentina", + "Mexico", + "Colombia", + "Spain", + "Cuba", + "Venezuela", + "United States of America", + "Brazil", + "El Salvador" + ] + } +} From 54ea8c7fad36a0659f6d9bc4da0f487ea793ecbb Mon Sep 17 00:00:00 2001 From: nathanbaleeta Date: Fri, 6 May 2022 16:15:33 +0300 Subject: [PATCH 2/3] Update data privacy & security indicator et al. --- digitalpublicgoods/xcapit.json | 34 +++++++++++++++++++++++++--------- 1 file changed, 25 insertions(+), 9 deletions(-) diff --git a/digitalpublicgoods/xcapit.json b/digitalpublicgoods/xcapit.json index 7bde5fc8c..e7c74cf3c 100644 --- a/digitalpublicgoods/xcapit.json +++ b/digitalpublicgoods/xcapit.json @@ -1,5 +1,5 @@ { - "name": "Xcapit ", + "name": "Xcapit", "clearOwnership": { "isOwnershipExplicit": "Yes", "copyrightURL": "https://xcapit-foss.gitlab.io/documentation/" @@ -30,16 +30,14 @@ ], "adherenceSteps": [ "Consultations with specialists and lawyers", - "Terms and Conditions – Privacy Policy", - " Terms and conditions: https://xcapit.com/terms-and-conditions/", - "Privacy Policy: https://xcapit.com/privacy-policy/" + "Terms and conditions - https://xcapit.com/terms-and-conditions/", + "Privacy Policy - https://xcapit.com/privacy-policy/" ] }, "standards": { "supportStandards": "Yes", - "implementBestPractices": "Yes", "standardsList": [ - " ISO/IEC 27001:2013", + "ISO/IEC 27001:2013", "OWASP TOP TEN (10)", "HTTPS", "SSL", @@ -50,6 +48,7 @@ "evidenceStandardSupport": [ "https://xcapit-foss.gitlab.io/documentation/docs/security-certifications-and-audits/iso27001certificate" ], + "implementBestPractices": "Yes", "bestPracticesList": [ "Test driven development", "Pair Programming", @@ -73,13 +72,30 @@ "IP" ], "thirdPartyDataSharing": "No", - "ensurePrivacySecurity": "Unknown" + "dataSharingCircumstances": [ + "" + ], + "ensurePrivacySecurity": "Yes", + "privacySecurityDescription": "By law, all organizations that process your personal data are obliged to process your personal data in certain ways and to ensure that you are provided with an appropriate amount of information about how they use it. You also have various rights to seek information from those organizations about how they are using your data and to prevent them from processing it unlawfully. For more information about these rights, please see the “Your Rights” section of this Privacy Policy." }, "inappropriateIllegalContent": { - "collectStoreDistribute": "No" + "collectStoreDistribute": "No", + "type": "", + "contentFilter": "", + "policyGuidelinesDocumentationLink": "", + "illegalContentDetection": "", + "illegalContentDetectionMechanism": "" }, "protectionFromHarassment": { - "userInteraction": "No" + "userInteraction": "No", + "addressSafetySecurityUnderageUsers": "", + "stepsAddressRiskPreventSafetyUnderageUsers": [ + "" + ], + "griefAbuseHarassmentProtection": "", + "harassmentProtectionSteps": [ + "" + ] } }, "locations": { From 2006284599c76b3f907f6387c8ca88e8165a5e32 Mon Sep 17 00:00:00 2001 From: nathanbaleeta Date: Mon, 23 May 2022 21:33:33 +0300 Subject: [PATCH 3/3] Update status to DPG --- nominees/xcapit.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nominees/xcapit.json b/nominees/xcapit.json index 75e45285f..37aec90f7 100644 --- a/nominees/xcapit.json +++ b/nominees/xcapit.json @@ -65,5 +65,5 @@ "contact_email": "fer@xcapit.com" } ], - "stage": "nominee" + "stage": "DPG" }