Add User Guidelines & update Privacy Policy #556

app/Resources/views/account/login.html.twig

@@ -16,6 +16,11 @@
     </div>
 {% endif %}
 
+<p>By logging in, you agree to follow our
+<a href="{{ path('acts_camdram_userguidelines') }}">User Guidelines</a> and confirm
+you are aware of our <a href="{{ path('acts_camdram_privacy') }}">Privacy
+Policy</a>.</p>
+
 {{ render(path('hwi_oauth_connect')) }}
 
 {% if not app.user or app.user.externalUsers | length == 0 %}

app/Resources/views/layout.html.twig

@@ -109,6 +109,7 @@
             <a href="{{ path('acts_camdram_about') }}">About Camdram</a><br/>
             <a href="{{ path('acts_camdram_development') }}">Development</a><br/>
             <a href="{{ path('acts_camdram_privacy') }}">Privacy &amp; Cookies</a><br/>
+            <a href="{{ path('acts_camdram_userguidelines') }}">User Guidelines</a><br/>
             <a href="{{ path('acts_camdram_faq') }}">FAQ</a><br/>
             <a href="{{ path('acts_camdram_contact_us') }}">Contact Us</a><br/>
         </div>

app/Resources/views/show/form.html.twig

@@ -31,7 +31,14 @@
 <div class="form-large-row">
     {{ form_label(form.societies) }}
     <div>
-        <p>Registered societies will appear in the search pop-up, but you can also add societies that aren't registered with Camdram. Adding a registered society allows its admins to approve and edit your show.
+        <p><small>
+            Registered societies will appear in the search pop-up,
+            but you can also add societies that aren't registered with Camdram.
+            Adding a registered society allows its admins to approve and edit
+            your show. &nbsp;
+            <a href="{{ path('acts_camdram_faq') }}#newsociety">How do societies
+            become registered with Camdram?</a>
+            </small>
         {{ form_errors(form.societies) }}</p>
         <div class="linked-societies" data-prototype="{% filter escape('html') %}{% include 'show/society-form.html.twig' with {society: form.societies.vars.prototype} %}{% endfilter %}">
             {% for society in form.societies %}
@@ -48,7 +55,15 @@
 <div class="form-large-row">
     {{ form_label(form.description) }}
     <div>
-         <p>You can now format your show descriptions using Markdown. Links just work, <strong>**bold**</strong>, <em>*italics*</em>, and <b style="display: inline-block">## Headings</b> are also available. See <a href="https://help.github.com/articles/basic-writing-and-formatting-syntax/">this page</a> for a rough guide, although not all features are available.</p>
+        <p><small>You can now format your show descriptions using Markdown.
+           Links just work, <strong>**bold**</strong>, <em>*italics*</em>,
+           and <b style="display: inline-block">## Headings</b> are also available.
+           See <a href="https://help.github.com/articles/basic-writing-and-formatting-syntax/" target="_blank">this page</a>
+           for a rough guide, although not all features are available.</small></p>
+
+        <p><small>Write this with the general public in mind – what is this show and why
+            should somebody come to see it? Don't mention auditions or production
+            team vacancies: you'll add them later.</small></p>
          {{ form_widget(form.description) }}
          {{ form_errors(form.description) }}
     </div>
@@ -86,6 +101,17 @@
     </div>
 </div>
 
+{% if not is_granted('APPROVE', form.vars.data) %}
+    <p class="panel">After you click 'Create', this show will not be public
+    until moderators (normally the society and venue adminstrators) approve it.
+    Please be patient: this may take a few days. You can make changes while waiting
+    for approval.
+    Camdram's volunteer site admins moderate shows without a registered society
+    or venue.
+    </p>
+{% endif %}
+
+
 {{ form_rest(form) }}
 
 <script>

app/Resources/views/show/new.html.twig

@@ -5,19 +5,22 @@
 {% block body %}
 
 <h3>Create a new show</h3>
+
 <div class="panel">
-    <p>Required fields are marked with an asterisk (*). You can change any field later, with the
-    possible exception of Society: please contact us to change it later if neccessary.
-    Once the show is created you'll be able to add a
-    publicity image (please ensure you have permission to use it!).</p>
-
-    <p>Write a Description with the general public in mind – what is this show and why
-    should somebody come to see it? You can add auditions and production team vacancies
-    separately once the show is created; they don't need to be mentioned here.</p>
-    {% if not is_granted('APPROVE', form.vars.data) %}
-        <p>When you click 'create', it will be sent to a moderator, who it check it over before it
-        appears on Camdram.</p>
-    {% endif %}
+    <p> Please ensure you're familiar with our
+        <a href="{{ path('acts_camdram_userguidelines') }}">User
+        Guidelines</a> and
+        <a href="{{ path('acts_camdram_faq') }}#suitability">Show
+        Suitability Guidelines</a> first.
+    </p>
+
+    <p> Required fields are marked with an asterisk (*). You don't need to enter
+        things like "Unknown" or "TBC" in other (optional) fields, and you can change
+        things later. Please do check for silly mistakes, though!
+        Publicity images, audition adverts and production team vacancies can be added
+        after the show is created.
+    </p>
+
 </div>
 <form action="{{ path("post_show") }}" method="post" class="">
 

app/Resources/views/static/privacy.html.twig

@@ -5,68 +5,148 @@
 {% block body %}
 <h2 id="privacy">Privacy Policy</h2>
 
-<p>This page describes what data camdram.net collects about you when you
-use the website. The general rule is that we try not to be evil;
-camdram.net does store and log personal information if you create an
-account with us, but we do not disclose it to anyone without good reason.
-If you have any questions, please contact
-<a href="mailto:support@camdram.net?Subject=Privacy%20policy" target="_top">support@camdram.net</a>.</p>
-
-<ul><li>Our web server collects the domain name and IP address of the
-host from which you access the internet, the browser software you use
-and your operating system, the date and time you access each page, and
-the domain name of the site which linked to camdram.net.</li>
-
-<li>This data is used to determine the number of visitors to different
-sections of our site, and to create statistics about what browser or
-operating system they use. We do not use it to track or record personal
-information. The raw data is not disclosed to anyone outside the
-camdram.net administrative team, with the exception of Google, our analytics
-provider—see below. Anonymised statistics may be made publicly available.</li>
-
-<li>When you create an account on camdram.net, you may provide
-optional personal information about yourself. This information is used
-to obtain anonymous statistics about the users of our site, and to
-contact you if you are a society administrator with questions we may
-have about your society's shows. The raw data is not disclosed to anyone
-outside the camdram.net administrative team. Anonymised statistics may
-be made publically available.</li>
-
-<li>In the event of technical issues with the website, error messages are
-sent to Sentry (<a href="https://sentry.io">https://sentry.io</a>), to
-enable us to identify and resolve problems as quickly as possible. If you
-are logged in at the time, your email address is included.</li>
-
-<li>If you identify yourself by logging in to camdram.net, we log any
-administrative actions you take on the website. This is used for
-debugging and security purposes. This information is not disclosed to
-anyone outside the camdram.net administrative team.</li>
-
-<li>The email address you register to your account may be visible to other
-relevant users in some scenarios. For example, when a email is sent to a
-society's admins, it is sent with recipients visible to each other for clarity.
-
-<li>We will provide any information to authorities if required to by
-law.</li></ul>
+<div class="panel">
+
+    <h4>Summary</h4>
+
+    <p>This page describes what data this website collects about you.
+    The general rule is that we try not to be evil;
+    Camdram does store and log some information for particular purposes,
+    but we do not disclose it to anyone without good reason.
+    If you have any questions, please contact
+    <a href="mailto:support@camdram.net?Subject=Privacy%20policy" target="_top">support@camdram.net</a>.
+    </p>
+</div>
+
+<p>This page uses the same noun and pronoun definitions as our
+<a href="{{ path('acts_camdram_userguidelines') }}">User Guidelines</a>.
+For legal purposes, the data controller is the collective group of volunteers
+who manage Camdram. Camdram is governed by English law.
+We will provide any information we hold to authorities if required to by law.</p>
+
+<p>We may update this Privacy Policy at any time. The applicable version
+    is always the one accessible on this website. If we make significant
+    changes, we will make reasonable efforts to tell registered users
+    about the change, usually via email. If you continue to use Camdram,
+    you agree to follow the latest version of the User Guidelines.
+    </p>
+
+<h4>Data collected whenever you visit this website</h4>
+
+<ul>
+    <li>Our web server collects the domain name and IP address of the
+    host from which you access the internet; the operating system and
+    browser software you use; the date and time you access each page; and
+    the domain name of the site which linked to Camdram.
+
+    <li>This data is used to determine the number of visitors to different
+    sections of our site, and to create statistics about what browser or
+    operating system they use. We do not use it to track or record personal
+    information. The raw data is not disclosed to anyone outside the
+    Camdram administrative team, with the exception of Google, our analytics
+    provider (see Cookies section below).
+    Anonymised statistics may be made publicly available.
+
+</ul>
+
+<h4>Data collected if you log in to Camdram</h4>
+
+<ul>
+    <li>If you choose to log in to Camdram, we collect and store the
+        name and email address you have associated with the login provider
+        you used (e.g. Raven, Facebook). By logging in, you consent to this and to
+        us contacting you via email very occasionally, with essential information
+        or queries regarding your use of Camdram.
+        In general, this is no more than two or three emails per year.
+
+    <li>The email address you register to your account may be visible to other
+        Camdram users in some scenarios. For example, when a email is sent to a
+        society's admins, it is sent with recipients visible to each other for clarity.
+
+    <li>In the event of technical issues with the website, error messages are
+        sent to Sentry (<a href="https://sentry.io" target="_blank">https://sentry.io</a>), to
+        enable us to identify and resolve problems as quickly as possible. If you
+        are logged in at the time, your email address is included in these error messages.
+        This data is not public, but will be available to certain people outside
+        the Camdram administrative team (for example, employees of Sentry).
+
+    <li>If you configure your Camdram log in account to be able to use more than
+        one login provider, we also store email addresses associated with the other
+        accounts, and information about these links (for example,
+        that a particular Facebook account is the same person as a particular Google
+        account). This information is not disclosed to
+        anyone outside the Camdram administrative team.
+
+    <li>You may also provide optional personal information about yourself as part
+        of your Camdram account. This information is used
+        to obtain anonymous statistics about the users of our site.
+        The raw data is not disclosed to anyone
+        outside the Camdram administrative team. Anonymised statistics may
+        be made publically available.
+
+    <li>We log any administrative actions you take on the website while logged in.
+        This is for debugging and security purposes. This information is not disclosed to
+        anyone outside the Camdram administrative team.
+
+</ul>
+
+<h4>Data added to Camdram by users</h4>
+
+<ul>
+    <li>Data contributed by site users is a fundamental part of Camdram's purpose.
+        This includes personal information, particularly names of people involved
+        with shows listed on Camdram.
+    <li>This data is available publicly, both within Camdram and via other websites
+        that reuse our data (including search engines and other websites).
+    <li>This information is submitted and managed by Camdram users individually,
+        rather than by the Camdram administrative team. Users submitting data to
+        Camdram are subject to our <a href="{{ path('acts_camdram_userguidelines') }}">
+        User Guidelines</a>.
+    <li>Requests to correct or remove this user-managed data, where possible,
+        should be made initially to the administrators for the particular show
+        listing(s). Society or venue administrators can also help with these requests.
+        Camdram provides contact forms for this purpose on show, society and venue pages.
+    <li>You can also <a href="{{ path('acts_camdram_contact_us') }}">contact</a> the
+        Camdram central administrative team with such requests if necessary. We will
+        always respect our obligations under law regarding these requests. Please
+        note, however, that we will need to verify identity before we can act, and
+        that as volunteers, our response times may be slower.
+    <li>If you feel another user is not complying with the User Guidelines,
+        please contact us and we will investigate.
+</ul>
+
+
+<br/>
 
 <h2 id="cookies">Cookies</h2>
-<p>To find out about what cookies are, take a look at these websites.</p>
+
+<p>There are good explanations of what 'cookies' are on other websites, such as: </p>
 <ul>
-    <li><a href="http://www.bbc.co.uk/privacy/cookies/">www.bbc.co.uk</a></li>
-    <li><a href="http://ico.org.uk/for_the_public/topic_specific_guides/online/cookies">The Information Commissioner's Office.</a></li>
+    <li><a href="http://www.bbc.co.uk/usingthebbc/cookies/what-do-i-need-to-know-about-cookies/" target="_blank">the BBC</a></li>
+    <li><a href="https://ico.org.uk/your-data-matters/online/cookies/" target="_blank">the Information Commissioner's Office</a></li>
 </ul>
-<h3>How does Camdram use cookies?</h3>
+<br/>
+
+<h4>How does Camdram use cookies?</h4>
+
 <p>Some cookies are strictly necessary in order for users to navigate
 around the site correctly. Camdram uses a cookie to maintain information
 about the current session, allowing a user to be uniquely identified between
 pages as they navigate around the site.</p>
-<p>Functionality cookies allow Camdram to enable the 'remember me' functionality
-for logging in to Camdram.</p>
-<p>Camdram uses Google Analytics to improve performance of the site and
-provide a better user experience. More information about what cookies are
-used by Google Analytics can be found <a href="https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage">here</a>.
-This is a tool commonly used on popular websites, including <a href="http://www.gov.uk">www.gov.uk</a> and
-<a href="http://www.bbc.co.uk">the BBC</a>. Google provide a plug-in for
-most common browsers allowing users to <a href="https://tools.google.com/dlpage/gaoptout">opt out</a>.
+
+<p>A cookie is also used to enable the 'remember me' functionality
+for logging in to Camdram. You only receive this cookie if you make use of that
+feature for convenience.</p>
+
+<p>Camdram uses Google Analytics to understand how our users interact with the site,
+improve performance, and provide a better user experience.
+Google Analytics is used by many popular websites (for example,
+<a href="http://www.gov.uk" target="_blank">Gov.uk</a> or
+<a href="http://www.bbc.co.uk" target="_blank">the BBC</a>)
+and depends on cookies to work correctly. More information about
+the cookies used by Google Analytics can be found
+<a href="https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage" target="_blank">here</a>.
+If you want to opt out of these cookies, Google provide
+<a href="https://tools.google.com/dlpage/gaoptout" target="_blank">a browser plug-in</a> for this.
 </p>
 {% endblock %}