Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Write privacy policies for Scorecards and GRACE #503

Closed
Tracked by #539
zarino opened this issue Apr 18, 2023 · 7 comments
Closed
Tracked by #539

Write privacy policies for Scorecards and GRACE #503

zarino opened this issue Apr 18, 2023 · 7 comments
Assignees
@struan @lucascumsille
Labels
project:scorecards
Milestone
2023 Climate Acti...

Comments

@zarino
Copy link
Member

zarino commented Apr 18, 2023

Separate PPs for Scorecards and GRACE, linked to from the site footers somewhere.

Don’t need to be anything ground-breaking. Use Local Intelligence Hub privacy policy as an example. There is more info about privacy policy requirements on the mySociety wiki.
@zarino zarino self-assigned this Apr 18, 2023
@emilyk383 emilyk383 mentioned this issue Jul 28, 2023
Closed
22 tasks
@zarino
Copy link
Member Author

zarino commented Aug 17, 2023

Draft Scorecards privacy policy:

https://docs.google.com/document/d/1vSe9-cSRbrMvsLEDn4oxKJOF4_-1CXfsMs12iPxAPkg/edit

Draft GRACE privacy policy:

https://docs.google.com/document/d/1vmw5Va5nwoA2u2ahefSg6zLD246DL280Q2yaAFz6ZnQ/edit

Need review from CEUK and Louise/Sam.

@zarino zarino mentioned this issue Sep 18, 2023
Open
1 task
@zarino
Copy link
Member Author

zarino commented Sep 18, 2023
edited
Loading

Discussed this today with @sagepe. Summary:

  • @sagepe to go away and think about whether mySociety should be described as a joint controller with CEUK, or whether CEUK are the controller and mySociety are the processor.
    • Note for future – we may want to include data controller/processor decision in our future MOUs with partners, to make this clearer from the outset.
  • @zarino to check missing a data retention period for GRACE user accounts data. Could we delete the accounts data (but probably keep the accounts themselves, just without emails or names) once the Scorecards are published?

Aside from those two issues, both drafts seem fine.

@sagepe also noted that we’re missing a privacy policy for CAPE. I’ve created a ticket for that here: #554

@zarino zarino mentioned this issue Sep 20, 2023
Closed
@zarino
Copy link
Member Author

zarino commented Sep 20, 2023
edited
Loading

Legitimate Interests tests now on the wiki at: https://wiki.mysociety.org/wiki/GRACE_GDPR_Legitimate_Interests_test and https://wiki.mysociety.org/wiki/CouncilClimateScorecards_GDPR_Legitimate_Interests_test.

TODO:

@zarino
Copy link
Member Author

zarino commented Sep 22, 2023

@sagepe I‘ve filled in the top half of the GRACE legitimate interests test wiki page – let me know if there are any changes you think I should make!

@sagepe
Copy link
Member

sagepe commented Sep 22, 2023

I've put a comment on the Talk page, as I think it would be good to track that discussion there for the sake of a complete record.

@sagepe
Copy link
Member

sagepe commented Sep 22, 2023

The GRACE LIT looks good to me. I've made a couple of slight tweaks to the Privacy Policy based on that.

@zarino zarino assigned struan and lucascumsille and unassigned zarino Oct 3, 2023
@lucascumsille lucascumsille mentioned this issue Oct 4, 2023
Merged
@zarino
Copy link
Member Author

zarino commented Oct 5, 2023

The Scorecards privacy policy has been merged into the scorecards-2023 branch, so will go live with that on 18th October.

And the GRACE privacy policy was deployed this morning.

So I think we’re done here!

@zarino zarino closed this as completed Oct 5, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@struan struan

@lucascumsille lucascumsille

Labels
project:scorecards
Projects
None yet
Milestone
2023 Climate Action Scorecards ready ...
Development

No branches or pull requests
4 participants
@struan @zarino @sagepe @lucascumsille