Replies: 4 comments
-
|
On a similar note, as a developer of some FOSS projects I have a website that has uses above and beyond best-practices in terms of the latest web security protocols. I currently have a privacy policy in place, but as a sole dev it’s somewhat difficult to know where to begin , i.e. where to start in applying for a review by Tos;DR. In other words, I want my privacy practices to be above and beyond best-practices just like my security practices are, and they very well may be, but both the wording of that policy and the specifics of the policy itself are both areas where I also become “stuck”, so to speak. |
Beta Was this translation helpful? Give feedback.
-
|
@mozdevcontrib Wording should definitely be determined by a contract attorney. This guide would only help a user identify what sort of things they should concern themselves with when they sit down with a lawyer to discuss their policies. These are things like "how should we handle updates to our policies," "what should our data retention policy be," or "what data processors should we share customer data with?" (In this context, "data processor" carries the same definition as defined in the GDRP). |
Beta Was this translation helpful? Give feedback.
-
|
I agree, though it's unfortunate, Individual site owners are at a disadvantage relative to those sites currently graded or still being discussed. Well, I'll just be happy with my B+ rating. Thank-you.
- intr0
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
…On Monday, August 26, 2019 6:31 AM, Foxtrek_64 ***@***.***> wrote:
@mozdevcontrib Wording should definitely be determined by a contract attorney. This guide would only help a user identify what sort of things they should concern themselves with when they sit down with a lawyer to discuss their policies. These are things like "how should we handle updates to our policies," "what should our data retention policy be," or "what data processors should we share customer data with?"
(In this context, "data processor" carries the same definition as defined in the GDRP).
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.[https://github.com/notifications/beacon/AL324UQHHQQCE6RTI4POLNDQGN2D3A5CNFSM4HMMD6DKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5DM7ZA.gif]
|
Beta Was this translation helpful? Give feedback.
-
|
I agree that a Best Practices guide would be useful for those of us who are trying to write a privacy policy, as it isn't always easy to figure out the best language to use. Right now, I'm pretty much just looking at a bunch of existing privacy policies and taking what looks like would be good, but I'd like to be able to know before I publish what kind of grade it would get. |
Beta Was this translation helpful? Give feedback.
-
I am a small business owner and I'm trying to get my TOS and Privacy Policy into order. I founded my business with the intent to have user-friendly policies, and such TOS;DR has become a service I strive to do well by, when am able to have my policies evaluated.
This wouldn't be an exhaustive list by any means, but it would be very handy for startups like me and for large corporations wanting to make their policies more user-friendly to have somewhat of a guide to follow.
This guide would be divided by category and would identify the "ideal world" best case for that category, address any caveats, and perhaps provide a few examples of companies or organizations that do that particular item well.
This is similar to the categories tab we already have, though it should go more in-depth into each category and should provide descriptions and rationales for user-friendly practices where possible.
Edit: This seems to at least partially exist on the wiki.
Beta Was this translation helpful? Give feedback.
All reactions