Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Data privacy statement #607
general information :
The laws for germany are quite confusing , since the more details law description is more valid then a general law.
My understanding so far:
The information stored needs to be connected to the functionality. There has to be a reason why this information is stored. Example : If you are a store shelling shoes , storing the personal information for each users shoe size is relevant. But if you ask the user for the size of his hand, this would be personal information that doesn't relate to your business and you have no use in storing.
The reason doesn't have to be super important it just has to be logical and in context and understandable for anyone who wants to sign up why you are doing it.
The level of detail for data privacy statements varies and has to be more researched.
Under some conditions you need a data privacy officer
Die Verpflichtung, einen Datenschutzbeauftragten einzusetzen, gilt für:
--- feature request:
as someone who is running the site / tool you have to take care for yourself to be up-to-date to on any changes on private data laws.
Question - should we fokus on the german laws or try to find orientation right away on the european ones?
I had a look into Discourse, they offer three places that are admin-editable (per site):
The ToS and Privacy statement are linked in the login window.
Maybe we can more or less copy that approach? We don't have a site admin interface yet though.
referenced this issue
Sep 4, 2017
I think @NerdyProjects was interested in drafting a data privacy statement for karrot that we could use on karrot.world (and offer to other people that want to self-host). How do you currently feel about it?
I don't know exactly what requirements it needs to fulfill, but many people are currently talking about GDPR which might become the gold standard for data privacy in the next years: https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
Separately from the legal concerns, I have the feeling that we should mention the following things:
In September I had an online service generate one for us: https://yunity.slack.com/archives/C1P0ECU8G/p1537537866000100