-
-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GDPR Meta Issue #3954
Comments
Our current plan with respect to logs is to:
|
As of today, we are only keeping 10 days of logs. |
Our privacy policy PR is here: #3978 |
Here's the code that governs when a user deletes their account: https://github.com/rtfd/readthedocs.org/blob/dc96c6d/readthedocs/profiles/views.py#L197-L213 It looks like this does in fact delete the user model (where the name and email is) and it does cascade to their social account connections (github/bitbucket) as well as their user profile (which doesn't have anything personal). This does not immediately delete documentation build artifacts or version control checkouts. These are public code repositories so they are probably not very sensitive but ideally they eventually get deleted. |
In our WIP privacy policy (#3978), I have detailed all the 3rd parties with whom we share data and what is shared. |
Currently Read the Docs can set the following 1st party cookies with the following durations:
The only 3rd party cookie I could find was a session cookie set by New Relic:
The CSRF and login cookies are definitely exempt from requiring a cookie agreement based on information here. Arguably the CSRF cookie should have a shorter timeframe but that's a separate issue. Because the New Relic cookie is a session cookie, it may be exempt. |
Do we need to obtain consent from users for each individual project in case that the project uses a Google Analytics Tracking ID? |
@csadorf Docs authors will not need to do anything. I'm aiming to avoid a specific cookie/consent notice on docs sites and that will probably involve some changes. Any necessary changes though will be made in the Read the Docs codebase and rolled out to all docs sites automatically. From a cookie standpoint, GA sets 1st party cookies which are not compliant currently but with some changes they may be. By default, the longest cookie lasts 2 years which is definitely unacceptable without consent. However, all of this is configurable and I should have this dialed in in the next couple weeks. GA can be run with a session cookie or even with no cookies whatsoever. In the last form, you'll lose things like the ability to differentiate new vs. returning visitors but all the rest of the data is there. From a sharing personally identifiable data standpoint, I don't believe anything is required since Read the Docs is already instructing GA to anonymize IPs (the only personally identifiable data under GDPR shared). I do think we can do better, but from a legal standpoint, I don't believe anything is required. Ideally, I think the solution is to proxy GA requests on Read the Docs' servers before sending to GA to anonymize data and generate a non-personal client ID in order to differentiate new vs. returning users. I think this solves the problem of sharing personal data and of the privacy complaints of visiting a docs site resulting in a request to We are also in the process of making people who have Do Not Track enabled not load GA whatsoever (#4046) so that might affect things as well. |
@davidfischer Thank you very much for clarifying. |
With respect to a data protection officer, we have created a small team internally to handle privacy related things. The email is [email protected]. |
With respect to advertising, when somebody clicks an ad, we store some data to prevent fraud, handle billing, and to report aggregated statistics to advertisers (more on that below). We store a user agent, an anonymized version of a user's IP address, and a client ID which will change periodically per user but will be unique for a limited period of time. We believe this is in line with the GDPR and it is acceptable from a Do Not Track perspective. We do not share personally identifiable information with advertisers such as users' IP addresses or possibly identifying info like user agents. We do not share even the anonymized IP address. We may share aggregated data (eg. a pie chart of countries where users clicked on the ad, % mobile vs. desktop, etc.). |
The privacy policy went live today: https://docs.readthedocs.io/en/latest/privacy-policy.html |
Moz had a pretty good blog yesterday regarding the GDPR and online marketing. Here's a brief summary:
|
We published our blog post on the GDPR and merged the somewhat related Do Not Track PR. As a result, I think we can close this. If issues related to compliance arise, we are committed to addressing them as separate action items. |
The GDPR comes into effect on May 25, 2018 and Read the Docs is going to use this to get our house in order. Read the Docs currently does not plan to do anything different for EU citizens than for anybody else. We want to respect user privacy as much as possible and so we're going to apply the stricter protections mandated by the GDPR to everybody.
It is unclear precisely what it means to be in compliance with the GDPR (if you are a lawyer with expertise in this subject, let us know!) but we are not going to use that as an excuse to throw up our hands and do nothing. Some of its provisions are clear enough.
The goal of this issue is to frame the discussion around the GDPR and how it applies to Read the Docs and to communicate what we are doing around data protections and privacy. This issue will be edited as more things are identified.
PERSONAL DATA
While Read the Docs tries not to collect very much personal information on users, we do collect some. Specifically, we collect at least:
We do not collect any data that is "considered sensitive" under the GDPR.
VARIOUS TASKS
These are things that I'm committing to by the May 25 deadline. This is a living list and should link to other issues where possible.
QUESTIONS
LINKS
EDIT HISTORY
The text was updated successfully, but these errors were encountered: