Add a GDPR (german: DSGVO) to the website

Bug #1780536 reported by kaputtnik
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Widelands Website
Fix Released
High
Unassigned

Bug Description

A GDPR (General Data Protection Regulation) is mandatory for Websites in the EU.

Links (German):
General: https://www.impulse.de/recht-steuern/rechtsratgeber/dsgvo-website/7304684.html
Minimum Requirements: https://www.impulse.de/recht-steuern/rechtsratgeber/datenschutzerklaerung/2393294.html
Gesetzestext: https://dsgvo-gesetz.de

Legal Text: https://gdpr-info.eu
----------------------------------

Todo:

Done:

- Create an English version of the privacy policy
- Check threadedcomments for using the IPAddressField and consider to exchange it with the userID or remove it from the model
- Create a GDPR and link it in the footer
- Removed IPAddressField from wiki, wlimages and pybb
- Cookie csrftoken set by Django for all website visitors: Consider reducing the expire date (currently 1 year)
- nginx: Delete server logs after 7 days
- Remove Google analytics
- Redesign the contact form and mark "First Name" and "Last Name" as an optional field
- Make it possible for a user to 'delete' himself -> bug 1790307

Related branches

kaputtnik (franku)
description: updated
Revision history for this message
kaputtnik (franku) wrote :

Finally i found some time and motivation to complete the "Verfahrensverzeichnis" for widelands.org.

The list contains all procedures a website visitor will be affected in conjunction with his personal data. This list contains the state of today. Hopefully i did not forget a thing.

In principle we have to inform our visitors of every listet procedure in the GDPR, but the most important thing is currently to provide a way to delete personal data, if a user wanted us to do so. I will create a new bug for this issue.

We should may agree if we want the third party procedures PayPal and Google analytics. The impact in regard to personal data for website visitors could be easily prevented if a user choose not allow third party cookies in his browser. So from my site i have nothing against using those. We have to explain how a user can make this setting though (link to explaining sites) in the GDPR.

The most impact in regard to personal data is google recaptcha...

kaputtnik (franku)
Changed in widelands-website:
status: New → Confirmed
importance: Undecided → High
Revision history for this message
GunChleoc (gunchleoc) wrote :

I think we already agreed that PayPal can go.

I am also in favor of not having Google Analytics - I remember looking into the service about 10 years ago and not being comfortable with the data collected. If we keep it on, maybe recommend to install the Privacy Badger plugin, which will allow people to block it easily.

Revision history for this message
kaputtnik (franku) wrote :

In my opinion we should have a possibility for donations for the people who want to support widelands but can't do it in another way -> https://wl.widelands.org/forum/topic/1771/

I am against using PayPal, but found no other solution so far...

Google analytics will be removed.

kaputtnik (franku)
description: updated
Revision history for this message
GunChleoc (gunchleoc) wrote :

There was a long e-mail conversation with SirVer about the subject and he has no problem paying for the server costs. That's all that the donations are used for.

If we wanted the donations for something else, e.g. paying for commissioned art or something, we'd need to found a charity or an e.V. and deal with all the taxes and paperwork.

Revision history for this message
kaputtnik (franku) wrote :

No one talked about donations for something else than the server, maybe i wrote ambiguous.

Lets remove the PayPal button then. If someone wants to make a donation, he/she has to write a PM to SirVer then.

Revision history for this message
kaputtnik (franku) wrote :

I have question about the CSRF cookie age. The value defaults to one year. See https://docs.djangoproject.com/en/1.11/ref/settings/#csrf-cookie-age for explanations.

Not sure if, or how, we should change this. With my minimum knowledge about it, i would vote for using a session based cookie.

kaputtnik (franku)
summary: - Add a GDPR (german: DSVGO) to the website
+ Add a GDPR (german: DSGVO) to the website
Revision history for this message
GunChleoc (gunchleoc) wrote :

Seems like it's a protection thing:

https://docs.djangoproject.com/en/1.11/ref/csrf/

But they have a session based one, so we can use that. We don't need to keep forms valid when people close their browsers IMO.

kaputtnik (franku)
description: updated
kaputtnik (franku)
description: updated
Revision history for this message
kaputtnik (franku) wrote :

@SirVer: Regarding the server logs created by nginx: As i understand logrotate is used on the server to rotate and delete old logfiles. logrotate is configured (/etc/logrotate.d/nginx) to run weekly and keep 52 logs, which means we have logs for a year (52 weeks per year). All i have read about server logs and storing the IP in regard to the GDPR (DSGVO) is to prevent server logging or anonymize the IP but the consensus is to allow to keep them for 7 days (like Strato do it). So i would suggest to change /etc/logrotate.d/nginx to run daily and apply 'rotate 7', which means no log files older than 7 days.

Resources:
https://linux.die.net/man/8/logrotate
https://serversforhackers.com/c/managing-logs-with-logrotate

Any remarks?

Revision history for this message
SirVer (sirver) wrote :

@franku: That sounds all very reasonable to me. I assume you do the change yourself, right?

Revision history for this message
kaputtnik (franku) wrote :

Yes, i just wanted to be sure :-)

Revision history for this message
kaputtnik (franku) wrote :

logrotate for nginx is changed. I had to delete old logs by hand. For sirver.net i left the old logs.

description: updated
Revision history for this message
kaputtnik (franku) wrote :

I have started to work on the privacy policy. Now i am thinking about having this as a wiki page, instead of a static page. We should maybe have two wiki pages: One in German and one in English.

Pros:
- A wiki page can be easily updated if something changes without the need to update trunk on the server

Cons:
- The wiki page has to be observed to get informed by changes, and may has to be reverted if the changes are unwanted.

Someone against making the privacy policy as a wiki page?

Revision history for this message
GunChleoc (gunchleoc) wrote :

I'd prefer not to have it as a wiki page. It's a legally sensitive area, and we don't want to have to monitor the trolls there, especially when we're out on vacation.

It would be good to have markdown, so it can be drafted in a forum compose window and then copy/pasted over.

Revision history for this message
kaputtnik (franku) wrote :

Good idea :-)

I have created a branch to store the privacy policy in the Database. It will be also possible to create the text in different languages then. The text for each language will be rendered into one page, which also will have a TOC, so one can easily switch to the language he prefers.

Attached a first draft of the text (already using markdown syntax) in German. Any remarks?

Revision history for this message
kaputtnik (franku) wrote :

The latest German revision of my suggested privacy policy can be found in the wiki sandbox: https://wl.widelands.org/wiki/WikiSandbox/

description: updated
kaputtnik (franku)
description: updated
kaputtnik (franku)
description: updated
Changed in widelands-website:
status: Confirmed → Fix Released
Revision history for this message
kaputtnik (franku) wrote :

@GunChleoc: Can you look into creating an English privacy policy? If you want i can try myself, but i guess it is much easier for you to write it from scratch instead of proofreading my attempt...

Changed in widelands-website:
status: Fix Released → In Progress
assignee: nobody → GunChleoc (gunchleoc)
description: updated
Revision history for this message
GunChleoc (gunchleoc) wrote :

I have translated the policy to English, so I think we can close this now?

Thank you so much for dealing with all the legalese for us!

I found 1 issue in the admin panel though - the "View on Site" button will result in an internal server error.

description: updated
Revision history for this message
GunChleoc (gunchleoc) wrote :

P.S. I have also changed "Lieber Besucher" to "Liebe Besucher" - using the plural to make it more gender neutral without being in your face about it.

Revision history for this message
kaputtnik (franku) wrote :

Thanks :-)

> the "View on Site" button will result in an internal server error.

I saw it... it will be fixed in the tabbed_profile branch.

Changed in widelands-website:
status: In Progress → Fix Released
assignee: GunChleoc (gunchleoc) → nobody
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers