On Sat, Jun 02, 2018 at 08:53:07AM +0800, Paul Wise wrote: > On Fri, Jun 1, 2018 at 4:15 PM, Jonathan McDowell wrote: > > > We need a privacy policy on our website, describing the personal data we > > hold for people and what we do with it. This has become pressing due to > > the EU GDPR, but is something we generally should have anyway. I've > > attached a start (in wml, which I hope is helpful, though it's basically > > HTML and I originally wrote it in Markdown). > > This is a good start indeed. > > Some things that might be improved: > > Addition of retention information, especially for DebConf. > > lists.d.o should mention that third-parties also publicly archive.
Yup. There's lots of extra information that I think we can flesh it out with, but we need it up somewhere so service owners can comment and so we actually have *something* visible rather than waiting until it is 100% complete. > > One thing I couldn't figure out is /where/ this should live. It should > > definitely be linked from our front page. I thought under /legal/ might > > be a good place, but nothing else there is linked from the front page > > that I can see. I leave it to the wisdom of the web team to work out > > where might be best. > > I would suggest it be linked from both the front page and the footer. > > Ubuntu have it under /legal/ too: > > https://www.ubuntu.com/legal/dataprivacy J. -- /-\ | I wondered why I lost three stones |@/ Debian GNU/Linux Developer | last week. \- |
