Context Navigation

Changes between Version 1 and Version 2 of UserDataProtection

Timestamp:: Jul 5, 2018, 5:43:42 PM (6 years ago)
Author:: elexis
Comment:: Partial corrections, rephrase, remove claims of user consent since we can't get parental consent (GDPR article 8), remove claims of accurateness and completeness, add more TODOs

Legend:

: Unmodified
: Added
: Removed
: Modified

UserDataProtection

-              v1
+              v2
 This page summarizes the current status of Wildfire Games regarding user data protection. Even though the open nature of the development supports protection of your personal data, we have extra measures to take concerning what we hold on our servers.
+This page summarizes the current status of Wildfire Games regarding user data protection.
 This page is still being worked on and expanded. Contact us in case something is missing, or if you want to enforce your rights. TODO: create an email address for this.
+Disclaimer: This page is under construction, editable by everyone and can contain inaccurate or incomplete information. TODO: don't have it editable by anyone.
+== Description of our services ==
+Contact us if something is missing or if you want to request personal data. TODO: create an email address for this.
+We run a handful of services on our servers, they will be identified under the following names in the later sections.
+* **Multiplayer Lobby:** We host an XMPP server which is used for discussion between players and matchmaking.
+* **User Specifications Report:** 0 A.D. users can enable opt-in reports that send information about your hardware and other specs. The processed data is available at [http://feedback.wildfiregames.com/ this address].
+* **Forums:** The [https://wildfiregames.com/forum/ Wildfire Games Community Forums].
+* **Trac:** Our [https://trac.wildfiregames.com bug tracker].
+* **Phabricator:** Our [https://code.wildfiregames.com patch review platform].
+* **IRC logs:** We do not host ourselves the IRC service we use (we are on [https://www.quakenet.org/ QuakeNet]), but we keep a public log of the two IRC channels !#0ad and !#0ad-dev at [http://irclogs.wildfiregames.com this address]. We provide public logs of our staff meetings at [https://wildfiregames.com/meetinglogs/ this address].
+* **Code repository:** The [https://svn.wildfiregames.com/public/ SVN repository] and the git mirrors of it on [https://github.com/0ad/0ad GitHub] and [https://gitlab.com/0ad/0ad GitLab].
+Wildfire Games hosts the following online services:
+== Explicit consent ==
+* **Multiplayer Lobby:** This service allows players to play and chat about the game with others that are currently connected to the service.
+* **Hardware Report:** 0 A.D. players can enable reports in the main menu that send information about their hardware for the purpose of debugging and performance optimization. Anonymized data is published at [http://feedback.wildfiregames.com/ this address].
+* **Forums:** The [https://wildfiregames.com/forum/ Wildfire Games Community Forums] allows anyone to discuss Wildfire Games projects such as 0 A.D. and other arbitrary topics.
+* **Trac:** [https://trac.wildfiregames.com trac] is a bug and feature tracker used for software development.
+* **Phabricator:** [https://code.wildfiregames.com Phabricator] is a contribution review platform used for software development.
+* **IRC logs** refer to the record of the public IRC chat channels fot software development on !#0ad and !#0ad-dev of https://quakenet.org/ at http://irclogs.wildfiregames.com/ and our staff meetings at https://wildfiregames.com/meetinglogs/.
+* **Code repository:** The code of Pyrogenesis and 0 A.D. is hosted publicly at https://svn.wildfiregames.com/public/ and at the git mirrors at https://github.com/0ad/0ad and https://gitlab.com/0ad/0ad.
+* **Website**: TODO
+You should give your explicit consent before we start collecting data.
+== Services Terms ==
 * **Lobby:** You are presented with the Terms of Service when creating an account. #5218 will allow us to ask for your consent upon modification of those terms.
 * **User reports:** This is optional, enabling it is considered explicit consent. A "Technical Details" button gives you information about what is sent, if you want to enable it.
+* **Lobby:** In order to use the service you have to accept the Multiplayer Lobby Terms Of Service and Terms Of License. They can also be read at [https://code.wildfiregames.com/source/0ad/browse/ps/trunk/binaries/data/mods/public/gui/prelobby/common/terms/Terms_of_Service.txt Terms_of_Service.txt] and [https://code.wildfiregames.com/source/0ad/browse/ps/trunk/binaries/data/mods/public/gui/prelobby/common/terms/Terms_of_Service.txt Terms_of_Use.txt].
+* **User reports:** This is opt-in. A "Technical Details" button gives you information about what is sent, if you want to enable it. This can also be read [https://code.wildfiregames.com/source/0ad/browse/ps/trunk/binaries/data/mods/public/gui/manual/userreport.txt here].
 * **Forums:** TODO: It looks like the registration message displayed by IPB does not talk about data. Maybe this will be fixed in an upstream upgrade.
 * **Trac:** TODO: The Trac upstream does not provide anything for that, so maybe just link to this page?
 * **Phabricator:** TODO: Same as Trac. Phabricator has Legalpad but it won't show up in the registration screen, so maybe just link to this page?
 * **IRC logs:** Registration is handled by !QuakeNet, they are supposed to ask for your consent. Their [https://www.quakenet.org/terms Terms] are quite lacking, but their [https://www.quakenet.org/privacy Privacy] page will give you a good idea of the risks of saying sensitive stuff on IRC.
+* **Code repository:** Providing patches for inclusion will be considered as explicit consent to commit them.
+* **Code repository:** The data uploaded here serves the purpose of software development and documentation of code authorship. TODO
+* **Website:** TODO
 == Contents and purpose of your data ==
+TODO: This must be explained at the terms and conditions of the service and accepted prior to service use. Then we don't have to explain it twice and can remove all redundancies of this page.
 Please note that the server knows your IP address and will store it in logs. We may use these logs to identify abuse and store your address in blacklists to prevent it. However, unless the IP is cited in the listings below, we do not associate the IP with your account.
 …
 == Data erasure ==
 The biggest limitation to your rights to erase your data comes from the fact that your contributions (code, valuable information, suggestions, bug reports, ...) are needed to develop the game. We can look into anonymizing these contributions on a case-by-case basis. __Please contact us before trying to erase useful data, as it could be interpreted as vandalism.__
+The biggest limitation to your rights to erase your data comes from the fact that contribution to the project (code, feedback, suggestions, bug reports, ...) are used to develop the game. We can look into anonymizing these contributions on a case-by-case basis. Please contact us before trying to erase useful data, as it could be interpreted as vandalism.
 * **Lobby:** We will keep discussion logs and IP addresses for moderation purposes for two years. Deleting your rating data is not yet implemented (see **TODO do we have a ticket for this?** This is just a matter of running an SQL query, we can have a simple script at our disposal or add the feature to the bot, and making sure that the ratings of players who played rated games with the deleted user still work), contact us in the meantime.
+* **Lobby:** Deleting your data is not yet implemented (see **TODO do we have a ticket for this?** This is just a matter of running an SQL query, we can have a simple script at our disposal or add the feature to the bot, and making sure that the ratings of players who played rated games with the deleted user still work), contact us in the meantime.
 * **User reports:** TODO. We only have stale data that will be used in a testing environment, then deleted when we make the reporting work again. We must make sure that the new version of the reporter has an easy way of deleting the data given the ID (should be trivial to implement).
 * **Forums:** TODO: Does IPB provide a way to erase someone, i.e. the messages are associated to an anonymous user? I think they do but I need confirmation. Contact us if the content of some messages allow you to be identified anyways, so we can edit them.