From Mageia wiki
Jump to: navigation, search
(add Note)
(update Note)
Line 1: Line 1:
 
{{draft}}
 
{{draft}}
  
{{Note|We haven't, so far, managed to write a privacy policy that is clear and complete. It might have been better to not have a privacy policy, instead of this one. See [https://ml.mageia.org/l/arc/dev/2014-03/msg00040.html]}}
+
{{Note|We haven't, so far, managed to write a privacy policy that is clear and complete. Trish is working on improving it}}
  
 
There are 3 different domains:
 
There are 3 different domains:

Revision as of 23:51, 5 March 2014

this page is a draft.
It requires improvements. If you want to improve it, simply log in and click on the Edit tab.

Please remove this {{Draft}}template, when you're sure the page is complete and correct.


View the other draft pages, or other pages to improve and maintain.
Note:
We haven't, so far, managed to write a privacy policy that is clear and complete. Trish is working on improving it

There are 3 different domains:

  1. the Mageia operating system, that you may install and use on your own computing devices;
  2. the Mageia project Web sites and online applications, as a visitor,
  3. the Mageia Web sites and tools, as a registered user and a contributor.

Who to contact

In case of question regarding this policy, please contact the Council, Board or contact AT mageia DOT org.

In case of emergency regarding something related to this policy or user or systems behavior, please mail contact AT mageia DOT org.

General rules

These policy are still/always in the making, so we can improve over time.

During this process, we start to disclose what we do, what we would like to do, what principles we would like to follow, and study what other projects do.


Mageia distribution privacy policy

TBD


Mageia.org Web sites & apps privacy policy

Web sites and services access logs

Most (if not all) web services keep access logs, that include: IP address, browser user-agent (and potentially any request header your user agent send to our servers). These logs are kept at least for one full year (see French law requirements below). They are used by sysadmins and board for service stats and audit, within mageia.org. Some of those logs may be aggregated and filtered to be publicly archived for further historical analytics (see bugs ...).

You can check https://bugs.mageia.org/buglist.cgi?keywords=logs for related bugs/requests/etc.

Web sites analytics

We currently use, for several of our Web sites the following tracking services:

  • Google Analytics - for: www.mageia.org, wiki.mageia.org, bugs.mageia.org (pending: forum.mageia.org, blog.mageia.org) - with anonymizeIp() provision (see web revisions r2056 and r2057).
  • wordpress.com and akismet (spam filter) for blog.mageia.org

These services collect anonymous traffic data and provide analytics on it. We use those to overview global behavior on our sites and apps, spot and get data to help discuss and improve those.

Access to these services is available through the board.

TODO tracking code and cookies, lifetime, scope.

There's a possibility we migrate to Piwik, but that is still a task to be done (benefits: keep data on our side, publicize reports more easily)

User account and data

We use a LDAP directory to store all registered users/contributors (username, public name, email, hashed password, other data) for: association members management, community members management, non-commercial email notification, authentication accross Mageia apps and services. This data is registered, updated and accessed through https://identity.mageia.org/.

Part of this data is transferred to/by other services, on the person's request, mostly for authentication: wiki.mageia.org, forum.mageia.org, blog.mageia.org, bugs.mageia.org, svn.mageia.org, git.mageia.org, ml.mageia.org, mageia.org/mailman.

Your location is inferred from your IP address and used by our download scripts (using MaxMind geoip lite database) to redirect you to a "best matching" mirror.

User contributed content

Mageia is a collaborative, public project, and all contributions (be it code, documentation, media, designs or discussions - in forums, wikis, bug trackers, code repositories, mailing-lists, IRC channels, etc.) are recorded, stored and made publicly available for further review. TODO license?


Projects

  • a dashboard may gather and cross some of this data to build: group/team pages, user pages, and on each, link to related docs through mageia.org resources (all packages/bugs relative to someone, or a team/group for instance) (see https://bugs.mageia.org/show_bug.cgi?id=1045)
  • a contributors' map may publish users location (opt-in only) (see https://bugs.mageia.org/show_bug.cgi?id=998)
  • a service to aggregate logs (web, mirrors, bugzilla, buildsystem, code repositories) and provide the possibility to visualize/extract useful patterns/info from it

All aggregated, anonymous, non-personally-identifying data are meant to be released within a metrics publishing/understanding system.

This is subject to change/improve, one way or the other.

French law requirements

Mageia servers are hosted in Marseille, France and under French legislation.

General principles

Orientations for the privacy policy for the project. Valid for web site, distribution/software, community tools.

MUST

  • be highly careful about users account, data
  • users can register, edit and remove their account at any time (with proper consideration regarding consequences)
  • educate users about their privacy, their public life online and netiquette
  • educate users, before and after their registration, about their involvement in the project and the publication of related data (commits, archives, forums, blogs, IRC logs, etc.):
    • "Chat rooms, forums, and/or news groups are available to our community. Any information that you disclosed in these areas becomes public information. Please exercise caution when deciding to disclose any personal information in those areas."
  • no redistribution of users personal identifying data outside of Mageia.org scope
  • user data must only be accessed per user approval and for its own use/benefit
  • disclose in detail what data is collected, by whom, why, what for, how long
  • disclose how to prevent some of this data to be collected anyway (opt out)
  • disclose who to contact in case of data abuse, leak, doubt, account forced removal, etc.
  • actual official privacy policy will be written/committed in a editable plain text format (rendered afterwise for better display, but source version is still available); each update/revision of this policy must be notified (blog/ml) with a rationale about the change and the related diff between the old and new versions.

SHOULD

  • user account removal should not harm apps and contents consistency

COULD

WILL NOT, NEVER

Proposals

It's not a black or white world. To improve our understanding of users and usages, we could need to use some info usually delivered transparently by users. So we need to list any type of user data we may be using at some level, to explain what we would use, why, or why not, and in what scope. Goal is to be explicit.

To be notified to users when using such services/software (through a privacy policy, a warning, terms of use, whatever), we would like to:

Type of information Intended usage Note
IP address Adapt Web sites or services to user location (local server, locale, other) A remote/local service may be queried to associate this IP address with a country/city location
Gather usage/downloads statistics (country/city level at most)
Browser headers Adapt Web sites or services to user preferences (locale, other)
Gather usage stats (locale, browser, device)
Cookie Keep user sessions on our Web apps
Cookie/events Collect anonymous traffic data for usage statistics and discovery A remote/local service may be used to collect and munch this data

Anonymous here means: not linking behaviour data to discovered/known user account (better definition?).

Remote/local service may be:

  • maxdata geodb
  • google analytics
  • piwik
  • other?

Other privacy policies