Difference between revisions of "User:Alexbfree/GDPRTest"

From Wikibase Personal data
Jump to navigation Jump to search
(Created page with "{{User:Alexbfree/Code:GDPRMailAccess.js|Q3651}}")
(No difference)

Revision as of 09:54, 13 March 2020

const DATA_CONTROLLER_ITEM_ID = 96; // because Q96 is data controller" const INSTANCE_OF_PROPERTY = 'claims.P3'; // because P3 is the property "instance of"

function generateGDPRLink(dataControllerItemID) { // make an API call to expand the letter template, using this item. let api = new mw.Api();

   api.get( {

action: 'expandtemplates', text: '<a href=" ?subject=Subject%20Access%20Request%20to&body=Dear%20%2C%0A%0AThis%20message%20is%20a%20transparency%20request%20under%20the%20General%20Data%20Protection%20Regulation%2C%20including%20a%20subject%20access%20request%2C%20a%20portability%20request%2C%20and%20other%20specific%20provisions.%20Please%20note%20that%20it%20is%20not%20legal%20to%20%2Arequire%2A%20data%20subjects%20to%20use%20an%20in-house%20form%5B1%5D.%20%0A%0AI%20would%20like%20to%20request%20a%20copy%20of%20all%20my%20personal%20data%20held%20and%2For%20undergoing%20processing.%20This%20is%20both%20a%20subject%20access%20request%20and%20a%20portability%20request.%20This%20message%20is%20not%20in%20any%20way%20to%20be%20considered%20as%20a%20complaint.%0A%0ACopies%20of%20my%20personal%20data%0A%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0AThis%20request%20covers%20all%20my%20personal%20data%20%0A%0AFor%20any%20and%20all%20items%20where%20you%20do%20not%20hold%20any%20data%20about%20me%2C%20please%20explicitly%20confirm%20that%20you%20do%20not%20hold%20any%20data%20of%20that%20type%20about%20me.%0A%0AArticle%2020%0A----------%0AFor%20data%20falling%20within%20the%20right%20to%20data%20portability%20%28GDPR%20article%2020%29%2C%20which%20includes%20all%20data%20I%20have%20provided%20%2Aand%2A%20which%20have%20been%20indirectly%20observed%20about%20me%20%5B2%5D%20and%20where%20lawful%20bases%20for%20processing%20include%20consent%20or%20contract%2C%20I%20wish%20to%20have%20that%20data%3A%0A%0A-%20%20%20sent%20to%20me%20in%20commonly%20used%2C%20structured%2C%20machine-readable%20format%2C%20such%20as%20a%20CSV%20file.%20A%20PDF%20is%20not%20a%20machine-readable%20format%20%5B3%5D.%0A-%20%20%20accompanied%20with%20an%20intelligible%20description%20of%20all%20variables.%0A%0AArticle%2015%0A----------%0AFor%20all%20personal%20data%20not%20falling%20within%20portability%2C%20I%20would%20like%20to%20request%2C%20under%20the%20right%20to%20access%20%28GDPR%2C%20article%2015%29%3A%0A%0A-%20%20%20a%20copy%20sent%20to%20me%20in%20electronic%20format.%20This%20includes%20any%20data%20derived%20about%20me%2C%20such%20as%20opinions%2C%20inferences%2C%20settings%20and%20preferences.%20Note%20that%20opinions%2C%20inferences%20and%20the%20like%20are%20considered%20personal%20data%20%5B4%5D.%20For%20data%20that%20is%20available%20to%20the%20controller%20in%20machine%20readable%20format%2C%20it%20must%20be%20provided%20to%20me%20in%20that%20form%20in%20accordance%20with%20the%20principle%20of%20fairness%20and%20provision%20of%20data%20protection%20by%20design.%0A%0AIf%20your%20organisation%20considers%20me%20a%20controller%20for%20whom%20you%20process%0A-------------------------------------------------------------------%0AFurthermore%2C%20if%20your%20business%20considers%20me%20the%20controller%20of%20any%20personal%20data%20for%20which%20your%20business%20acts%20as%20processor%2C%20please%20provide%20me%20with%20all%20the%20data%20you%20process%20on%20my%20behalf%20in%20machine%20readable%20format%20in%20accordance%20with%20your%20obligation%20to%20respect%20my%20to%20determination%20of%20the%20means%20and%20purposes%20of%20processing.%0A%0AMetadata%20on%20processing%0A%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0AThis%20request%20also%20includes%20the%20metadata%20I%20am%20entitled%20to%20under%20the%20GDPR.%0A%0AInformation%20on%20controllers%2C%20processors%2C%20source%20and%20transfers%0A------------------------------------------------------------%0A%0A-%20The%20identity%20of%20all%20joint%20controllers%20of%20my%20personal%20data%2C%20as%20well%20as%20the%20essence%20of%20you%20contracts%20with%20them%20%28GDPR%20Article%2026%29.%0A%0A-%20Any%20third%20parties%20to%20whom%20data%20has%20been%20disclosed%2C%20named%20with%20contact%20details%20in%20accordance%20with%20Article%2015%281%29%28c%29.%20Please%20note%20that%20the%20European%20data%20protection%20regulators%20have%20stated%20that%20by%20default%2C%20controllers%20should%20name%20precise%20recipients%20and%20not%20%22categories%22%20of%20recipients.%20If%20they%20do%20choose%20to%20name%20categories%2C%20they%20must%20justify%20why%20this%20is%20fair%2C%20and%20be%20specific%2C%20naming%20%22the%20type%20of%20recipient%20%28i.e.%20by%20reference%20to%20the%20activities%20it%20carries%20out%29%2C%20the%20industry%2C%20sector%20and%20sub-sector%20and%20the%20location%20of%20the%20recipients%20%5B3%5D.%20Please%20note%20that%20in%20the%20case%20of%20any%20transferred%20data%20processed%20on%20the%20basis%20of%20consent%2C%20there%20is%20no%20option%20to%20just%20name%20categories%20of%20recipients%20without%20invalidating%20that%20legal%20basis%20%5B5%5D.%0A%0A-%20If%20any%20data%20was%20not%20collected%2C%20observed%20or%20inferred%20from%20me%20directly%2C%20please%20provide%20precise%20information%20about%20the%20source%20of%20that%20data%2C%20including%20the%20name%20and%20contact%20email%20of%20the%20data%20controller%28s%29%20in%20question%20%28%22from%20which%20source%20the%20personal%20data%20originate%22%2C%20Article%2014%282%29%28f%29%2F15%281%29%28g%29%29.%0A%0A-%20Please%20confirm%20where%20my%20personal%20data%20is%20physically%20stored%20%28including%20backups%29%20and%20at%20the%20very%20least%20whether%20it%20has%20exited%20the%20EU%20at%20any%20stage%20%28if%20so%2C%20please%20also%20detail%20the%20legal%20grounds%20and%20safeguards%20for%20such%20data%20transfers%29.%0A%0AInformation%20on%20purposes%20and%20legal%20basis%0A---------------------------------------%0A%0A-%20All%20processing%20purposes%20and%20the%20lawful%20basis%20for%20those%20purposes%20by%20category%20of%20personal%20data.%20This%20list%20must%20be%20broken%20down%20by%20purpose%2C%20lawful%20basis%20aligned%20to%20purposes%2C%20and%20categories%20of%20data%20concerned%20aligned%20to%20purposes%20and%20lawful%20bases.%20Separate%20lists%20where%20these%20three%20factors%20do%20not%20correspond%20are%20not%20acceptable%20%28Article%2029%20Working%20Party%20%5B6%5D%29.%20A%20table%20may%20be%20the%20best%20way%20to%20display%20this%20information.%0A%0A-%20The%20specified%20legitimate%20interest%20where%20legitimate%20interest%20is%20relied%20upon%20%28Article%2014%282%29%28b%29%29.%0A%0AInformation%20on%20automated%20decision-making%20%0A----------------------------------------%0A-%20Please%20confirm%20whether%20or%20not%20you%20make%20any%20automated%20decisions%20%28within%20the%20meaning%20of%20Article%2022%2C%20GDPR%29.%20If%20the%20answer%20is%20yes%2C%20please%20provide%20meaningful%20information%20about%20the%20logic%20involved%2C%20as%20well%20as%20the%20significance%20and%20the%20envisaged%20consequences%20of%20such%20processing%20for%20me.%20%28Article%2015%281%29%28h%29%29%0A%0AInformation%20on%20storage%0A----------------------%0A-%20Please%20confirm%20for%20how%20long%20each%20category%20of%20personal%20data%20is%20stored%2C%20or%20the%20criteria%20used%20to%20make%20this%20decision%2C%20in%20accordance%20with%20the%20storage%20limitation%20principle%20and%20Article%2015%281%29%28d%29.%0A%0A%0A%0AIf%20you%20do%20not%20normally%20deal%20with%20these%20requests%2C%20please%20pass%20this%20email%20to%20your%20Data%20Protection%20Officer.%20If%20you%20need%20advice%20on%20dealing%20with%20this%20request%2C%20any%20European%20Data%20Protection%20Authority%20should%20be%20able%20to%20provide%20you%20with%20assistance.%20%0A%0AIn%20accordance%20with%20the%20law%2C%20I%20look%20forward%20to%20hearing%20from%20you%20within%20one%20month%20of%20receipt.%0A%0ARegards%2C%0A%0A%3C%3C%20FIRST_NAME%20LAST_NAME%20%3E%3E%0A%0AReferences%3A%0A-----------%0A%5B1%5D%20UK%20Information%20Commissioner%E2%80%99s%20Office%2C%20Subject%20Access%20Code%20of%20Practice%20%289%20June%202017%29%20p13%3B%20Information%20Commissioner%E2%80%99s%20Office%2C%20%E2%80%98Guide%20to%20the%20GDPR%3A%20Right%20to%20access%E2%80%99%20%2822%20May%202019%29%3A%20%27Even%20if%20you%20have%20a%20form%2C%20you%20should%20note%20that%20a%20subject%20access%20request%20is%20valid%20if%20it%20is%20submitted%20by%20any%20means%2C%20so%20you%20will%20still%20need%20to%20comply%20with%20any%20requests%20you%20receive%20in%20a%20letter%2C%20a%20standard%20email%20or%20verbally%20%5B..%5D%20although%20you%20may%20invite%20individuals%20to%20use%20a%20form%2C%20you%20must%20make%20it%20clear%20that%20it%20is%20not%20compulsory%27.%0A%5B2%5D%20Article%2029%20Working%20Party%2C%20Guidelines%20on%20the%20Right%20to%20Data%20Portability%20%28WP%20242%29%2C%2013%20December%202016%2C%208.%0A%5B3%5D%20Article%2029%20Working%20Party%2C%20Guidelines%20on%20Transparency%20under%20Regulation%202016%2F679%20WP260%20rev.01%2C%2011%20April%202018.%0A%5B4%5D%20See%20Case%20C%E2%80%91434%2F16%20Peter%20Nowak%20v%20Data%20Protection%20Commissioner%20%5B2017%5D%20ECLI%3AEU%3AC%3A2017%3A994%2C%2034.%0A%5B5%5D%20Article%2029%20Working%20Party%2C%20Guidelines%20on%20Consent%20under%20Regulation%202016%2F679%20WP259%20rev.01%2C%2010%20April%202018%2C%2013.%0A%5B6%5D%20Article%2029%20Working%20Party%2C%20Guidelines%20on%20Transparency%20under%20Regulation%202016%2F679%20WP260%20rev.01%2C%2011%20April%202018%2C%20page%2035.


"> Request your data from </a> ' } ).done( function ( data ) {

       var expanded = $(data.expandtemplates["*"])
   	mw.notify( expanded , { autoHide: false } ); // pop up the notification with the link

} ); }

function claimUsesDataControllerAsItsObject(claim) { return dive( claim , 'mainsnak.datavalue.value')['numeric-id'] === DATA_CONTROLLER_ITEM_ID; }

mw.hook( 'wikibase.entityPage.entityLoaded' ).add( function ( entity ) {

    'use strict';
     
    // get the ID of the current page

var pageID = document.querySelector('.wikibase-title .wikibase-title-id').innerText.replace( /[()]/g, );

    //console.log(pageID);
    if (isDataController(entity)) {

generateGDPRLink(pageID);

    }

});

function isDataController(entity) { let foundThatThisIsAnInstanceOfDataController = false;

if ( typeof entity != "undefined" ) // if we are on the page of a loaded entity { if ( typeof check( entity, INSTANCE_OF_PROPERTY ) != "undefined" ) // if the entity has any "instance of" claim { let claims = dive( entity, INSTANCE_OF_PROPERTY ); // get the claims which use the "instance of" property if (claims.some(claimUsesDataControllerAsItsObject)) { foundThatThisIsAnInstanceOfDataController = true; } } } return foundThatThisIsAnInstanceOfDataController; }

function dive(array, read){ return read.split('.').reduce(indexinterpolate, array); }

function check(array, read){

       return read.split('.').reduce(indexcheck, array);

}