Difference between revisions of "Project:Privacy policy"
(Moved the server, as a consequence redirecting to an old screenshot at the internet archive before entering the privacy policy directly here.) |
|||
Line 1: | Line 1: | ||
− | + | = Privacy Policy = | |
+ | |||
+ | We obviously care tremendously about privacy and data protection principles. We want to be fully transparent with what our service does and how it works. If what follows is not clear, please address any question you might have to [mailto:dataprotection@personaldata.io dataprotection@personaldata.io]. | ||
+ | |||
+ | == For our users == | ||
+ | |||
+ | === Our core commitment === | ||
+ | |||
+ | We are committed to the interests of the users of the PersonalData.IO service, without any ambiguity. | ||
+ | |||
+ | We have embedded this commitment into our own governance: | ||
+ | |||
+ | '''We are a nonprofit organisation registered in Geneva, Switzerland.''' | ||
+ | |||
+ | We will never sell any of our users' data or even derivative products. The project is currently dependent on the core team's volunteering and donations. To put our service on a more sustainable financial footing in the future, we might eventually offer paying services. | ||
+ | |||
+ | === Value proposition to our users === | ||
+ | |||
+ | The core proposition of our service is to offer our users the possibility to request their personal data from many companies, in a convenient and scalable way, and under their explicit consent. If you are not a user of our service, we are unlikely to process your personal data unless some very particular exceptions apply (see below). | ||
+ | |||
+ | === Personal data we collect about users === | ||
+ | |||
+ | Taking a wide view of what constitutes personal data, currently we collect personal data about our users in the following ways: | ||
+ | |||
+ | # through the use of server logs; | ||
+ | # through our various forms, each designed for a very particular purpose and requiring your explicit consent; | ||
+ | # through security or tracking cookies (under our full control); | ||
+ | # through the registration form with our mailing list service; | ||
+ | # through responses you receive from data controllers, in the rare cases where this gets routed through us. | ||
+ | # through direct communication with you (customer service, for instance) | ||
+ | |||
+ | |||
+ | === Why we collect this data === | ||
+ | |||
+ | Of those: | ||
+ | |||
+ | # is necessary to some extent for security reasons (and therefore we limit what we collect to the last month); | ||
+ | # is absolutely necessary for the functioning of our site, and corresponds to data you have directly submitted yourself (the retention period would then be dependent on the particular service and the options you select then); | ||
+ | # is not necessary, but helpful to understand how our site is used (we use PikWik to aggregate the data). This constitutes personal data to the extent that some parts of the site are only accessible once you are logged in, and to one person only (consequently, together with 2., the individual user browsing our website might becomes identifiable; | ||
+ | # is not necessary, but is helpful to us as we are starting up. We don’t expect there would be a significant impact to you in us using that service; | ||
+ | # is obviously the most concerning from an end user’s perspective. In an ideal world, through cryptography, we would like us to only see your personal data transit through our service in encrypted form. There is theoretically no technical hurdle for this. Unfortunately, this would require that data controllers are well-versed into those tools, and willing to use them, but the laws usually don’t mandate any standard there. We will offer the option soon, and hope to slowly change practices in the industry. Meanwhile, we promise to make our utmost to get controllers to route your personal data to you directly, and in the rare cases where this cannot be done that way, to not access your personal data, to retain it for a limited period (6 months), and to erase it upon request; | ||
+ | # is necessary to make sure the service provided is of good quality, and to help understand through direct conversations the needs of our users. It is also sometimes required under our legal obligations (for instance for data subjects to exercise their rights, see below). | ||
+ | |||
+ | |||
+ | === Our data retention policy for users === | ||
+ | |||
+ | Our policy is currently to retain your personal data for 6 months, as a trial period after the General Data Protection Regulation coming into force. Within that initial trial period, we are improving our systems to give you more granular control on our retention policy, for instance per attribute and request. We think there is a clear tension between retaining data for as long as is needed to send the request, while retaining the capability to effectively offer additional help after the first response. We want to test this out as we improve our systems. However, we will of course honor any individual's requests on those matters in the interim. You can send your requests to [mailto:dataprotection@personaldata.io dataprotection@personaldata.io]. It is likely that our response will be to improve our systems for all, so we absolutely want to encourage you to make use of this option (or just send suggestions). | ||
+ | |||
+ | == For our non-users == | ||
+ | |||
+ | We do collect some personal data for non-users of our services, in very limited circumstances. | ||
+ | |||
+ | Indeed, in order to be able to connect our users with companies, we need to collect information about contact persons (such as Data Protection Officers) at those companies. This also constitutes personal data. Our legal basis for collecting this data is our legitimate interest to offer our services to our users. | ||
+ | |||
+ | If you are not a contact person at a company likely to process personal data, or have not reached out to us directly, we do not process your personal data. | ||
+ | |||
+ | == Supervisory authority == | ||
+ | |||
+ | Given that we are established in Switzerland, our processing of personal data, regardless of residency of the data subjects, is covered by the the Swiss Data Protection Act. This means our supervisory authority under that act is the Swiss [https://web.archive.org/web/20190506185109/https://www.edoeb.admin.ch/edoeb/en/home.html Federal Data Protection Commissioner]. | ||
+ | |||
+ | Additionally, for individuals residing in the European Union, the General Data Protection Regulation envisions that we would be subject to that Regulation as well, and obliges us to inform you of which would be our Supervisory Authority. However, this Regulation does not specify which would be the Supervisory Authority in the case of a data controller established in Switzerland, which we find very unfortunate: simply said, no one knows the answer we are supposed to provide. The best we can do is to suggest that you ask the [https://web.archive.org/web/20190506185109/http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm Data Protection Authority in your country of residence] for guidance on that matter. If you need assistance with this step, definitely let us know. | ||
+ | |||
+ | == Your personal data rights == | ||
+ | |||
+ | Regardless of whether you are a user or not of our services, and irrespective of your country of residence, we are committed to respecting the European General Data Protection Regulation (in addition of course to the Swiss Data Protection Act). | ||
+ | |||
+ | You have the following rights: | ||
+ | |||
+ | # right to be informed by us on any processing of your personal data; | ||
+ | # right to obtain a copy of your personal data (right of access); | ||
+ | # right to rectification of any incorrect or no longer relevant personal data; | ||
+ | # right to erasure of your personal data; | ||
+ | # right to object to the processing of your personal data, including the right to withdraw your consent; | ||
+ | # right to restrict the processing of your personal data; | ||
+ | # right to receive a copy of your personal data in a structured, commonly used and machine-readable format (right to portability); | ||
+ | # right for this personal data to be transferred directly to another data controller if technically feasible. | ||
+ | |||
+ | All these rights can be exercised by reaching out to [mailto:dataprotection@personaldata.io dataprotection@personaldata.io]. | ||
+ | |||
+ | == Contact == | ||
+ | |||
+ | Should you have any additional question on these matters, please contact us at [mailto:dataprotection@personaldata.io dataprotection@personaldata.io]. | ||
+ | |||
+ | With lots of data protection love, | ||
+ | |||
+ | PersonalData.IO | ||
+ | |||
+ | Date of last change: May 25th 2018. |
Revision as of 13:52, 6 January 2020
Privacy Policy
We obviously care tremendously about privacy and data protection principles. We want to be fully transparent with what our service does and how it works. If what follows is not clear, please address any question you might have to dataprotection@personaldata.io.
For our users
Our core commitment
We are committed to the interests of the users of the PersonalData.IO service, without any ambiguity.
We have embedded this commitment into our own governance:
We are a nonprofit organisation registered in Geneva, Switzerland.
We will never sell any of our users' data or even derivative products. The project is currently dependent on the core team's volunteering and donations. To put our service on a more sustainable financial footing in the future, we might eventually offer paying services.
Value proposition to our users
The core proposition of our service is to offer our users the possibility to request their personal data from many companies, in a convenient and scalable way, and under their explicit consent. If you are not a user of our service, we are unlikely to process your personal data unless some very particular exceptions apply (see below).
Personal data we collect about users
Taking a wide view of what constitutes personal data, currently we collect personal data about our users in the following ways:
- through the use of server logs;
- through our various forms, each designed for a very particular purpose and requiring your explicit consent;
- through security or tracking cookies (under our full control);
- through the registration form with our mailing list service;
- through responses you receive from data controllers, in the rare cases where this gets routed through us.
- through direct communication with you (customer service, for instance)
Why we collect this data
Of those:
- is necessary to some extent for security reasons (and therefore we limit what we collect to the last month);
- is absolutely necessary for the functioning of our site, and corresponds to data you have directly submitted yourself (the retention period would then be dependent on the particular service and the options you select then);
- is not necessary, but helpful to understand how our site is used (we use PikWik to aggregate the data). This constitutes personal data to the extent that some parts of the site are only accessible once you are logged in, and to one person only (consequently, together with 2., the individual user browsing our website might becomes identifiable;
- is not necessary, but is helpful to us as we are starting up. We don’t expect there would be a significant impact to you in us using that service;
- is obviously the most concerning from an end user’s perspective. In an ideal world, through cryptography, we would like us to only see your personal data transit through our service in encrypted form. There is theoretically no technical hurdle for this. Unfortunately, this would require that data controllers are well-versed into those tools, and willing to use them, but the laws usually don’t mandate any standard there. We will offer the option soon, and hope to slowly change practices in the industry. Meanwhile, we promise to make our utmost to get controllers to route your personal data to you directly, and in the rare cases where this cannot be done that way, to not access your personal data, to retain it for a limited period (6 months), and to erase it upon request;
- is necessary to make sure the service provided is of good quality, and to help understand through direct conversations the needs of our users. It is also sometimes required under our legal obligations (for instance for data subjects to exercise their rights, see below).
Our data retention policy for users
Our policy is currently to retain your personal data for 6 months, as a trial period after the General Data Protection Regulation coming into force. Within that initial trial period, we are improving our systems to give you more granular control on our retention policy, for instance per attribute and request. We think there is a clear tension between retaining data for as long as is needed to send the request, while retaining the capability to effectively offer additional help after the first response. We want to test this out as we improve our systems. However, we will of course honor any individual's requests on those matters in the interim. You can send your requests to dataprotection@personaldata.io. It is likely that our response will be to improve our systems for all, so we absolutely want to encourage you to make use of this option (or just send suggestions).
For our non-users
We do collect some personal data for non-users of our services, in very limited circumstances.
Indeed, in order to be able to connect our users with companies, we need to collect information about contact persons (such as Data Protection Officers) at those companies. This also constitutes personal data. Our legal basis for collecting this data is our legitimate interest to offer our services to our users.
If you are not a contact person at a company likely to process personal data, or have not reached out to us directly, we do not process your personal data.
Supervisory authority
Given that we are established in Switzerland, our processing of personal data, regardless of residency of the data subjects, is covered by the the Swiss Data Protection Act. This means our supervisory authority under that act is the Swiss Federal Data Protection Commissioner.
Additionally, for individuals residing in the European Union, the General Data Protection Regulation envisions that we would be subject to that Regulation as well, and obliges us to inform you of which would be our Supervisory Authority. However, this Regulation does not specify which would be the Supervisory Authority in the case of a data controller established in Switzerland, which we find very unfortunate: simply said, no one knows the answer we are supposed to provide. The best we can do is to suggest that you ask the Data Protection Authority in your country of residence for guidance on that matter. If you need assistance with this step, definitely let us know.
Your personal data rights
Regardless of whether you are a user or not of our services, and irrespective of your country of residence, we are committed to respecting the European General Data Protection Regulation (in addition of course to the Swiss Data Protection Act).
You have the following rights:
- right to be informed by us on any processing of your personal data;
- right to obtain a copy of your personal data (right of access);
- right to rectification of any incorrect or no longer relevant personal data;
- right to erasure of your personal data;
- right to object to the processing of your personal data, including the right to withdraw your consent;
- right to restrict the processing of your personal data;
- right to receive a copy of your personal data in a structured, commonly used and machine-readable format (right to portability);
- right for this personal data to be transferred directly to another data controller if technically feasible.
All these rights can be exercised by reaching out to dataprotection@personaldata.io.
Contact
Should you have any additional question on these matters, please contact us at dataprotection@personaldata.io.
With lots of data protection love,
PersonalData.IO
Date of last change: May 25th 2018.