feat(GDPR): add GDPR.yml file to public/.well-known/

2022-03-15 17:00:34 +00:00 · 2022-03-15 17:00:34 +00:00 · 86bccc3d5c
parent 10d3f73786
commit 86bccc3d5c
2 changed files with 53 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -147,6 +147,8 @@ public/media/site
 !public/icon*
 !public/index.php
 !public/robots.txt
+!public/.well-known
+!public/.well-known/GDPR.yml

 # public media folder
 !public/media/podcasts
--- a/public/.well-known/GDPR.yml
+++ b/public/.well-known/GDPR.yml
@ -0,0 +1,51 @@
+# This file lists processing purposes and the personal data gathered by
+# Castopod.
+# It is intended for hosting providers who want to provide a service
+# based on Castopod, helping them to comply with GDPR requirements. Note
+# that the services powered by Castopod may collect more data, HTTP logs
+# in particular. As a hosting provider, you must inform your users of their
+# rights and how their data are used and protected.
+
+purposes:
+  - description: Connect users to their accounts
+    lawfulness: legitimate interest
+    data:
+      - field: username
+        required: yes
+        visibility: authenticated users
+        description: |
+          The username is used to identify users during the login process.
+          The username is only required for users accessing the admin area.
+        mitigation: The username does not have to be a real or known identity.
+        retention: forever
+
+      - field: user e-mail address
+        required: yes
+        visibility: administrators
+        description: |
+          The e-mail address is used for administrative purposes, to identify users
+          during the login process and in case of forgotten password.
+        retention: forever
+
+      - field: password
+        required: yes
+        visibility: private
+        description: |
+          The password is used to check the identity of users during the login
+          process.
+        mitigation: |
+          Only hashes (using the Argon2 key derivation function) of the passwords
+          are stored in the database (but they transit over the network).
+        retention: forever
+
+  - description: Claim ownership of a podcast
+    lawfulness: legitimate interest
+    data:
+      - field: Podcast e-mail address
+        required: yes
+        visibility: public
+        description: |
+          The podcast e-mail address is used to claim podcast ownership on other
+          platforms (such as Apple Podcasts).
+        mitigation: The e-mail can be generic.
+        retention: forever