summaryrefslogtreecommitdiff
path: root/contrib/pp/pp.rst
blob: e6d003d88d268e560004f3e6618268300e40718a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
Privacy Policy
==============

Last Updated: 11.12.2019

This Privacy Policy describes the policies and procedures of Taler Systems SA
(“we,” “our,” or “us”) pertaining to the collection, use, and disclosure of
your information on our sites and related mobile applications and products we
offer (the “Services” or “Taler Wallet”). This Privacy Statement applies to
your personal data when you use our Services, and does not apply to online
websites or services that we do not own or control.


Overview
--------

Your privacy is important to us. We follow a few fundamental principles: We
don’t ask you for personally identifiable information (defined below). That
being said, your contact information, such as your phone number, social media
handle, or email address (depending on how you contact us), may be collected
when you communicate with us, for example to report a bug or other error
related to the Taler Wallet. We don’t share your information with third
parties except when strictly required to deliver you our Services and
products, or to comply with the law. If you have any questions or concerns
about this policy, please reach out to us at privacy@taler-systems.net.


How you accept this policy
--------------------------

By using our Services or visiting our sites, you agree to the use, disclosure,
and procedures outlined in this Privacy Policy.


What personal information do we collect from our users?
-------------------------------------------------------

The information we collect from you falls into two categories: (i) personally
identifiable information (i.e., data that could potentially identify you as an
individual) (“Personal Information”), and (ii) non-personally identifiable
information (i.e., information that cannot be used to identify who you are)
(“Non-Personal Information”). This Privacy Policy covers both categories and
will tell you how we might collect and use each type.

We do our best to not collect any Personal Information from Taler Wallet
users. We believe that the Taler Wallet never transmits personal information
to our services without at least clear implied consent, and we only process
and retain information with a strict business need. That being said, when
using our Services, we inherently have to collect the following information:

   * Bank account details necessary when receiving funds from you to top-up your wallet or to transfer funds to you when you are being paid via Taler. At the current experimental stage, only the pseudonym and password you entered in the bank demonstrator is stored.

   * The amounts being withdrawn or deposited, with associated unique transaction identifiers and cryptographic signatures authorizing the transaction. Note that for purchases, we cannot identify the buyer from the collected data, so when you spend money, we only receive non-personal information.

   * When you contact us. We may collect certain information if you choose to contact us, for example to report a bug or other error with the Taler Wallet. This may include contact information such as your name, email address or phone number depending on the method you choose to contact us.


How we collect and process information
--------------------------------------

We may process your information for the following reasons:

   * to transfer money as specified by our users (Taler transactions);
   * to assist government entities in linking income to the underlying contract as required by law and local regulations
   * to support you using the Taler Wallet or to improve our Services


How we share and use the information we gather
----------------------------------------------

We may share your Personal Data or other information about you only if you are
a merchant receiving income, with your bank, to the degree necessary to
execute the payment.

We retain Personal Data to transfer funds to the accounts designated by our
users. We may retain Personal Data only for as long as mandated by law and
required for the wire transfers.

We primarily use the limited information we receive directly from you to
enhance the Taler Wallet. Some ways we may use your Personal Information are
to: Contact you when necessary to respond to your comments, answer your
questions, or obtain additional information on issues related to bugs or
errors with the Taler Wallet that you reported.


Agents or third party partners
------------------------------

We may provide your Personal Information to our employees, contractors,
agents, service providers, and designees (“Agents”) to enable them to perform
certain services for us exclusively, including: improvement and maintenance of
our software and Services.


Protection of us and others
---------------------------

We reserve the right to access, read, preserve, and disclose any information
that we reasonably believe is necessary to comply with the law or a court
order.


What personal information can I access or change?
-------------------------------------------------

You can request access to the information we have collected from you. You can
do this by contacting us at privacy@taler-systems.net. We will make sure to
provide you with a copy of the data we process about you. To comply with your
request, we may ask you to verify your identity. We will fulfill your request
by sending your copy electronically. For any subsequent access request, we may
charge you with an administrative fee. If you believe that the information we
have collected is incorrect, you are welcome to contact us so we can update it
and keep your data accurate. Any data that is no longer needed for purposes
specified in the “How We Use the Information We Gather” section will be
deleted after ninety (90) days.


What are your data protection rights?
-------------------------------------

Anastasis would like to make sure you are fully aware of all of your
data protection rights. Every user is entitled to the following:

**The right to access**: You have the right to request Anastasis for
 copies of your personal data. We may charge you a small fee for this
 service.

**The right to rectification**: You have the right to request that
Anastasis correct any information you believe is inaccurate. You also
have the right to request Anastasis to complete information you
believe is incomplete.  The right to erasure - You have the right to
request that Anastasis erase your personal data, under certain
conditions.

**The right to restrict processing**: You have the right to request
 that Anastasis restrict the processing of your personal data, under
 certain conditions.

**The right to object to processing**: You have the right to object to
 Anastasis's processing of your personal data, under certain
 conditions.

**The right to data portability**: You have the right to request that
 Anastasis transfer the data that we have collected to another
 organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you
would like to exercise any of these rights, please contact us at our
email: privacy@taler-systems.com

You can always contact your local data protection authority to enforce
your rights.


Data retention
--------------

If you uninstall the Taler Wallet mobile applications from your device, or
request that your information be deleted, we still may retain some information
that you have provided to us to maintain the Taler Wallet or to comply with
relevant laws.


Data security
-------------

We are committed to making sure your information is protected. We employ
several physical and electronic safeguards to keep your information safe,
including encrypted user passwords, two factor verification and authentication
on passwords where possible, and securing connections with industry standard
transport layer security. You are also welcome to contact us using GnuPG
encrypted e-mail. Even with all these precautions, we cannot fully guarantee
against the access, disclosure, alteration, or deletion of data through
events, including but not limited to hardware or software failure or
unauthorized use. Any information that you provide to us is done so entirely
at your own risk.


Changes and updates to privacy policy
-------------------------------------

We reserve the right to update and revise this privacy policy at any time. We
occasionally review this Privacy Policy to make sure it complies with
applicable laws and conforms to changes in our business. We may need to update
this Privacy Policy, and we reserve the right to do so at any time. If we do
revise this Privacy Policy, we will update the “Effective Date” at the bottom
of this page so that you can tell if it has changed since your last visit. As
we generally do not collect contact information and also do not track your
visits, we will not be able to notify you directly. However, the Taler Wallet
may inform you about a change in the privacy policy once it detects that the
policy has changed. Please review this Privacy Policy regularly to ensure that
you are aware of its terms. Any use of our Services after an amendment to our
Privacy Policy constitutes your acceptance to the revised or amended
agreement.


International users and visitors
--------------------------------

Our Services are hosted in Switzerland. If you are a user accessing the
Services from the European Union, Asia, US, or any other region with laws or
regulations governing personal data collection, use, and disclosure that
differ from Swiss laws, please be advised that through your continued use of
the Services, which is governed by Swiss law, you are transferring your
Personal Information to Switzerland and you consent to that transfer.


Questions
---------

Please contact us at privacy@taler-systems.net if you have questions about our
privacy practices that are not addressed in this Privacy Statement.