0.txt (11151B)
1 Privacy Policy 2 ************** 3 4 Last Updated: 12.07.2022 5 6 This Privacy Policy describes the policies and procedures of GNUnet 7 e.V. (“we,” “our,” or “us”) pertaining to the collection, use, and 8 disclosure of your information on our sites and related mobile 9 applications and products we offer (the “Services”). This Privacy 10 Statement applies to your personal data when you use our Services, and 11 does not apply to online websites or services that we do not own or 12 control. 13 14 15 Overview 16 ======== 17 18 Your privacy is important to us. We follow a few fundamental 19 principles: We don’t ask you for personally identifiable information 20 (defined below). That being said, your contact information, such as 21 your phone number, social media handle, or email address (depending on 22 how you contact us), may be collected when you communicate with us, 23 for example to report a bug or other error related to TalDir. We don’t 24 share your information with third parties except when strictly 25 required to deliver you our Services and products, or to comply with 26 the law. If you have any questions or concerns about this policy, 27 please reach out to us at taldir@gnunet.org. 28 29 30 How you accept this policy 31 ========================== 32 33 By using our Services or visiting our sites, you agree to the use, 34 disclosure, and procedures outlined in this Privacy Policy. 35 36 37 What personal information do we collect from our users? 38 ======================================================= 39 40 The information we collect from you falls into two categories: (i) 41 personally identifiable information (i.e., data that could potentially 42 identify you as an individual) (“Personal Information”), and (ii) non- 43 personally identifiable information (i.e., information that cannot be 44 used to identify who you are) (“Non-Personal Information”). This 45 Privacy Policy covers both categories and will tell you how we might 46 collect and use each type. 47 48 We do our best to not collect any Personal Information from TalDir 49 users. The detailed Personal Information TalDir asks from you during 50 the regular registration process at the beginning is processed to 51 verify that your are actually the holder of a certain account. The 52 information is never stored in plain text and only used to create a 53 cryptographic account identifier which does not allow us to recover 54 any of your details. 55 56 That being said, when using our Services to register a mapping from 57 your identity to a wallet, we may inherently receive the following 58 information (depending on your choice of authentication method): 59 60 * Your phone number when using SMS authentication. We rely on third 61 party providers (such as your mobile network operator) to deliver 62 the SMS to you. These third parties will see the SMS message sent 63 to you and could thus learn that you are using TalDir. SMS is 64 inherently insecure, and you should expect many governments and 65 private parties to be able to observe these messages. However, 66 we do not store your phone number for SMS communication on our 67 systems, except maybe in short-term logs to diagnose errors. 68 69 * Your e-mail address when using E-mail authentication. We rely on 70 the Internet and your E-mail provider to deliver the E-mail to 71 you. Internet service providers will see the E-mail message sent 72 to you and could thus learn that you are using TalDir. E-mail is 73 inherently insecure, and you should expect many governments and 74 private parties to be able to observe these messages. However, 75 we do not store your E-mail address on our systems, except maybe 76 in short-term logs to diagnose errors. 77 78 * Your twitter handle when using Twitter authentication. We rely on 79 Twitter to deliver a message to you. Twitter will see the message 80 sent to you and could thus learn that you are using TalDir. 81 Twitter is inherently insecure, and you should expect many 82 governments and private parties to be able to observe these 83 messages. However, we do not store your twitter handle on our 84 systems, except maybe in short-term logs to diagnose errors. 85 86 * When you contact us. We may collect certain information if you 87 choose to contact us, for example to report a bug or other error 88 with the Taler Wallet. This may include contact information such 89 as your name, email address or phone number depending on the 90 method you choose to contact us. We strictly only use the 91 information provided by you in these instances to answer your 92 request or to deliver the services requested by you. 93 94 95 How we collect and process personal data 96 ======================================== 97 98 We may process your personal data for the following reasons: 99 100 * to authenticate you during registration 101 102 * to support you using Taldirs when you contact us 103 104 105 How we share and use the information we gather 106 ============================================== 107 108 We may share your authentication data with other providers that assist 109 us in performing the authentication. We will try to use providers that 110 to the best of our knowledge respect your privacy and have good 111 privacy practices. We reserve the right to change authentication 112 providers at any time to ensure availability of our services. 113 114 We primarily use the limited information we receive directly from you 115 to enhance TalDir. Some ways we may use your Personal Information are 116 to: Contact you when necessary to respond to your comments, answer 117 your questions, or obtain additional information on issues related to 118 bugs or errors with the TalDir application that you reported. 119 120 121 Agents or third party partners 122 ============================== 123 124 We may provide your Personal Information to our employees, 125 contractors, agents, service providers, and designees (“Agents”) to 126 enable them to perform certain services for us exclusively, including: 127 improvement and maintenance of our software and Services. 128 129 130 Protection of us and others 131 =========================== 132 133 We reserve the right to access, read, preserve, and disclose any 134 information that we reasonably believe is necessary to comply with the 135 law or a court order. 136 137 138 What personal information can I access or change? 139 ================================================= 140 141 You can request access to the information we have collected from you. 142 You can do this by contacting us at taldir@gnunet.org. We will make 143 sure to provide you with a copy of the data we process about you. To 144 comply with your request, we may ask you to verify your identity. We 145 will fulfill your request by sending your copy electronically. For any 146 subsequent access request, we may charge you with an administrative 147 fee. If you believe that the information we have collected is 148 incorrect, you are welcome to contact us so we can update it and keep 149 your data accurate. Any data that is no longer needed for purposes 150 specified in the “How We Use the Information We Gather” section will 151 be deleted after ninety (90) days. 152 153 154 What are your data protection rights? 155 ===================================== 156 157 GNUnet e.V. would like to make sure you are fully aware of all of your 158 data protection rights. Every user is entitled to the following: 159 160 **The right to access**: You have the right to request GNUnet e.V. for 161 copies of your personal data. We may charge you a small fee for 162 this service. 163 164 **The right to rectification**: You have the right to request that 165 GNUnet e.V. correct any information you believe is inaccurate. You 166 also have the right to request GNUnet e.V. to complete information you 167 believe is incomplete. The right to erasure - You have the right to 168 request that GNUnet e.V. erase your personal data, under certain 169 conditions. 170 171 **The right to restrict processing**: You have the right to request 172 that GNUnet e.V. restrict the processing of your personal data, 173 under certain conditions. 174 175 **The right to object to processing**: You have the right to object to 176 GNUnet e.V.'s processing of your personal data, under certain 177 conditions. 178 179 **The right to data portability**: You have the right to request that 180 GNUnet e.V. transfer the data that we have collected to another 181 organization, or directly to you, under certain conditions. 182 183 If you make a request, we have one month to respond to you. If you 184 would like to exercise any of these rights, please contact us at our 185 email: taldir@gnunet.org 186 187 You can always contact your local data protection authority to enforce 188 your rights. 189 190 191 Data retention 192 ============== 193 194 Information entered into our bug tracker will be retained indefinitely 195 and is typically made public. We will only use it to triage the 196 problem. Beyond that, we do not retain personally identifiable 197 information about our users for longer than one week. 198 199 200 Data security 201 ============= 202 203 We are committed to making sure your information is protected. We 204 employ several physical and electronic safeguards to keep your 205 information safe, including encrypted user passwords, two factor 206 verification and authentication on passwords where possible, and 207 securing connections with industry standard transport layer security. 208 You are also welcome to contact us using GnuPG encrypted e-mail. Even 209 with all these precautions, we cannot fully guarantee against the 210 access, disclosure, alteration, or deletion of data through events, 211 including but not limited to hardware or software failure or 212 unauthorized use. Any information that you provide to us is done so 213 entirely at your own risk. 214 215 216 Changes and updates to privacy policy 217 ===================================== 218 219 We reserve the right to update and revise this privacy policy at any 220 time. We occasionally review this Privacy Policy to make sure it 221 complies with applicable laws and conforms to changes in our business. 222 We may need to update this Privacy Policy, and we reserve the right to 223 do so at any time. If we do revise this Privacy Policy, we will update 224 the “Effective Date” at the top of this page so that you can tell if 225 it has changed since your last visit. As we generally do not collect 226 contact information and also do not track your visits, we will not be 227 able to notify you directly. However, TalDir clients may inform you 228 about a change in the privacy policy once they detect that the policy 229 has changed. Please review this Privacy Policy regularly to ensure 230 that you are aware of its terms. Any use of our Services after an 231 amendment to our Privacy Policy constitutes your acceptance to the 232 revised or amended agreement. 233 234 235 International users and visitors 236 ================================ 237 238 Our Services are (currently) hosted in Germany. If you are a user 239 accessing the Services from Switzerland, Asia, US, or any other region 240 with laws or regulations governing personal data collection, use, and 241 disclosure that differ from the laws of Germany, please be advised 242 that through your continued use of the Services, which is governed by 243 the law of the country hosting the service, you are transferring your 244 Personal Information to Germany and you consent to that transfer. 245 246 247 Questions 248 ========= 249 250 Please contact us at taldir@gnunet.org if you have questions about our 251 privacy practices that are not addressed in this Privacy Statement.