From 19308b645b4775b1657307788a7ac499274922e2 Mon Sep 17 00:00:00 2001
From: rubenwardy <rw@rubenwardy.com>
Date: Sat, 5 Dec 2020 18:47:26 +0000
Subject: [PATCH] Add privacy policy

---
 app/flatpages/privacy_policy.md   | 82 +++++++++++++++++++++++++++++++
 app/templates/base.html           |  1 +
 app/templates/users/register.html |  4 ++
 3 files changed, 87 insertions(+)
 create mode 100644 app/flatpages/privacy_policy.md

diff --git a/app/flatpages/privacy_policy.md b/app/flatpages/privacy_policy.md
new file mode 100644
index 0000000..2cec127
--- /dev/null
+++ b/app/flatpages/privacy_policy.md
@@ -0,0 +1,82 @@
+title: Privacy Policy
+
+## What Information is Collected
+
+**All users:**
+
+* HTTP requests are logged, with the following information:
+	* Time
+	* IP address
+	* Page URL
+	* Response status code
+
+**With an account:**
+
+* Email address
+* Passwords (hashed and salted using BCrypt)
+* Profile information, such as website URLs and donation URLs
+* Comments and threads
+
+ContentDB collects usernames of content creators from the forums,
+as this is required to index forum topics.
+
+Packages, including releases, screenshots, and any meta information,
+are not considered personal information.
+
+Please avoid giving other personal information as we do not want it.
+
+## How this information is used
+
+* Logged HTTP requests may be used for debugging ContentDB.
+* Email addresses are used to:
+    * Provide essential system messages, such as password resets.
+    * Send notifications - the user may configure this to their needs, including opting out.
+* Passwords are used to authenticate the user.
+* Other information is displayed as part of ContentDB's service.
+
+## Who has access
+
+* Only the admin has access to the HTTP requests.
+  The logs may be shared with others to aid in debugging, but care will be taken to remove any personal information.
+* Emails are visible to moderators and the admin.
+  They have access to assist users, and they are not permitted to share email addresses.
+* Hashing protects passwords from being read whilst stored.
+  Only the admin has access to the ContentDB server.
+* Profile information is public, including URLs and linked accounts.
+* The visibility of comments depends on the visibility of threads.
+  They are either public, or visible only to the package author and editors.
+* We may be required to share information with law enforcement.
+
+## Period of Retention
+
+The server uses log rotation, meaning that any logged HTTP requests will be
+forgotten within a few weeks.
+
+Users may remove their packages, which makes them invisible to all users, but
+they will remain in the database until deleted by the admin.
+
+Usernames may be kept indefinitely, but other user information will be deleted if
+requested. See below.
+
+## Removal Requests
+
+Please [raise a report](https://content.minetest.net/help/reporting/) if you
+wish to remove your personal information.
+
+ContentDB keeps a record of each username and forum topic on the forums,
+for use in indexing mod/game topics. ContentDB also requires the use of a username
+to uniquely identify a package. Therefore, an author cannot be removed completely
+from ContentDB if they have any packages or mod/game topics on the forum.
+
+If we are unable to remove your account for one of the above reasons, your user
+account will instead be wiped and deactivated, ending up exactly like an author
+who has not yet joined ContentDB. All personal information will be removed from the profile,
+and any comments or threads will be deleted.
+
+
+## Future Changes to Privacy Policy
+
+We will alert any future changes to the privacy policy via email and
+via notices on the ContentDB website.
+
+By continuing to use this service, you agree to the privacy policy.
diff --git a/app/templates/base.html b/app/templates/base.html
index 2b7f408..aa919ae 100644
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -172,6 +172,7 @@
 		<a href="https://github.com/minetest/contentdb">GitHub</a> |
 		<a href="{{ url_for('flatpage', path='help') }}">{{ _("Help") }}</a> |
 		<a href="{{ url_for('flatpage', path='policy_and_guidance') }}">{{ _("Policy and Guidance") }}</a> |
+		<a href="{{ url_for('flatpage', path='privacy_policy') }}">{{ _("Privacy Policy") }}</a> |
 		<a href="{{ url_for('flatpage', path='help/reporting') }}">{{ _("Report / DMCA") }}</a> |
 		<a href="{{ url_for('users.list_all') }}">{{ _("User List") }}</a>
 
diff --git a/app/templates/users/register.html b/app/templates/users/register.html
index cb158bf..854c65e 100644
--- a/app/templates/users/register.html
+++ b/app/templates/users/register.html
@@ -26,6 +26,10 @@ Register
 			<code>{{ suggested_password }}</code>
 		</p>
 
+		<p>
+			Please read the <a href="{{ url_for('flatpage', path='privacy_policy') }}">{{ _("Privacy Policy") }}</a>.
+		</p>
+
 		{# Submit button #}
 		<p>
 			{{ render_submit_field(form.submit, tabindex=180) }}