Update privacy policy

- Add preferred language
- Add admin bulk email sending
- Update location
This commit is contained in:
rubenwardy 2022-01-23 17:55:23 +00:00
parent 56539bb369
commit ade75ace49
2 changed files with 15 additions and 8 deletions

@ -1,5 +1,8 @@
title: Privacy Policy title: Privacy Policy
Last Updated: 2022-01-23
([View updates](https://github.com/minetest/contentdb/commits/master/app/flatpages/privacy_policy.md))
## What Information is Collected ## What Information is Collected
**All users:** **All users:**
@ -15,8 +18,9 @@ title: Privacy Policy
* Email address * Email address
* Passwords (hashed and salted using BCrypt) * Passwords (hashed and salted using BCrypt)
* Profile information, such as website URLs and donation URLs * Profile information, such as website URLs and donation URLs
* Comments and threads * Comments, threads, and reviews
* Audit log actions (such as edits and logins) and their time stamps * Audit log actions (such as edits and logins) and their time stamps
* Preferred language/locale. This defaults to your browser's locale, but can be changed by the user
ContentDB collects usernames of content creators from the forums, ContentDB collects usernames of content creators from the forums,
as this is required to index forum topics. as this is required to index forum topics.
@ -30,10 +34,12 @@ Please avoid giving other personal information as we do not want it.
* Logged HTTP requests may be used for debugging ContentDB. * Logged HTTP requests may be used for debugging ContentDB.
* Email addresses are used to: * Email addresses are used to:
* Provide essential system messages, such as password resets. * Provide essential system messages, such as password resets and privacy policy updates.
* Send notifications - the user may configure this to their needs, including opting out. * Send notifications - the user may configure this to their needs, including opting out.
* The admin may use ContentDB to send emails when they need to contact a user.
* Passwords are used to authenticate the user. * Passwords are used to authenticate the user.
* The audit log is used to record actions that may be harmful * The audit log is used to record actions that may be harmful.
* Preferred language/locale is used to translate emails and the ContentDB interface.
* Other information is displayed as part of ContentDB's service. * Other information is displayed as part of ContentDB's service.
## Who has access ## Who has access
@ -43,7 +49,7 @@ Please avoid giving other personal information as we do not want it.
* Encrypted backups may be shared with selected Minetest staff members (moderators + core devs). * Encrypted backups may be shared with selected Minetest staff members (moderators + core devs).
The keys and the backups themselves are given to different people, The keys and the backups themselves are given to different people,
requiring at least two staff members to read a backup. requiring at least two staff members to read a backup.
* Emails are visible to moderators and the admin. * Email addresses are visible to moderators and the admin.
They have access to assist users, and they are not permitted to share email addresses. They have access to assist users, and they are not permitted to share email addresses.
* Hashing protects passwords from being read whilst stored in the database or in backups. * Hashing protects passwords from being read whilst stored in the database or in backups.
* Profile information is public, including URLs and linked accounts. * Profile information is public, including URLs and linked accounts.
@ -52,11 +58,12 @@ Please avoid giving other personal information as we do not want it.
* The complete audit log is visible to moderators. * The complete audit log is visible to moderators.
Users may see their own audit log actions on their account settings page. Users may see their own audit log actions on their account settings page.
Owners, maintainers, and editors may be able to see the actions on a package in the future. Owners, maintainers, and editors may be able to see the actions on a package in the future.
* Preferred language can only be viewed by this with access to the database or a backup.
* We may be required to share information with law enforcement. * We may be required to share information with law enforcement.
## Location ## Location
The ContentDB production server is currently located in Canada. The ContentDB production server is currently located in Germany.
Backups are stored in the UK. Backups are stored in the UK.
Encrypted backups may be stored in other countries, such as the US or EU. Encrypted backups may be stored in other countries, such as the US or EU.

@ -79,7 +79,7 @@ def send_unsubscribe_verify(email, locale):
mail.send(msg) mail.send(msg)
@celery.task() @celery.task(rate_limit="10/m")
def send_email_with_reason(email: str, locale: str, subject: str, text: str, html: str, reason: str): def send_email_with_reason(email: str, locale: str, subject: str, text: str, html: str, reason: str):
sub = get_email_subscription(email) sub = get_email_subscription(email)
if sub.blacklisted: if sub.blacklisted:
@ -95,14 +95,14 @@ def send_email_with_reason(email: str, locale: str, subject: str, text: str, htm
mail.send(msg) mail.send(msg)
@celery.task() @celery.task(rate_limit="10/m")
def send_user_email(email: str, locale: str, subject: str, text: str, html=None): def send_user_email(email: str, locale: str, subject: str, text: str, html=None):
with force_locale(locale or "en"): with force_locale(locale or "en"):
return send_email_with_reason(email, locale, subject, text, html, return send_email_with_reason(email, locale, subject, text, html,
gettext("You are receiving this email because you are a registered user of ContentDB.")) gettext("You are receiving this email because you are a registered user of ContentDB."))
@celery.task() @celery.task(rate_limit="10/m")
def send_anon_email(email: str, locale: str, subject: str, text: str, html=None): def send_anon_email(email: str, locale: str, subject: str, text: str, html=None):
with force_locale(locale or "en"): with force_locale(locale or "en"):
return send_email_with_reason(email, locale, subject, text, html, return send_email_with_reason(email, locale, subject, text, html,