GDPR, 2018: Please see the revised Pivacy Policy for this wiki: General Data Protection Regulation
EU Cookie Directive: Please see the following note regarding opting in to the use of cookies for this wiki: EU Cookie Directive

Please Note: You must be logged in to edit this wiki and your account must be assigned "editor" rights (set by administrator).

SJTAG:Privacy policy

From SJTAG
Revision as of 19:16, 23 May 2018 by Ian McIntosh (talk | contribs) (Update for GDPR)

Jump to: navigation, search

Summary

If you only read the SJTAG websites, no more information is collected than is typically collected in server logs by web sites in general.

If you contribute to the SJTAG discussions, you are publishing every word you post publicly. Once posted, you should assume that it will be retained forever. This includes articles, user pages and talk pages. Some limited exceptions are described below.

Identification of an author

You will need to be logged in to publish or edit a page in the wiki.

When logged in, you will be identified by your user name. This may be your login user name or your real name depending on the options you selected when you created your account.

Remember to log out or disconnect yourself after each session on a shared computer, to avoid allowing others to use your identity.

Cookies

The wiki will set a temporary session cookie (PHPSESSID) whenever you visit the site. If you do not intend to ever log in, you may deny this cookie, but you cannot log in without it. It will be deleted when you close your browser session.

More cookies may be set when you log in, to avoid typing in your user name (or optionally password) on your next visit. These last up to 30 days. You may clear these cookies after use if you are using a public machine and don't wish to expose your username to future users of the machine. (If so, clear the browser cache as well.)

EU Cookie Directive

The Privacy and Electronic Communications (EC Directive) Regulations 2003 (The EU Cookie Directive)

The "EU Cookie Directive" requires that users must give permission for a website to store cookies. There are exceptions where the cookie is an essential part of delivering a service, and the main thrust of the legislation seems to be to allow site users to opt out from intrusive "tracking cookies" that allow website operators or third parties to record the browsing habits of users or other non-essential cookies.

The session cookie is considered essential to delivery of the wiki service to registered users and is therefore exempt from the legislation. The session cookie used here is sjtagwiki_sjw_session.

Persistent cookies are set for registered, logged in users who have chosen to have their login details remembered. If you do not wish to have these cookies stored on your PC then do not check the "Remember my login on this browser" checkbox when signing in. The cookies used here are sjtagwiki_sjw_UserID, sjtagwiki_sjw_UserName and sjtagwiki_sjw_Token.

Because the wiki uses SJTAG forum user database of login credentials, use of the wiki by logged in users may also use cookies associated with the forums: See the EU Cookie Directive post on the forums for more details.

Passwords

Many aspects of the SJTAG Working Group's operation depend on the reputation and respect that is built up through a history of valued contributions. User passwords are the only guarantee of the integrity of a user's edit history. All users are encouraged to select strong passwords and to never share them. No one shall knowingly expose the password of another user to public release either directly or indirectly.

Sharing information with third parties

Except where otherwise specified, all material added to the SJTAG website is assumed to be available for reuse by the SJTAG Working Group in its publications unless the contributor expressly indicates otherwise. See also SJTAG:Copyrights.

The SJTAG Working Group will not sell or share private information, such as email addresses, with third parties, unless you agree to release this information, or it is required by law to release the information.

E-mail

You may provide your e-mail address in your Preferences and enable other logged-in users to send email to you through the wiki. Your address will not be revealed to them unless you respond, or possibly if the email bounces. The email address may be used by the SJTAG Working Group to communicate with users on a wider scale.

If you do not provide an email address, you will not be able to reset your password if you forget it. However, you may contact one of the SJTAG server administrators to enter a new mail address in your preferences.

You can remove your email address from your preferences at any time to prevent it being used.

General Data Protection Regulation, 2018

The following additional information, amendments and clarifications apply and supersede any conflicting terms in the preceding sections:

Personal Information

Personal information collected or stored by this wiki consists of:

  • Username and, optionally, real name
  • Password
  • Group membership (editing or administration rights)
  • Language preferences
  • Gender preferences (optional)
  • Email address (optional)
  • Email notification preferences/consent (optional)
  • History of contributions to the wiki

You can view, and in some cases modify, the information held using the "Preferences" link (near top right of wiki pages) while logged in and selecting the "User Profile" tab. Wiki contributions can inspected by following the "Contributions" link (near top right of wiki pages) while logged in.

Purpose

The information collected is only as much as is necessary to:

  • Ensure that only authorized changes are made to the wiki
  • Ensure correct attribution of contributions to the wiki
  • Provide emails and notifications only so far as the user deems necessary

Consent

Contributors to this wiki have the right to withdraw consent to receiving emails and notifications at any time. Individual options can be set/unset in the user's "Preferences". If desired, the user's email address can be removed entirely but note that this will mean that self-service passwords resets will no longer be possible.

Data Portability

Users are able to copy any or all information held from their "User Profile" and "Contributions" pages as noted above. If necessary, assistance can be provided by the site administrators.

Passwords are only ever stored in an encrypted form, so are not retrievable.

Data Transfer

Other than as detailed under Data Portability or at the express request of the user, personal data will not be transferred to any third party except where required under law. Transfers of personal data outside of the European Economic Area will require the express consent of the user.

Right to Erasure

This is often referred to as the "Right to be Forgotten". A user can request that the site administrators remove/delete all of that user's personal data at any time. There is a practical limitation to this for a wiki in that while the user's personal details ban be deleted it is not feasible to delete all of a user's contributions. In practice, once deletion is carried out, all of the user's contributions will be transferred to an anonymized virtual user account, e.g. "Former User", and may therefore be merged with contributions from other deleted users.