From 393c678fdd93424eb3ee52f87fc0cebdfeedc103 Mon Sep 17 00:00:00 2001 From: Martin Date: Fri, 4 Mar 2022 17:05:48 +0100 Subject: [PATCH 1/2] doc(privacy-policy): add privacy policy doc Update doc/PRIVACY-POLICY.md Co-authored-by: Pierre de La Morinerie Update doc/PRIVACY-POLICY.md Co-authored-by: Pierre de La Morinerie Update doc/PRIVACY-POLICY.md Co-authored-by: Pierre de La Morinerie Update doc/PRIVACY-POLICY.md Update doc/PRIVACY-POLICY.md Update doc/PRIVACY-POLICY.md Co-authored-by: Pierre de La Morinerie --- doc/PRIVACY-POLICY.md | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 doc/PRIVACY-POLICY.md diff --git a/doc/PRIVACY-POLICY.md b/doc/PRIVACY-POLICY.md new file mode 100644 index 000000000..de141a61a --- /dev/null +++ b/doc/PRIVACY-POLICY.md @@ -0,0 +1,34 @@ +# Privacy policy documentation + +This document describes various privacy consideration that should be considered when deploying an instance of demarches-simplifiees.fr. +## Matomo and or Analytics service + +In order to prevent Matomo to store personnal information, you should set it up with some additional configurations options. + +### Exclude some query parameters from matomo + +* how : [see the matomo doc](https://matomo.org/faq/how-to/faq_81/) +* what : +We recommend to ignore the following query parameters + +``` +fbclid +*token +/.*token/ +*email* +``` + +* why : some pages use URL query parameters to transmit the user email address. To avoid these being logged by Matomo, they should be excluded from the logged parameters. + +## Forms data requested by user : + +Depending on your local regulations/laws, **beware** : you can't collect some data, others requires special infrastructure. + +### Risky forms inputs in France : + +* unless your instance is running on a HDS infrastructure, you can't collect any health data. This includes Social Security number, health records, etc. [SourceĀ : CNIL](https://www.cnil.fr/fr/quest-ce-ce-quune-donnee-de-sante) +* in France, a form can't ask for the race or religion. [SourceĀ : INSEE](https://www.insee.fr/fr/information/2108548) + +## Data expirations : + +Data retention **mist not exceed 36 months**. Depending on your instance configuration, you should check that all records of the `procedures` table have the column `procedure_expires_when_termine_enabled` set to `true`. Also make sure the default value of `procedures.procedure_expires_when_termine_enabled` is true. From bb838c8eef8382086bce0a3f02d7102badb5bf9a Mon Sep 17 00:00:00 2001 From: mfo Date: Thu, 10 Mar 2022 07:04:37 +0100 Subject: [PATCH 2/2] Update doc/PRIVACY-POLICY.md Co-authored-by: LeSim --- doc/PRIVACY-POLICY.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/doc/PRIVACY-POLICY.md b/doc/PRIVACY-POLICY.md index de141a61a..cb3d2308d 100644 --- a/doc/PRIVACY-POLICY.md +++ b/doc/PRIVACY-POLICY.md @@ -31,4 +31,6 @@ Depending on your local regulations/laws, **beware** : you can't collect some da ## Data expirations : -Data retention **mist not exceed 36 months**. Depending on your instance configuration, you should check that all records of the `procedures` table have the column `procedure_expires_when_termine_enabled` set to `true`. Also make sure the default value of `procedures.procedure_expires_when_termine_enabled` is true. +Data retention **must not exceed 36 months**. Depending on your instance configuration, you should check that all records of the `procedures` table have the column `procedure_expires_when_termine_enabled` set to `true`. Also make sure the default value of `procedures.procedure_expires_when_termine_enabled` is true. + +This flag ensures that processed file will be deleted when expired.