demarches-normaliennes/doc/PRIVACY-POLICY.md
mfo bb838c8eef
Update doc/PRIVACY-POLICY.md
Co-authored-by: LeSim <mail@simon.lehericey.net>
2022-03-10 07:04:37 +01:00

1.6 KiB

Privacy policy documentation

This document describes various privacy consideration that should be considered when deploying an instance of demarches-simplifiees.fr.

Matomo and or Analytics service

In order to prevent Matomo to store personnal information, you should set it up with some additional configurations options.

Exclude some query parameters from matomo

fbclid
*token
/.*token/
*email*
  • why : some pages use URL query parameters to transmit the user email address. To avoid these being logged by Matomo, they should be excluded from the logged parameters.

Forms data requested by user :

Depending on your local regulations/laws, beware : you can't collect some data, others requires special infrastructure.

Risky forms inputs in France :

  • unless your instance is running on a HDS infrastructure, you can't collect any health data. This includes Social Security number, health records, etc. Source : CNIL
  • in France, a form can't ask for the race or religion. Source : INSEE

Data expirations :

Data retention must not exceed 36 months. Depending on your instance configuration, you should check that all records of the procedures table have the column procedure_expires_when_termine_enabled set to true. Also make sure the default value of procedures.procedure_expires_when_termine_enabled is true.

This flag ensures that processed file will be deleted when expired.