On Sun, Jun 10, 2018 at 08:28:45PM +0200, Laura Arjona Reina wrote:
> Hello all
> I have read the document and I have some questions and comments.
>
> 1.- Once that we publish a "Privacy Policy" document in the website, if
> there are changes to the text, do we need to do something "special"?
> (e.g. put a banner in the site saying "we have updated our privacy
> policy", or informing some mailing list...). I'd also like to know if we
> need to "version" this document (in similar way as we do with the Debian
> Constitution, for example: 1.0, 1.1, etc).
For the moment what we are trying to do is document existing practice
accurately, so I don't think it's necessary to version the document. In
the event of substantial changes to how we deal with data I think we'd
end up with an announcement mail and get into versioning, but I do not
envisage that happening.
> 2.- We need to know if translations of the document need to clarify that
> the translation is only informative and has no legal value and people
> should look at the original English for that. We put such a note in the
> translations of /trademark and /license, for example.
Yeah, that seems like a good approach - we'll ensure the English is an
accurate representation of what we do with data, any discrepancy with a
translation and the English variant is the authority.
> 3.- About where it should go, my proposal is:
>
> * Place the document under /legal/privacy.wml
> * On top of the /legal/index.wml document, create a new section "Legal
> information" with links to /privacy, /trademark and /license (maybe more)
> * In the menu of the homepage (and the menu at the footer of every
> page), in the section "About Debian", place links to "Legal info" and
> "Data privacy".
That seems sensible to me.
J.
--
Free the crispy bits! | .''`. Debian GNU/Linux Developer
| : :' : Happy to accept PGP signed
| `. `' or encrypted mail - RSA
| `- key on the keyservers.
