Browse Source

COPPA/HIPAA: draft pending submission

biotorrents 4 years ago
parent
commit
3bf97b98e6
3 changed files with 71 additions and 25 deletions
  1. 5
    5
      sections/legal/dmca.php
  2. 64
    19
      sections/legal/privacy.php
  3. 2
    1
      sections/rules/rules.php

+ 5
- 5
sections/legal/dmca.php View File

@@ -8,7 +8,7 @@ View::show_header('DMCA');
8 8
 
9 9
 <section class="tldr">
10 10
   <p>
11
-    <em>If</em> you're a copyright owner or agent of one,
11
+    <em>If</em> you're a copyright owner or an agent of one,
12 12
     <em>and</em> you believe that user-generated content (UGC) on the domain
13 13
     https://biotorrents.de infringes your copyrights:
14 14
     <em>then</em> you may notify our Digital Millennium Copyright Act (DMCA) agent in writing.
@@ -46,18 +46,18 @@ View::show_header('DMCA');
46 46
     </li>
47 47
 
48 48
     <li>
49
-      Information reasonably sufficient to permit BioTorrents.de to contact you,
49
+      Information reasonably sufficient to permit us to contact you,
50 50
       such as an address, telephone number, and email.
51 51
     </li>
52 52
   </ul>
53 53
 
54 54
   <p>
55 55
     Because a high percentage of DMCA takedown notices are invalid or abusive,
56
-    BioTorrents.de reserves the right to ignore requests for unregistered works.
56
+    Omics Tools LLC reserves the right to ignore requests for unregistered works.
57 57
   </p>
58 58
 
59 59
   <p>
60
-    BioTorrents.de authenticates all valid requests.
60
+    We authenticate all valid requests.
61 61
     As a stopgap pending investigation,
62 62
     access to the targets of valid requests will be expeditiously disabled.
63 63
   </p>
@@ -85,7 +85,7 @@ View::show_header('DMCA');
85 85
 
86 86
     <li>
87 87
       Requests signed by other means than Ed25519 or RSA 4096,
88
-      or encoded in other formats than UTF-8 or ASCII plaintext.
88
+      or encoded in other formats than UTF-8 or ASCII.
89 89
     </li>
90 90
 
91 91
 

+ 64
- 19
sections/legal/privacy.php View File

@@ -61,16 +61,16 @@ View::show_header('Privacy'); ?>
61 61
 
62 62
   <p>
63 63
     We only use your data to manage your account and administer the site.
64
-    We never sell or otherwise provide data to third parties, except under subpoena.
64
+    We never sell or otherwise provide data to third parties, except by authenticated subpoena.
65 65
   </p>
66 66
 
67 67
   <p>
68 68
     All data read, written, or deleted under this policy will only be managed by SQL queries,
69
-    and any data returned will only be provided as database dumps.
69
+    and any data returned will only be provided as raw output (database dumps).
70 70
   </p>
71 71
 
72 72
   <p>
73
-    We securely store your data in our hardened MariaDB instance.
73
+    We securely store your data on our hardened MariaDB instance.
74 74
     Only Unix socket connections are allowed, and certain services like IRC are denied.
75 75
     Database tools aren't accessible on the public internet.
76 76
   </p>
@@ -85,7 +85,7 @@ View::show_header('Privacy'); ?>
85 85
 
86 86
   <p>
87 87
     We'll keep your data for your account's lifetime.
88
-    Once this period expires, we'll delete your data by written request.
88
+    When that time expires, we'll delete your data by written request.
89 89
   </p>
90 90
 
91 91
 
@@ -95,13 +95,18 @@ View::show_header('Privacy'); ?>
95 95
 
96 96
   <p>
97 97
     We'd like to make sure you're fully aware of your data protection rights.
98
-    Every user is entitled to GDPR protections regardless of their jurisdiction:
98
+    Each user is entitled to GDPR protection regardless of their jurisdiction.
99
+  </p>
100
+
101
+  <p>
102
+    Please attach a screenshot of your profile page to prove account ownership for any transaction.
103
+    It's okay to redact sensitive data like email and passkey.
99 104
   </p>
100 105
 
101 106
   <ul class="p">
102 107
     <li>
103 108
       <strong>Access.</strong>
104
-      You have the right to request copies of your personal data.
109
+      You have the right to request copies of your data.
105 110
       We may charge a small fee for this service.
106 111
     </li>
107 112
 
@@ -113,23 +118,23 @@ View::show_header('Privacy'); ?>
113 118
 
114 119
     <li>
115 120
       <strong>Erasure.</strong>
116
-      You have the right to request that we erase your personal data, under certain conditions.
121
+      You have the right to request that we erase your data, under certain conditions.
117 122
     </li>
118 123
 
119 124
     <li>
120 125
       <strong>Restrict Processing.</strong>
121
-      You have the right to request that we restrict processing your personal data,
126
+      You have the right to request that we restrict processing your data,
122 127
       under certain conditions.
123 128
     </li>
124 129
 
125 130
     <li>
126 131
       <strong>Object to Processing.</strong>
127
-      You have the right to object to our processing your personal data, under certain conditions.
132
+      You have the right to object to our processing your data, under certain conditions.
128 133
     </li>
129 134
 
130 135
     <li>
131 136
       <strong>Data Portability.</strong>
132
-      You have the right to request that we transfer data we've collected to you or others,
137
+      You have the right to request that we transfer data we've collected to you or to others,
133 138
       under certain conditions.
134 139
     </li>
135 140
   </ul>
@@ -151,12 +156,12 @@ View::show_header('Privacy'); ?>
151 156
 
152 157
   <p>
153 158
     We strongly encourage you to use an updated browser with sandboxed tabs,
154
-    and to set your browser to deny disk permissions and to wipe transient data on shutdown.
159
+    and to set your browser to deny disk access and wipe transient data on shutdown.
155 160
   </p>
156 161
 
157 162
   <p>
158 163
     We use cookies to keep you signed in.
159
-    Our secure session cookie parameters include
164
+    Our secure session cookie parameters include:
160 165
   </p>
161 166
 
162 167
   <ul>
@@ -240,15 +245,9 @@ View::show_header('Privacy'); ?>
240 245
     gdpr at biotorrents dot de
241 246
   </p>
242 247
 
243
-  <p>
244
-    Please use
245
-    <a href="https://pgp.mit.edu/pks/lookup?op=get&search=0x760EBED7CFE266D7" target="_blank">GPG 760EBED7CFE266D7</a>
246
-    if you wish.
247
-  </p>
248
-
249 248
 
250 249
   <h3>
251
-    How to contact the appropriate authority
250
+    How to contact the authorities
252 251
   </h3>
253 252
 
254 253
   <p>
@@ -256,6 +255,52 @@ View::show_header('Privacy'); ?>
256 255
     or if you feel that we haven't satisfactorily addressed your concerns,
257 256
     contact the Information Commissioner's Office.
258 257
   </p>
258
+
259
+
260
+  <h3>
261
+    COPPA
262
+  </h3>
263
+
264
+  <p>
265
+    Omics Tools LLC doesn't knowingly collect data from under-thirteens.
266
+    Our terms require that all users be 18 or older.
267
+    If you believe a child gave out personal data on BioTorrents.de,
268
+    please contact us at once.
269
+  </p>
270
+
271
+  <p>
272
+    <strong>
273
+      Email
274
+    </strong>
275
+    <br />
276
+    coppa at biotorrents dot de
277
+  </p>
278
+
279
+
280
+  <h3>
281
+    HIPAA
282
+  </h3>
283
+
284
+  <p>
285
+    Omics Tools LLC doesn't knowingly collect data that violates patient privacy.
286
+    We publish guides on how to anonymize data, and our rules restrict unsanitized data.
287
+    If you believe that content on BioTorrents.de compromises a patient's identity,
288
+    please contact us at once.
289
+  </p>
290
+
291
+  <p>
292
+    <strong>
293
+      Email
294
+    </strong>
295
+    <br />
296
+    hipaa at biotorrents dot de
297
+  </p>
298
+
299
+  <p>
300
+    Please use
301
+    <a href="https://pgp.mit.edu/pks/lookup?op=get&search=0x760EBED7CFE266D7" target="_blank">GPG 760EBED7CFE266D7</a>
302
+    if you wish.
303
+  </p>
259 304
 </section>
260 305
 
261 306
 <?php View::show_footer();

+ 2
- 1
sections/rules/rules.php View File

@@ -1,4 +1,5 @@
1 1
 <?php
2
+declare(strict_types=1);
2 3
 
3 4
 # Formerly Rules::display_golden_rules()
4 5
 $ENV = ENV::go();
@@ -17,7 +18,7 @@ View::show_header('Golden rules');
17 18
       <li>
18 19
         <strong>
19 20
           <a href="https://www.dol.gov/general/ppii" target="_blank">Personal Identifiable Information (PII)</a>
20
-          is not allowed anywhere on the site without specific staff approval.
21
+          isn't allowed anywhere on the site without explicit consent.
21 22
         </strong>
22 23
       </li>
23 24
 

Loading…
Cancel
Save