Closed MathisBurger closed 2 days ago
Does this have any effect on out privacy strategy? Do we need to change our disclaimers about collecting personal data e.g. emails or cookies?
We most likely will have to update our privacy policy as we're now exchanging data with Microsoft. Additionally we have to link to our privacy statement in the apps documentation on MSs end.
They even have a tutorial on how to handle authentication with react here. I've not taken a look in detail, but it seems pretty usable
The implementation does indeed look straightforward. That should be the least of our concerns. Do you happen to know if there are any templates for the privacy policy? On the one hand, we would be exchanging data with Microsoft, and on the other hand, we would have to store some kind of identifier (e.g., email or Microsoft ID) in the user service.
University signup will be deprioritised due to the challenges of privacy handling. Furthermore, universities will need to allow the application explicitly as allowed service which seems not realistic at the moment.