Add privacy policy, closes # 62

[ramack]

@plegall I tried tried to draft a privacy policy for the android app. IANAL but I tried to put there what is necessary. Even though I believe the GPDR should not affect Piwigo-Android I'd like you to cross-read.

@jeff-amn please also take a look, and keep in mind in case you add permissions, that we might need to explain the usage in the privacy policy...

[EddyLB]

@ramack , from what I've read on many websites the mobile apps should be GDPR compliant to avoid issues.

With regard to Piwigo-Mobile, the provision of a Privacy Policy is now mandatory and I cannot release a new version without providing Privacy Policy web pages in all languages in which the app is translated (should be stored on piwigo.org).

I'm going to prepare a GDPR version from your draft. May be we could share the same pages?

[Philio]

I have a lot of the wording for permissions from other projects. If you need any of that let me know which permissions and I'll provide it for you.

On Mon, 22 Oct 2018, 11:40 am Eddy Lelièvre-Berna, notifications@github.com wrote:

@ramack https://github.com/ramack , from what I've read on many websites the mobile apps should be GDPR https://eugdpr.org/the-regulation/gdpr-faqs/ compliant to avoid issues.

With regard to Piwigo-Mobile https://github.com/Piwigo/Piwigo-Mobile/issues/261, the provision of a Privacy Policy is now mandatory and I cannot release a new version without providing Privacy Policy web pages in all languages in which the app is translated (should be stored on piwigo.org).

I'm going to prepare a GDPR version from your draft. May be we could share the same pages?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/Piwigo/Piwigo-Android/pull/63#issuecomment-431788743, or mute the thread https://github.com/notifications/unsubscribe-auth/AAOhGqqbWFsWUfczOnjyI01D6d7-_Kwbks5unaCNgaJpZM4Xyp8F .

[ramack]

@EddyLB @plegall the more I think about Eddys suggestion, the more I think it would be the best to come up with a generic privacy policy on piwigo.org and include there sections for the iOS app, Andoird app and the website. From within the app, I think we can just link to this generic policy. But if anyone thinks we need to have it inside the app we could just use a WebView to show the content from the website.

For the galleries themselves I think it would be good to

• provide a template for a privacy policy and a simple way for piwigo operators to modify and publish it
• make it available via rest, to show it in the apps should we create a ticket for this?

Also we should think about a way to update it. Do we NEED to show in the apps, that the apps/piwigo.orgs policy and / or the connected piwigo gallery changed its privacy policy? Or can we just document, that the user has to check for updates?

For the short term I think I will just merge what I have above, this should at least allow to publish a first beta version.

[EddyLB]

I have now prepared a Privacy Policy for the iOS app from your draft (thank you!). As for many apps/sites, I have added that the developers will alert the user about any changes by updating the “Last updated” date of the Privacy Policy provided at the top ;-)

From what I read on several guidelines, it is advised to add the Privacy Policy page inside the app for improving the user experience and avoid him/her to exit the app when opening it. It is also mandatory to provide contact info according to GDPR. @plegall has therefore created an iOS alias redirecting emails to me (and him of course). I suggest you do the same for the Android app.

If you are happy with this revised version, we could merge the two drafts on a web page of piwigo.org.

[ramack]

yes, but no worries, I am fine with what you finally have now and will happily drop this PR or at least the Privacy_Policy.md file in it.