Open insert-usernamehere opened 4 months ago
ExperiencersInternational
commented
4 months ago Yeah, I agree in regards with compliance with GDPR/CCPA.
Can't find any examples here either, I'm sure there's a Terms of Use somewhere but I can't find that easily either, need to be prominent links in the footer if they're not already.
jonbarrow
commented
4 months ago Apologies if this is the wrong repository
This is 100% the right place, no worries :+1:
As I was planning on registering a pretendo account I noticed there was no defined privacy policy or terms of service to inform me of how my data will be used if I register ... I believe this is something that must be addressed
We are aware of this and we (hopefully obviously!) agree! It's being fixed ASAP. As an American without a lawyer and limited knowledge in European law, I wanted to be sure the policy was both robust and clear enough, while remaining compliant. Originally I was talking with @InternalLoss about this (as he's from across the pond) to ensure things were good before plastering it everywhere, but stuff just came up. However it's being reviewed again as we speak and should be prominent soon.
That being said, you can see exactly how your data is used by looking at our source code. The code we publish here is exactly what is deployed, so you can see how it's stored/managed, and we don't do anything with that data outside of what is strictly necessary for operating the services (while also collecting the bare minimum). We don't even log IPs or anything on our servers.
ExperiencersInternational
commented
4 months ago We don't even log IPs or anything on our servers.
Just want to take out this bit specifically Jon, the Discourse server logs IPs right?
I recall @.ashquarky saying that on the forum last night as a reason why they can't have TL4 (I think they were confusing it with administrator permissions). I do recall Discourse logging IPs when I was an admin for a forum, iirc it's to assist with IP bans?
Might just be a misunderstanding from both our ends.
https://forum.pretendo.network/t/welcome-to-pretendo-network/5/48?u=gamersinternatio
jonbarrow
commented
4 months ago Just want to take out this bit specifically Jon, the Discourse server logs IPs right?
Correct, I wasn't clear. I meant that anything we produce does not track IPs. We don't produce Discourse so I didn't think about it. That being said, the Discourse policy would apply here I believe? https://www.discourse.org/privacy
I've looked for a way to disable this but Discourse does not seem to provide that option, nor do they seem to consider IP addresses PII? I was in conversations with Discourse staff recently regarding our integration requirements, and I was told by Discourse that admins are the only ones able to see peoples PII. Given that users with TL4, regardless of admin rights, can see IP addresses, it seems that they do not consider them to be PII? Relevant screenshot and link:
insert-usernamehere
commented
4 months ago Personally I wouldn't exactly consider IPs PII, most web servers, reverse proxies, etc, log it somewhere regardless of whether it's in systemd logs or in a log file somewhere. I suppose the difference is logging IPs and linking it to a specific user for tracing or tracking purposes.
On May 11, 2024 2:08:13 PM EDT, Jonathan Barrow @.***> wrote:
Just want to take out this bit specifically Jon, the Discourse server logs IPs right?
Correct, I wasn't clear. I meant that anything we produce does not track IPs. We don't produce Discourse so I didn't think about it. That being said, the Discourse policy would apply here I believe? https://www.discourse.org/privacy
I've looked for a way to disable this but Discourse does not seem to provide that option, nor do they seem to consider IP addresses PII? I was in conversations with Discourse staff recently regarding our integration requirements, and I was told by Discourse that admins are the only ones able to see peoples PII. Given that users with TL4, regardless of admin rights, can see IP addresses, it seems that they do not consider them to be PII? Relevant screenshot and link:
-- Reply to this email directly or view it on GitHub: https://github.com/PretendoNetwork/website/issues/296#issuecomment-2105978623 You are receiving this because you authored the thread.
Message ID: @.***>
ExperiencersInternational
commented
4 months ago Just want to take out this bit specifically Jon, the Discourse server logs IPs right?
Correct, I wasn't clear. I meant that anything we produce does not track IPs. We don't produce Discourse so I didn't think about it. That being said, the Discourse policy would apply here I believe? https://www.discourse.org/privacy
I've looked for a way to disable this but Discourse does not seem to provide that option, nor do they seem to consider IP addresses PII? I was in conversations with Discourse staff recently regarding our integration requirements, and I was told by Discourse that admins are the only ones able to see peoples PII. Given that users with TL4, regardless of admin rights, can see IP addresses, it seems that they do not consider them to be PII? Relevant screenshot and link:
If I recall correctly, Discourse does automatically create a privacy policy/ToU for your project on installation and I think you're supposed to refer to that? I don't blame you for being confused over this, but usually on the About page, you should have About, Guidelines, Terms of Use and Privacy Policy afaik.
I don't honestly see the IP addresses being too sensitive, especially when most people will be accessing over a dynamic IP.
jonbarrow
commented
3 months ago This has been marked as critical in our tasks tracker (congrats on the first, and hopefully only, critical task) and assigned myself and @InternalLoss.
I have drafted up documents for:
As I do not live in the EU and am not well versed in the law there, I have asked @InternalLoss to verify the contents of the documents to ensure they're compliant. The documents also reference a currently non-existent LLC, which I have to wait for the state to approve before moving forward (otherwise the documents are incorrect).
Once everything is registered and the documents verified as compliant we can move forward with a PR for this.
ExperiencersInternational
commented
1 month ago Any updates on this? Seeing a lot of people requesting account deletions on the forum but there is no easy way to do that yet afaik.
Alerymin
commented
1 month ago Any updates on this? Seeing a lot of people requesting account deletions on the forum but there is no easy way to do that yet afaik.
@ExperiencersInternational User who want to delete his account here.
There is still no easy way, the website cannot do it and the deletion process from the console cannot either.
Also what I ask a lot for is changing the PNID, I don't think it's easy but it would be better if it was possible (Nintendo not allowing this is against GDPR article 16 afaik)
jonbarrow
commented
1 month ago Any updates on this? Seeing a lot of people requesting account deletions on the forum but there is no easy way to do that yet afaik.
Yes. We are still updating the documents, as to be entirely thorough with what we do and do not use and how it is used, and to make sure we are compliant. These sorts of changes also require changes to several services at once, not just here, and @hauntii is looking into the website rewrite which would include these changes. Below is an example of one of his draft implementations from this rewrite:
That being said, accounts can be deleted either from a console (the endpoints are implemented) or by contacting us directly. So while not as easy as just clicking a button, it is far from impossible
jonbarrow
commented
1 month ago the deletion process from the console cannot either.
This is incorrect. The account deletion endpoints do exist on the console API server and do function. If you are having issues with this, then you should open an issue report on the appropriate repository
Also what I ask a lot for is changing the PNID, I don't think it's easy but it would be better if it was possible (Nintendo not allowing this is against GDPR article 16 afaik)
This is functionally impossible due to the way Nintendo Network is designed. There are parts of games/servers which require the use of unique, never changing, usernames. This is something which cannot be worked around. That being said, there are plenty of other services which also do not allow you to change usernames once set, including
They typically allow you to change something like a nickname, but not your account ID/username. This is also the case with us, where your Mii/Mii name is what is commonly used in games
Alerymin
commented
1 month ago This is functionally impossible due to the way Nintendo Network is designed.
I kinda expected it
This is incorrect. The account deletion endpoints do exist on the console API server and do function. If you are having issues with this, then you should open an issue report on the appropriate repository
3ds, I get error code 005-4270 https://github.com/PretendoNetwork/account/issues/102
Apologies if this is the wrong repository As I was planning on registering a pretendo account I noticed there was no defined privacy policy or terms of service to inform me of how my data will be used if I register. Looking at other projects (Wiimifi) a clear privacy policy is defined in order to inform users of how their data is used and their right to erasure. As pretendo becomes more popular I believe this is something that must be addressed.