Privacy Policy and Data Use

[mzagaja]

We need to develop an appropriate privacy policy and data use disclosure that comports with what we are disclosing and what users are giving us and what partners might have access.

[dazzaji]

Let's take a few minutes at the next brigade meeting to review/hone a list of "privacy relevant" data that flows to the app, from the app and/or resides in the app. If data is individually identifiable (eg "linkable to a unique individual") or personal data (eg "created and owned by an individual") then it is a good candidate for this list.

Individual names and residential addresses and email addresses are on the list and if people are able to make notes or write reviews, comments, etc that data would be on the list too.

[dazzaji]

Update: Based on talking this through, Dazza plans a draft for review of combined privacy and terms/conditions file for next meeting, Jan 5th! Will be starting as a static file and plan to make this dynamic and more connected to integrations.

[mzagaja]

https://github.com/codeforboston/cambridge_energy_app/blob/master/db/schema.rb is the database scheme

[mzagaja]

Energy data is considered sensitive.

Has data in aggregate for the whole city.

Data ownership - user owns the data but we're custodians of it. They click a button to request it's deleted.

[dazzaji]

Seeking to dev terms that will get super kudos on our favorite substantive terms rating service TLDR!

• Here is the competition: https://tosdr.org/topics.html#ownership
• Specifically w/r/t "personal data" here: https://tosdr.org/topics.html#personal-data