View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
5512Composrcore_privacypublic2023-12-28 18:512024-03-30 03:48
ReporterPDStig Assigned ToPDStig  
PrioritynormalSeverityfeature 
Status closedResolutionno change required 
Summary5512: Secondary Privacy block detailing the data stored in the database
DescriptionWe have a block for auto-generating a Privacy Policy.

Let's have another block saved on another Comcode page (which the default Privacy Policy links to). This block will go in-depth regarding the data that is stored in the site database.

For each table installed:

* It will list its description to explain to the member the purpose of that table and its data (database_relations.php)
* It will utilize privacy hooks to inform the member of any sensitive data that is stored in it, such as member_id_fields, ip_address_fields, email_fields, and additional_anonymise_fields
* It will inform the user how long the data is stored in that table and what happens to it afterwards via retention_days and retention_handle_method
* It will inform the user what will happen to their data in that table if they delete their account / their account gets deleted (via removal_default_handle_method)
* It will inform the member what purging actions are allowed for that table via allowed_handle_methods should they contact staff to have their data removed.
* It will inform the member if the data in that table will persist in website backups through the website software (but add a disclaimer that should the site admins use a different method of backing up, the data which persists in the backups may be different; perhaps be smart about this and detect via if there are any scheduled backups set)

It will skip any tables which do not have any member_id_fields, ip_address_fields, email_fields, and additional_anonymise_fields defined as these tables are assumed to contain no member data.
Additional Information* database_relations.php should probably be modified to use do_lang for the descriptions... e.g. DATABASE_RELATIONS_table_name_DESCRIPTION=Description of the table. Do not require a do_lang result, and omit tables with no result.

* (If a similar test does not already exist) Add a unit_test that checks every table and compares it to the privacy hooks. If member_id_fields, ip_address_fields, email_fields, or additional_anonymise_fields is defined, and there isn't a table description defined, then it fails the test.
TagsType: Legal compliance / Privacy
Attach Tags
Time estimation (hours)
Sponsorship open

Sponsor

Date Added Member Amount Sponsored

Relationships

Search Commits
related to 5513 ResolvedPDStig Composr Auto-delete certain data when an account is deleted 
related to 5514 ClosedPDStig Composr testing platform / automation goals Add a unit test for removal_default_handle_method and allowed_handle_methods in privacy hooks 

Activities

PDStig

2024-01-14 18:15

administrator   ~8192

Users can get this info by looking at GitLab; a bit more work than is beneficial. They can also request their own data with the site staff. However the table descriptions do need tidying; will be posted in separate issue.

Issue History

Date Modified Username Field Change
2023-12-28 18:51 PDStig New Issue
2023-12-28 18:51 PDStig Tag Attached: Type: Legal compliance / Privacy
2023-12-28 19:04 PDStig Relationship added related to 5513
2023-12-28 19:09 PDStig Relationship added related to 5514
2024-01-14 18:15 PDStig Assigned To => user4172
2024-01-14 18:15 PDStig Status Not Assigned => Closed
2024-01-14 18:15 PDStig Resolution open => fixed
2024-01-14 18:15 PDStig Note Added: 0008192
2024-01-14 18:15 PDStig Resolution fixed => no change required
2024-03-30 03:33 PDStig Project Composr alpha bug reports => Composr
2024-03-30 03:48 PDStig Category General / Uncategorised => core_privacy