fergalmoran/opengifame
1
0
Fork 0
mirror of https://github.com/fergalmoran/opengifame.git synced 2025-12-25 19:19:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
develop
opengifame/docs/GDPR.md
Fergal Moran 58c3041ed1 feat: Add comprehensive legal compliance and UI enhancements 
• Add comprehensive privacy documentation
  - Create docs/PRIVACY.md with complete privacy policy
  - Create docs/GDPR.md with detailed GDPR compliance guide
  - Include account deletion procedures and user rights

• Implement legal page routes
  - Add /privacy page with markdown rendering
  - Add /gdpr page with markdown rendering
  - Install react-markdown for content display

• Enhance site layout and navigation
  - Create footer component with legal links
  - Make footer sticky to bottom of page
  - Add responsive layout with flexbox structure

• Improve header UI/UX
  - Add user avatar with initials and colors
  - Implement dropdown menu for user actions
  - Create prominent centered upload button
  - Remove redundant navigation items

• Fix code quality issues
  - Resolve all ESLint warnings and errors
  - Comment out unused imports for future features
  - Fix TypeScript interface redundancy
  - Update Next.js 15 async params handling

• Add UI components
  - Create Avatar component with fallback initials
  - Add DropdownMenu component for user actions
  - Enhance voting buttons with hover animations

The changes establish proper legal compliance (GDPR/privacy), improve user experience with better navigation and visual design, and maintain clean code standards throughout the application.
2025-07-05 19:07:56 +01:00

300 lines
9.3 KiB
Markdown
Raw Permalink Blame History

# GDPR Compliance Guide
## Effective Date: July 5, 2025
## Introduction
This document outlines OpenGIFame's compliance with the General Data Protection Regulation (GDPR) and your rights as a data subject. The GDPR gives you specific rights regarding your personal data, and we are committed to respecting and facilitating these rights.
## Your Rights Under GDPR
### 1. Right to Information (Article 13-14)
You have the right to know:
- What personal data we collect
- Why we collect it
- How long we keep it
- Who we share it with
- Your rights regarding this data
This information is detailed in our [Privacy Policy](./PRIVACY.md).
### 2. Right of Access (Article 15)
You have the right to:
- Confirm whether we process your personal data
- Access your personal data
- Receive information about how we process it
**How to exercise this right:**
1. Sign in to your OpenGIFame account
2. Go to Account Settings → Privacy & Data
3. Click "Download My Data" to receive a complete copy of your data
4. Alternatively, contact us at [privacy@opengifame.com] with your request
### 3. Right to Rectification (Article 16)
You have the right to correct inaccurate or incomplete personal data.
**How to exercise this right:**
1. **Profile Information**: Update directly in Account Settings
2. **Content**: Edit your uploaded images, titles, and descriptions
3. **Other Data**: Contact us at [privacy@opengifame.com] for assistance
### 4. Right to Erasure ("Right to be Forgotten") (Article 17)
You have the right to request deletion of your personal data when:
- The data is no longer necessary for the original purpose
- You withdraw consent
- You object to processing and there are no overriding legitimate grounds
- The data has been unlawfully processed
- Deletion is required for legal compliance
**See the "Complete Account Deletion" section below for detailed instructions.**
### 5. Right to Restrict Processing (Article 18)
You can request we limit how we use your data while we:
- Verify the accuracy of your data
- Determine legitimate grounds for processing
- Handle your objection to processing
**How to exercise this right:**
Contact us at [privacy@opengifame.com] with your specific request.
### 6. Right to Data Portability (Article 20)
You have the right to:
- Receive your personal data in a structured, commonly used format
- Transfer your data to another service
**How to exercise this right:**
1. Go to Account Settings → Privacy & Data
2. Click "Export Data" to download your data in JSON format
3. This includes your profile, uploaded images, comments, and voting history
### 7. Right to Object (Article 21)
You can object to processing based on:
- Legitimate interests
- Direct marketing
- Profiling
**How to exercise this right:**
Contact us at [privacy@opengifame.com] to discuss your objection.
### 8. Rights Related to Automated Decision Making (Article 22)
We do not use automated decision-making or profiling that significantly affects you. Our recommendation algorithms are designed to enhance user experience and do not make decisions that have legal or similarly significant effects.
## Complete Account Deletion Guide
### What Gets Deleted
When you delete your account, we will permanently remove:
- **Account Information**: Name, email, profile picture, and all account settings
- **Authentication Data**: All login credentials and session tokens
- **Uploaded Content**: All images, titles, and descriptions you've uploaded
- **Social Activity**: All comments, votes (upvotes/downvotes), and reactions
- **Metadata**: Upload timestamps, IP addresses, and activity logs
- **Tags**: Any tags you created (if not used by other users)
### What Happens to Your Content
- **Your Images**: Permanently deleted from our servers and CDN
- **Your Comments**: Removed from all discussions
- **Your Votes**: All voting records are deleted
- **Content References**: Any references to your deleted content are cleaned up
### Before You Delete Your Account
**Important considerations:**
1. **Irreversible Action**: Account deletion cannot be undone
2. **Download Your Data**: Export your data first if you want to keep copies
3. **Active Discussions**: Your comments in discussions will be removed
4. **Shared Content**: Any images you've shared will no longer be accessible
### Step-by-Step Deletion Process
#### Method 1: Self-Service Deletion (Recommended)
1. **Sign in** to your OpenGIFame account
2. **Navigate** to Account Settings → Privacy & Data
3. **Review** the "Delete Account" section warnings
4. **Optional**: Download your data using "Export Data" button
5. **Click** "Delete My Account"
6. **Confirm** by typing "DELETE" in the confirmation field
7. **Enter** your password to verify identity
8. **Final Confirmation**: Click "Permanently Delete Account"
#### Method 2: Contact-Based Deletion
If you cannot access your account:
1. **Email** us at [privacy@opengifame.com]
2. **Include** the following information:
- Full name associated with the account
- Email address used for registration
- Approximate account creation date
- Reason you cannot access the account
3. **Verification**: We may ask for additional verification
4. **Processing**: We'll process your request within 30 days
### Deletion Timeline
- **Immediate**: Account becomes inaccessible
- **24 hours**: Content removed from public view
- **7 days**: Data purged from active systems
- **30 days**: Complete removal from all backups and archives
- **90 days**: Final verification that all data has been removed
### Data We May Retain
In limited circumstances, we may retain some information for:
**Legal Compliance**:
- Transaction records (if applicable)
- Compliance with data retention laws
- Evidence for legal proceedings
**Security and Fraud Prevention**:
- Anonymized security logs (without personal identifiers)
- Records of policy violations or fraudulent activity
**Technical Requirements**:
- Anonymized analytics data (aggregated, non-personal)
- System performance metrics
### Exceptions to Deletion
We may be unable to delete data if:
- **Legal Hold**: Data is subject to legal proceedings
- **Regulatory Requirements**: Required by law to retain specific data
- **Public Interest**: Data is required for public health or safety
- **Technical Impossibility**: Data is technically impossible to isolate and delete
## Exercising Your Rights
### Response Time
We will respond to your requests:
- **Acknowledgment**: Within 72 hours
- **Complete Response**: Within 30 days (extendable to 60 days for complex requests)
### Verification Process
To protect your privacy, we may need to verify your identity before processing requests:
1. **Account Access**: Sign in to your account when possible
2. **Email Verification**: Confirm ownership of the registered email
3. **Additional Verification**: Answer security questions if needed
### No Cost
Exercising your GDPR rights is free of charge. However, we may charge a reasonable fee for:
- Manifestly unfounded or excessive requests
- Additional copies of data beyond the first free copy
### Appeal Process
If you're not satisfied with our response:
1. **Contact** our Data Protection Officer at [dpo@opengifame.com]
2. **Escalate** to your local supervisory authority
3. **EU Residents**: Contact your national data protection authority
4. **UK Residents**: Contact the Information Commissioner's Office (ICO)
## Technical Implementation
### Data Mapping
We maintain a comprehensive data map showing:
- What personal data we collect
- Where it's stored
- How it's processed
- Retention periods
- Sharing arrangements
### Security Measures
- **Encryption**: All personal data is encrypted at rest and in transit
- **Access Controls**: Strict access controls and audit logs
- **Regular Audits**: Quarterly security and privacy audits
- **Staff Training**: Regular GDPR training for all staff
### Data Processing Records
We maintain detailed records of:
- Processing activities
- Legal basis for processing
- Data sharing agreements
- Retention schedules
- Security measures
## Contact Information
### Data Protection Officer (DPO)
- **Email**: [dpo@opengifame.com]
- **Response Time**: Within 72 hours
### Privacy Team
- **Email**: [privacy@opengifame.com]
- **Response Time**: Within 24 hours for urgent matters
### Supervisory Authorities
If you believe we have not complied with GDPR:
**EU Residents**: Contact your national data protection authority
**UK Residents**: Information Commissioner's Office (ICO)
- Website: ico.org.uk
- Helpline: 0303 123 1113
## Updates to This Document
We may update this GDPR compliance guide to reflect:
- Changes in data protection law
- Updates to our data processing practices
- Feedback from supervisory authorities
- User feedback and requests
**Notification**: We will notify you of significant changes through:
- Email notification to registered users
- Notice on our platform
- Updated "Effective Date" at the top of this document
## Additional Resources
- [Privacy Policy](./PRIVACY.md) - Comprehensive privacy information
- Terms of Service - Platform usage terms (coming soon)
- Data Processing Agreement - For business users (coming soon)
- Cookie Policy - Information about cookies and tracking (coming soon)
---
*This document was last updated on July 5, 2025. For questions about GDPR compliance, contact our privacy team at [privacy@opengifame.com].*
Reference in New Issue View Git Blame Copy Permalink