GDPR update; version bump

- added Terms of Service and Privacy Policy
- updated deps
- fixed vue-bootstrap warning

src/api/package.json

@@ -1,7 +1,7 @@
 {
   "name": "my-prayer-journal-api",
   "private": true,
-  "version": "0.9.2",
+  "version": "0.9.3",
   "description": "Server API for myPrayerJournal",
   "main": "index.js",
   "author": "Daniel J. Summers <daniel@bitbadger.solutions>",

src/app/package.json

@@ -1,6 +1,6 @@
 {
   "name": "my-prayer-journal",
-  "version": "0.9.2",
+  "version": "0.9.3",
   "description": "myPrayerJournal - Front End",
   "author": "Daniel J. Summers <daniel@bitbadger.solutions>",
   "private": true,

src/app/src/App.vue

@@ -10,6 +10,8 @@
       | myPrayerJournal v{{ version }}
       br
       em: small.
+        #[router-link(:to="{ name: 'PrivacyPolicy' }") Privacy Policy] •
+        #[router-link(:to="{ name: 'TermsOfService' }") Terms of Service] •
         #[a(href='https://github.com/danieljsummers/myprayerjournal') Developed] and hosted by
         #[a(href='https://bitbadger.solutions') Bit Badger Solutions]
 </template>

src/app/src/components/Home.vue

@@ -9,8 +9,8 @@ article
     individuals to review their answered prayers.
   p.
     This site is currently in beta, but it is open and available to the general public. To get started, simply click
-    the "Log On" link above, and log on with either a Microsoft or Google account. You can also learn more about the
+    the “Log On” link above, and log on with either a Microsoft or Google account. You can also learn more
-    site at the "Docs" link, also above.
+    about the site at the “Docs” link, also above.
 </template>
 
 <script>

src/app/src/components/Navigation.vue

@@ -9,7 +9,7 @@ b-navbar(toggleable='sm'
     span(style='font-weight:600;') Prayer
     span(style='font-weight:700;') Journal
   b-collapse#nav_collapse(is-nav)
-    b-nav(is-nav-bar)
+    b-navbar-nav
       b-nav-item(v-if='isAuthenticated'
                  to='/journal') Journal
       b-nav-item(v-if='isAuthenticated'

src/app/src/components/legal/PrivacyPolicy.vue

@@ -0,0 +1,54 @@
+<template lang="pug">
+article
+  page-title(title='Privacy Policy')
+  p: small: em (as of May 21, 2018)
+  p.
+    The nature of the service is one where privacy is a must. The items below will help you understand the data we
+    collect, access, and store on your behalf as you use this service.
+  hr
+  h3 Third Party Services
+  p.
+    myPrayerJournal utilizes a third-party authentication and identity provider. You should familiarize yourself with
+    the privacy policy for #[a(href='https://auth0.com/privacy' target='_blank') Auth0], as well as your chosen provider
+    (#[a(href='https://privacy.microsoft.com/en-us/privacystatement' target='_blank') Microsoft] or
+    #[a(href='https://policies.google.com/privacy' target='_blank') Google]).
+  hr
+  h3 What We Collect
+  h4 Identifying Data
+  ul
+    li.
+      The only identifying data myPrayerJournal stores is the subscriber (&ldquo;sub&rdquo;) field from the token we
+      receive from Auth0, once you have signed in through their hosted service. All information is associated with you
+      via this field.
+    li.
+      While you are signed in, within your browser, the service has access to your first and last names, along with a
+      URL to the profile picture (provided by your selected identity provider). This information is not transmitted to
+      the server, and is removed when &ldquo;Log Off&rdquo; is clicked.
+  h4 User Provided Data
+  ul
+    li.
+      myPrayerJournal stores the information you provide, including the text of prayer requests, updates, and notes;
+      and the date/time when certain actions are taken.
+  hr
+  h3 How Your Data Is Accessed / Secured
+  ul
+    li.
+      Your provided data is returned to you, as required, to display your journal or your answered requests.
+      On the server, it is stored in a controlled-access database.
+    li.
+      Your data is backed up, along with other Bit Badger Solutions hosted systems, in a rolling manner; backups are
+      preserved for the prior 7 days, and backups from the 1st and 15th are preserved for 3 months. These backups are
+      stored in a private cloud data repository.
+    li.
+      The data collected and stored is the absolute minimum necessary for the functionality of the service. There are
+      no plans to &ldquo;monetize&rdquo; this service, and storing the minimum amount of information means that the
+      data we have is not interesting to purchasers (or those who may have more nefarious purposes).
+    li Access to servers and backups is strictly controlled and monitored for unauthorized access attempts.
+  hr
+  h3 Removing Your Data
+  p.
+    At any time, you may choose to discontinue using this service. Both Microsoft and Google provide ways to revoke
+    access from this application. However, if you want your data removed from the database, please contact daniel at
+    bitbadger.solutions (via e-mail, replacing at with @) prior to doing so, to ensure we can determine which
+    subscriber ID belongs to you.
+</template>

src/app/src/components/legal/TermsOfService.vue

@@ -0,0 +1,35 @@
+<template lang="pug">
+article
+  page-title(title='Terms of Service')
+  p: small: em (as of May 21, 2018)
+  h3 1. Acceptance of Terms
+  p.
+    By accessing this web site, you are agreeing to be bound by these Terms and Conditions, and that you are
+    responsible to ensure that your use of this site complies with all applicable laws. Your continued use of this
+    site implies your acceptance of these terms.
+  h3 2. Description of Service and Registration
+  p.
+    myPrayerJournal is a service that allows individuals to enter and amend their prayer requests. It requires no
+    registration by itself, but access is granted based on a successful login with an external identity provider. See
+    #[router-link(:to="{ name: 'PrivacyPolicy' }") our privacy policy] for details on how that information is accessed
+    and stored.
+  h3 3. Third Party Services
+  p.
+    This service utilizes a third-party service provider for identity management. Review the terms of service for
+    #[a(href='https://auth0.com/terms' target='_blank') Auth0], as well as those for the selected authorization
+    provider (#[a(href='https://www.microsoft.com/en-us/servicesagreement' target='_blank') Microsoft] or
+    #[a(href='https://policies.google.com/terms' target='_blank') Google]).
+  h3 4. Liability
+  p.
+    This service is provided "as is", and no warranty (express or implied) exists. The service and its developers may
+    not be held liable for any damages that may arise through the use of this service.
+  h3 5. Updates to Terms
+  p.
+    These terms and conditions may be updated at any time, and this service does not have the capability to notify
+    users when these change. The date at the top of the page will be updated when any of the text of these terms is
+    updated.
+  hr
+  p.
+    You may also wish to review our #[router-link(:to="{ name: 'PrivacyPolicy' }") privacy policy] to learn how we
+    handle your data.
+</template>

src/app/src/router/index.js

@@ -6,6 +6,8 @@ import AnsweredDetail from '@/components/AnsweredDetail'
 import Home from '@/components/Home'
 import Journal from '@/components/Journal'
 import LogOn from '@/components/user/LogOn'
+import PrivacyPolicy from '@/components/legal/PrivacyPolicy'
+import TermsOfService from '@/components/legal/TermsOfService'
 
 Vue.use(Router)
 
@@ -33,6 +35,16 @@ export default new Router({
       name: 'Journal',
       component: Journal
     },
+    {
+      path: '/legal/privacy-policy',
+      name: 'PrivacyPolicy',
+      component: PrivacyPolicy
+    },
+    {
+      path: '/legal/terms-of-service',
+      name: 'TermsOfService',
+      component: TermsOfService
+    },
     {
       path: '/user/log-on',
       name: 'LogOn',