GDPR update; version bump

- added Terms of Service and Privacy Policy
- updated deps
- fixed vue-bootstrap warning
This commit is contained in:
Daniel J. Summers 2018-05-19 23:22:44 -05:00
parent 943492f175
commit a429a2d6c9
9 changed files with 615 additions and 568 deletions

View File

@ -1,7 +1,7 @@
{ {
"name": "my-prayer-journal-api", "name": "my-prayer-journal-api",
"private": true, "private": true,
"version": "0.9.2", "version": "0.9.3",
"description": "Server API for myPrayerJournal", "description": "Server API for myPrayerJournal",
"main": "index.js", "main": "index.js",
"author": "Daniel J. Summers <daniel@bitbadger.solutions>", "author": "Daniel J. Summers <daniel@bitbadger.solutions>",

View File

@ -1,6 +1,6 @@
{ {
"name": "my-prayer-journal", "name": "my-prayer-journal",
"version": "0.9.2", "version": "0.9.3",
"description": "myPrayerJournal - Front End", "description": "myPrayerJournal - Front End",
"author": "Daniel J. Summers <daniel@bitbadger.solutions>", "author": "Daniel J. Summers <daniel@bitbadger.solutions>",
"private": true, "private": true,

View File

@ -10,6 +10,8 @@
| myPrayerJournal v{{ version }} | myPrayerJournal v{{ version }}
br br
em: small. em: small.
#[router-link(:to="{ name: 'PrivacyPolicy' }") Privacy Policy] &bull;
#[router-link(:to="{ name: 'TermsOfService' }") Terms of Service] &bull;
#[a(href='https://github.com/danieljsummers/myprayerjournal') Developed] and hosted by #[a(href='https://github.com/danieljsummers/myprayerjournal') Developed] and hosted by
#[a(href='https://bitbadger.solutions') Bit Badger Solutions] #[a(href='https://bitbadger.solutions') Bit Badger Solutions]
</template> </template>

View File

@ -9,8 +9,8 @@ article
individuals to review their answered prayers. individuals to review their answered prayers.
p. p.
This site is currently in beta, but it is open and available to the general public. To get started, simply click This site is currently in beta, but it is open and available to the general public. To get started, simply click
the "Log On" link above, and log on with either a Microsoft or Google account. You can also learn more about the the &ldquo;Log On&rdquo; link above, and log on with either a Microsoft or Google account. You can also learn more
site at the "Docs" link, also above. about the site at the &ldquo;Docs&rdquo; link, also above.
</template> </template>
<script> <script>

View File

@ -9,7 +9,7 @@ b-navbar(toggleable='sm'
span(style='font-weight:600;') Prayer span(style='font-weight:600;') Prayer
span(style='font-weight:700;') Journal span(style='font-weight:700;') Journal
b-collapse#nav_collapse(is-nav) b-collapse#nav_collapse(is-nav)
b-nav(is-nav-bar) b-navbar-nav
b-nav-item(v-if='isAuthenticated' b-nav-item(v-if='isAuthenticated'
to='/journal') Journal to='/journal') Journal
b-nav-item(v-if='isAuthenticated' b-nav-item(v-if='isAuthenticated'

View File

@ -0,0 +1,54 @@
<template lang="pug">
article
page-title(title='Privacy Policy')
p: small: em (as of May 21, 2018)
p.
The nature of the service is one where privacy is a must. The items below will help you understand the data we
collect, access, and store on your behalf as you use this service.
hr
h3 Third Party Services
p.
myPrayerJournal utilizes a third-party authentication and identity provider. You should familiarize yourself with
the privacy policy for #[a(href='https://auth0.com/privacy' target='_blank') Auth0], as well as your chosen provider
(#[a(href='https://privacy.microsoft.com/en-us/privacystatement' target='_blank') Microsoft] or
#[a(href='https://policies.google.com/privacy' target='_blank') Google]).
hr
h3 What We Collect
h4 Identifying Data
ul
li.
The only identifying data myPrayerJournal stores is the subscriber (&ldquo;sub&rdquo;) field from the token we
receive from Auth0, once you have signed in through their hosted service. All information is associated with you
via this field.
li.
While you are signed in, within your browser, the service has access to your first and last names, along with a
URL to the profile picture (provided by your selected identity provider). This information is not transmitted to
the server, and is removed when &ldquo;Log Off&rdquo; is clicked.
h4 User Provided Data
ul
li.
myPrayerJournal stores the information you provide, including the text of prayer requests, updates, and notes;
and the date/time when certain actions are taken.
hr
h3 How Your Data Is Accessed / Secured
ul
li.
Your provided data is returned to you, as required, to display your journal or your answered requests.
On the server, it is stored in a controlled-access database.
li.
Your data is backed up, along with other Bit Badger Solutions hosted systems, in a rolling manner; backups are
preserved for the prior 7 days, and backups from the 1st and 15th are preserved for 3 months. These backups are
stored in a private cloud data repository.
li.
The data collected and stored is the absolute minimum necessary for the functionality of the service. There are
no plans to &ldquo;monetize&rdquo; this service, and storing the minimum amount of information means that the
data we have is not interesting to purchasers (or those who may have more nefarious purposes).
li Access to servers and backups is strictly controlled and monitored for unauthorized access attempts.
hr
h3 Removing Your Data
p.
At any time, you may choose to discontinue using this service. Both Microsoft and Google provide ways to revoke
access from this application. However, if you want your data removed from the database, please contact daniel at
bitbadger.solutions (via e-mail, replacing at with @) prior to doing so, to ensure we can determine which
subscriber ID belongs to you.
</template>

View File

@ -0,0 +1,35 @@
<template lang="pug">
article
page-title(title='Terms of Service')
p: small: em (as of May 21, 2018)
h3 1. Acceptance of Terms
p.
By accessing this web site, you are agreeing to be bound by these Terms and Conditions, and that you are
responsible to ensure that your use of this site complies with all applicable laws. Your continued use of this
site implies your acceptance of these terms.
h3 2. Description of Service and Registration
p.
myPrayerJournal is a service that allows individuals to enter and amend their prayer requests. It requires no
registration by itself, but access is granted based on a successful login with an external identity provider. See
#[router-link(:to="{ name: 'PrivacyPolicy' }") our privacy policy] for details on how that information is accessed
and stored.
h3 3. Third Party Services
p.
This service utilizes a third-party service provider for identity management. Review the terms of service for
#[a(href='https://auth0.com/terms' target='_blank') Auth0], as well as those for the selected authorization
provider (#[a(href='https://www.microsoft.com/en-us/servicesagreement' target='_blank') Microsoft] or
#[a(href='https://policies.google.com/terms' target='_blank') Google]).
h3 4. Liability
p.
This service is provided "as is", and no warranty (express or implied) exists. The service and its developers may
not be held liable for any damages that may arise through the use of this service.
h3 5. Updates to Terms
p.
These terms and conditions may be updated at any time, and this service does not have the capability to notify
users when these change. The date at the top of the page will be updated when any of the text of these terms is
updated.
hr
p.
You may also wish to review our #[router-link(:to="{ name: 'PrivacyPolicy' }") privacy policy] to learn how we
handle your data.
</template>

View File

@ -6,6 +6,8 @@ import AnsweredDetail from '@/components/AnsweredDetail'
import Home from '@/components/Home' import Home from '@/components/Home'
import Journal from '@/components/Journal' import Journal from '@/components/Journal'
import LogOn from '@/components/user/LogOn' import LogOn from '@/components/user/LogOn'
import PrivacyPolicy from '@/components/legal/PrivacyPolicy'
import TermsOfService from '@/components/legal/TermsOfService'
Vue.use(Router) Vue.use(Router)
@ -33,6 +35,16 @@ export default new Router({
name: 'Journal', name: 'Journal',
component: Journal component: Journal
}, },
{
path: '/legal/privacy-policy',
name: 'PrivacyPolicy',
component: PrivacyPolicy
},
{
path: '/legal/terms-of-service',
name: 'TermsOfService',
component: TermsOfService
},
{ {
path: '/user/log-on', path: '/user/log-on',
name: 'LogOn', name: 'LogOn',

File diff suppressed because it is too large Load Diff