update privacy policy for reduced log retention

Network services keep logs for at most 4 days, not 10. Certain services have persistent access logs disabled (DNS and NTP).
2024-04-21 21:14:43 -04:00 · 2024-04-21 21:14:43 -04:00 · 3fa5ea9966
commit 3fa5ea9966
parent 9f02862f88
1 changed files with 15 additions and 14 deletions
--- a/static/faq.html
+++ b/static/faq.html
@ -1179,10 +1179,10 @@
                    <h3><a href="#privacy-policy">What is the privacy policy for GrapheneOS services?</a></h3>

                    <p>GrapheneOS services follow the <a href="https://www.eff.org/dnt-policy">EFF's
-                    privacy-friendly Do Not Track (DNT) policy</a> for all users of our publicly available
-                    services, not just those opting out of tracking via Do Not Track. Our policy is the
-                    same with "DNT User" redefined as "user" to cover any user. This serves as a standard
-                    privacy policy across all of our public services:</p>
+                    privacy-friendly Do Not Track (DNT) policy</a> for all users of our publicly
+                    available services, not just those opting out of tracking via Do Not Track. Our
+                    policy is the same with "DNT User" redefined as "user" to cover any user. This
+                    serves as a standard privacy policy across all of our public services:</p>

                    <ul>
                        <li>attestation.app</li>
@ -1206,17 +1206,18 @@
                        <li>dl.vanadium.app</li>
                    </ul>

-                    <p>Our implementation of the policy primarily consists of making sure our servers only
-                    retain logs for 10 days. In practice, we follow much stricter privacy guidelines
-                    than the rules laid out in the EFF policy. However, we don't want to define our own
-                    complex, ad-hoc privacy policy rather than reusing a sensible one with serious thought
-                    put into it by experts.</p>
+                    <p>Our implementation of the policy primarily consists of making sure our
+                    servers only retain logs for at most 10 days with a lower limit or no persistent
+                    logs for certain services. In practice, we follow much stricter privacy
+                    guidelines than the rules laid out in the EFF policy. However, we don't want to
+                    define our own complex, ad-hoc privacy policy rather than reusing a sensible one
+                    with serious thought put into it by experts.</p>

-                    <p>Our mail server (mail.grapheneos.org), Matrix server
-                    (matrix.grapheneos.org), Element instance (element.grapheneos.org) and
-                    Mastodon server (grapheneos.social) only provide accounts for GrapheneOS
-                    project members so most functionality is outside the scope of what's relevant
-                    to a public privacy policy.</p>
+                    <p>Our mail server (mail.grapheneos.org), Matrix server (matrix.grapheneos.org),
+                    Element instance (element.grapheneos.org) and Mastodon server
+                    (grapheneos.social) only provide accounts for GrapheneOS project members so most
+                    functionality is outside the scope of what's relevant to a public privacy
+                    policy.</p>
                </article>

                <article id="default-dns">