update privacy policy for reduced log retention

Network services keep logs for at most 4 days, not 10. Certain services
have persistent access logs disabled (DNS and NTP).
This commit is contained in:
Daniel Micay 2024-04-21 21:14:43 -04:00
parent 9f02862f88
commit 3fa5ea9966

View File

@ -1179,10 +1179,10 @@
<h3><a href="#privacy-policy">What is the privacy policy for GrapheneOS services?</a></h3>
<p>GrapheneOS services follow the <a href="https://www.eff.org/dnt-policy">EFF's
privacy-friendly Do Not Track (DNT) policy</a> for all users of our publicly available
services, not just those opting out of tracking via Do Not Track. Our policy is the
same with "DNT User" redefined as "user" to cover any user. This serves as a standard
privacy policy across all of our public services:</p>
privacy-friendly Do Not Track (DNT) policy</a> for all users of our publicly
available services, not just those opting out of tracking via Do Not Track. Our
policy is the same with "DNT User" redefined as "user" to cover any user. This
serves as a standard privacy policy across all of our public services:</p>
<ul>
<li>attestation.app</li>
@ -1206,17 +1206,18 @@
<li>dl.vanadium.app</li>
</ul>
<p>Our implementation of the policy primarily consists of making sure our servers only
retain logs for 10 days. In practice, we follow much stricter privacy guidelines
than the rules laid out in the EFF policy. However, we don't want to define our own
complex, ad-hoc privacy policy rather than reusing a sensible one with serious thought
put into it by experts.</p>
<p>Our implementation of the policy primarily consists of making sure our
servers only retain logs for at most 10 days with a lower limit or no persistent
logs for certain services. In practice, we follow much stricter privacy
guidelines than the rules laid out in the EFF policy. However, we don't want to
define our own complex, ad-hoc privacy policy rather than reusing a sensible one
with serious thought put into it by experts.</p>
<p>Our mail server (mail.grapheneos.org), Matrix server
(matrix.grapheneos.org), Element instance (element.grapheneos.org) and
Mastodon server (grapheneos.social) only provide accounts for GrapheneOS
project members so most functionality is outside the scope of what's relevant
to a public privacy policy.</p>
<p>Our mail server (mail.grapheneos.org), Matrix server (matrix.grapheneos.org),
Element instance (element.grapheneos.org) and Mastodon server
(grapheneos.social) only provide accounts for GrapheneOS project members so most
functionality is outside the scope of what's relevant to a public privacy
policy.</p>
</article>
<article id="default-dns">