update privacy policy for reduced log retention

Network services keep logs for at most 4 days, not 10. Certain services have persistent access logs disabled (DNS and NTP).
2024-04-21 21:14:43 -04:00 · 2024-04-21 21:14:43 -04:00 · 3fa5ea9966
commit 3fa5ea9966
parent 9f02862f88
1 changed files with 15 additions and 14 deletions
--- a/static/faq.html
+++ b/static/faq.html
@ -1179,10 +1179,10 @@
                    <h3><a href="#privacy-policy">What is the privacy policy for GrapheneOS services?</a></h3>
                    <p>GrapheneOS services follow the <a href="https://www.eff.org/dnt-policy">EFF's
-                    privacy-friendly Do Not Track (DNT) policy</a> for all users of our publicly available
+                    privacy-friendly Do Not Track (DNT) policy</a> for all users of our publicly
-                    services, not just those opting out of tracking via Do Not Track. Our policy is the
+                    available services, not just those opting out of tracking via Do Not Track. Our
-                    same with "DNT User" redefined as "user" to cover any user. This serves as a standard
+                    policy is the same with "DNT User" redefined as "user" to cover any user. This
-                    privacy policy across all of our public services:</p>
+                    serves as a standard privacy policy across all of our public services:</p>
                    <ul>
                        <li>attestation.app</li>
@ -1206,17 +1206,18 @@
                        <li>dl.vanadium.app</li>
                    </ul>
-                    <p>Our implementation of the policy primarily consists of making sure our servers only
+                    <p>Our implementation of the policy primarily consists of making sure our
-                    retain logs for 10 days. In practice, we follow much stricter privacy guidelines
+                    servers only retain logs for at most 10 days with a lower limit or no persistent
-                    than the rules laid out in the EFF policy. However, we don't want to define our own
+                    logs for certain services. In practice, we follow much stricter privacy
-                    complex, ad-hoc privacy policy rather than reusing a sensible one with serious thought
+                    guidelines than the rules laid out in the EFF policy. However, we don't want to
-                    put into it by experts.</p>
+                    define our own complex, ad-hoc privacy policy rather than reusing a sensible one
                    with serious thought put into it by experts.</p>
-                    <p>Our mail server (mail.grapheneos.org), Matrix server
+                    <p>Our mail server (mail.grapheneos.org), Matrix server (matrix.grapheneos.org),
-                    (matrix.grapheneos.org), Element instance (element.grapheneos.org) and
+                    Element instance (element.grapheneos.org) and Mastodon server
-                    Mastodon server (grapheneos.social) only provide accounts for GrapheneOS
+                    (grapheneos.social) only provide accounts for GrapheneOS project members so most
-                    project members so most functionality is outside the scope of what's relevant
+                    functionality is outside the scope of what's relevant to a public privacy
-                    to a public privacy policy.</p>
+                    policy.</p>
                </article>
                <article id="default-dns">