Talk:Privacy/Mail

From Nasqueron Agora

How to avoid to communicate IP addresses with Snappymail

I've created T2090 to suggest to write our own plugin encrypting the IP with a monthly rotating key we only keep during some months, for example 12 months.

Once done, policy can be updated like this:

"When using Snappymail to send an email (not to read them), this message includes a X-Encrypted-Originating-IP header with an arbitrary identifier allowing us to determine the sender's IP address during at most 12 months. The HTTP client address, typically the browser's IP address, is used as the source value."

The Privacy/Records of processing activities section should also contain:

"The keys allowing to encrypt and decrypt the X-Encrypted-Originating-IP header are stored to Vault, with a rotation every month. We only keep the keys for 12 months; afterwards, the old key is destroyed. A copy of the current key is stored for at most one month on the server hosting Snappymail; the older keys aren't kept on that server."

That should correctly describe how we manage that PII. --Dereckson (talk) 22:55, 20 November 2024 (UTC)