Privacy/Operations PII: Difference between revisions
(Created page with "This policy applies to personal identity information shared inside the Nasqueron Operations SIG, shortened to "ops PII". Nasqueron members in the Operations SIG can share their personal identity information with other members of the SIG. By doing so, they agree this data is treated according to this policy. This private policy describes the policies and procedures on the collection, use and disclosure of the information. ''Last updated: 2002-03-04.'' === Type of data...") |
No edit summary |
||
| Line 5: | Line 5: | ||
This private policy describes the policies and procedures on the collection, use and disclosure of the information. | This private policy describes the policies and procedures on the collection, use and disclosure of the information. | ||
''Last updated: | ''Last updated: 2022-03-04.'' | ||
=== Type of data collected === | === Type of data collected === | ||
Latest revision as of 12:27, 4 March 2022
This policy applies to personal identity information shared inside the Nasqueron Operations SIG, shortened to "ops PII".
Nasqueron members in the Operations SIG can share their personal identity information with other members of the SIG. By doing so, they agree this data is treated according to this policy.
This private policy describes the policies and procedures on the collection, use and disclosure of the information.
Last updated: 2022-03-04.
Type of data collected
Personally identifiable information may include, but is not limited to:
- IP addresses
- E-mail addresses
- Phone number
Use of data
The ops PII can be provisioned to servers for the following purposes:
- allow to restrict resources to operations SIG members, for example by creating ACL based on their IP addresses;
- organize monitoring and notifications workflows, for example by allowing an incident to be communicated by message or phone call to their phone numbers ("paging duty");
- allow to document an emergency contact or a point of contact to third-party services requiring one
The ops PII can be accessed by other members of the Nasqueron Operations SIG for the following purposes:
- for auditing purpose, for example to check the information deployed to the server is correct and secure;
- to contact a fellow SIG member, for a purpose related to the SIG mission, for example to get help to resolve a server incident.
- members in the Operations SIG explicitly accept the data to be stored in plain text on the servers
The ops PII can be used for any other purpose with the person consent.
Retention
Ops PII will be used for as long as is necessary for the purposes set out in this policy.
Data can be retained for longer time periods for technical reasons, when there is a legal obligations to do so, for auditing purpose or to resolve disputes.
Transfer
The Ops PII is processed only on Nasqueron infrastructure.
A copy of this information, in encrypted form, may be stored to a third-party hosting service for backup and disaster recovery purpose.
Disclosure
Under certain circumstances, Nasqueron may be required to disclose Ops PII if required to do so by law or in response to valid requests by public authorities, for e.g. a court.
Nasqueron may disclose Ops PII in the good faith belief that such action is necessary to:
- comply with a legal obligation
- protect and defend the rights or property of the project
- prevent or investigate possible wrongdoing in connection with the service
- protect the personal safety of users of the service or the public
- protect against legal liability
Changes to privacy policy
This policy may be updated from time to time. Notifications of updates take the form of posting the new privacy policy on this page. It's possible to follow this page to be alerted of such actions.
The last updated date at the top of this policy shows the date a version enters in application.
