{ "info": { "author": "Matthew Wilkes", "author_email": "matt@matthewwilkes.name", "bugtrack_url": null, "classifiers": [ "Environment :: Web Environment", "Framework :: Plone", "Framework :: Plone :: 5.0", "Framework :: Plone :: 5.1", "License :: OSI Approved :: GNU General Public License v2 (GPLv2)", "Operating System :: OS Independent", "Programming Language :: Python", "Programming Language :: Python :: 2.7" ], "description": ".. This README is meant for consumption by humans and pypi. Pypi can render rst files so please do not use Sphinx features.\n If you want to learn more about writing documentation, please check out: http://docs.plone.org/about/documentation_styleguide.html\n This text does not appear on pypi or github. It is a comment.\n\n==================\ncollective.privacy\n==================\n\nThis Plone add-on adds concepts from the EU's General Data Protection Regulations\nto Plone configuration, which makes it easier to create Plone sites that respect\nthe privacy rights of indivuals.\n\nFeatures\n--------\n\n- ZCML based declaration of uses of data\n- User-facing privacy management form\n- Integration with core Plone features\n\nCore Plone\n----------\n\nThe following core Plone overrides are included:\n\n* The sendto_form now validates a to email address against people who have opted-out. The legal basis\n chosen by default here is legitimate_interest.\n* The analytics viewlet also relies on legitimate interest, on the basis that it assumes the tracking\n is unobtrusive and that this will be allowed by the upcoming changes to the ePrivacy regulations. If\n the tracking is obtrusive or the site owner doesn't want to make this assumption it should be overridden\n to use consent.\n\nExamples\n--------\n\nUsers can define a new data processing reason as configuration. For example, an add-on that\nprovides for embedding media might cause users to be tracked. The ZCML would be modified to include::\n\n\n \n \n \n\nThis would add a new item to the privacy controls that relies on consent to proccess data. This means that by\ndefault the permission is denied until an end user gives permission.\n\nYou can then guard your uses of the data, for example:\n\n
\n ...\n
\n\n\nLegal basis\n-----------\n\nGDPR provides for six legal bases for processing, all of which are supported by collective.privacy.\n\nThey are:\n\nconsent\n*******\n\nSee: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/consent/\n\nProcessing is disallowed by default, users can opt-in. There are rules as to what makes consent valid, which must be followed.\n\ncontract\n********\n\nSee: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/contract/\n\nProcessing is allowed and users cannot object.\n\n\nlegal_obligation\n****************\n\nSee: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/legal-obligation/\n\nProcessing is allowed and users cannot object.\n\nvital_interest\n****************\n\nSee: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/vital-interests/\n\nProcessing is allowed and users cannot object.\n\npublic_task\n***********\n\nSee: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/public-task/\n\nProcessing is allowed by default, but users may object. This is only suitable for certain specific types of processing.\n\nlegitimate_interest\n*******************\n\nSee: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/legitimate-interests/\n\nProcessing is allowed by default, but users may object.\n\n\nIdentifiers\n-----------\n\nIt is necessary to tell one user from another when managing their preferences. In some cases different\nidentifiers are more useful than others. For example, when sending email we want to key users on the\nemail address, but using cookies should be managed by the browser, regardless of the user's logged in state.\n\nThe way of choosing which is used is called a identifier. The following are available:\n\ncollective.privacy.identifiers.CookieIdentifier\n***********************************************\n\nThis identifier should be used in cases where the storage is cookie based. It allows the current user\nto be identifier, but not other arbitrary users.\n\ncollective.privacy.identifiers.EmailIdentifier\n**********************************************\n\nThis identifier should be used when the user needs to be identified by email address. It can optionally\nuse the email address of a logged in user to identify the current request, but in general it cannot\nidentify the current user.\n\nThe identifier is a UUID derived from the email address using a one-way function, not the email itself.\n\ncollective.privacy.identifiers.IPIdentifier\n*******************************************\n\nThis identifier should be used to identify a connection. It can be used to identify the current user or\nother arbitrary users. It is less reliable than the CookieIdentifier as users IP addresses can change.\n\nThe identifier is a UUID derived from the IP address using a one-way function, not the IP itself.\n\ncollective.privacy.identifiers.UserIdentifier\n*********************************************\n\nThis identifier can only be used to identify logged-in users. It can identify any users who are registered\non the site, but not anonymous visitors. As such, it's appropriate for data processing that only occurs\nfor registered users.\n\nThe identifier is a UUID derived from the user name using a one-way function, not the username itself.\n\nStorages\n--------\n\nThe storage determines how the user's preferences are persisted. There are three storages available::\n\ncollective.privacy.storage.CookieStorage\n****************************************\n\nThis storage uses a cookie called 'dataprotection' on the user's browser. Consent is not required\nto set this cookie as it is set to comply with legal obligations and cannot be used to track the user.\n\ncollective.privacy.storage.DatabaseStorage\n******************************************\n\nThis storage uses BTrees inside the portal_privacy tool to store the time the user consented or objected.\nIt is currently the only storage that allows for the preferences of users to be queried outside of a request\nthey have initiated.\n\ncollective.privacy.storage.NoChoiceStorage\n******************************************\n\nThis is a stub storage to be used with legal bases such as vital_interest where the user has no option\nto object to processing.\n\n\nInstallation\n------------\n\nInstall collective.privacy by adding it to your buildout::\n\n [buildout]\n\n ...\n\n eggs =\n collective.privacy\n\n\nand then running ``bin/buildout``\n\n\nThanks\n------\n\nThanks to Jazkarta ( http://jazkarta.com/ ) and YES! Magazine ( http://www.yesmagazine.org/ ) for\neach sponsoring some of the development costs of this add-on.\n\nThe irony that these are both US companies is not lost on us.\n\nContribute\n----------\n\n- Issue Tracker: https://github.com/collective/collective.privacy/issues\n- Source Code: https://github.com/collective/collective.privacy\n- Documentation: https://docs.plone.org/foo/bar\n\n\nSupport\n-------\n\nIf you are having issues, please let us know.\n\nLicense\n-------\n\nThe project is licensed under the GPLv2.\n\nN.B., the GPL states:\n\n THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES\n PROVIDE THE PROGRAM \"AS IS\" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED\n OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF\n MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS\n TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE\n PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,\n REPAIR OR CORRECTION.\n\nThis add-on has not received any contributors from lawyers and should not be\ninterpreted as legal advice.\n\nContributors\n============\n\n- Matthew Wilkes, matt@matthewwilkes.name\n\n\nChangelog\n=========\n\n\n1.0a1 (unreleased)\n------------------\n\n- Initial release.\n [MatthewWilkes]\n", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://pypi.python.org/pypi/collective.privacy", "keywords": "Python Plone", "license": "GPL version 2", "maintainer": "", "maintainer_email": "", "name": "collective.privacy", "package_url": "https://pypi.org/project/collective.privacy/", "platform": "", "project_url": "https://pypi.org/project/collective.privacy/", "project_urls": { "Homepage": "https://pypi.python.org/pypi/collective.privacy" }, "release_url": "https://pypi.org/project/collective.privacy/1.0a1/", "requires_dist": null, "requires_python": "", "summary": "An add-on for Plone that provides functionality for better complying with the EU's General Data Protection Regulations and ePrivacy Regulations", "version": "1.0a1" }, "last_serial": 4206431, "releases": { "1.0a1": [ { "comment_text": "", "digests": { "md5": "8cb3fed74dce11e533f6079dfc73ebfb", "sha256": "685b7871d4f968f42d5f72497a86c891fed2adbc0843098be27e1e990e33aaf2" }, "downloads": -1, "filename": "collective.privacy-1.0a1-py2-none-any.whl", "has_sig": false, "md5_digest": "8cb3fed74dce11e533f6079dfc73ebfb", "packagetype": "bdist_wheel", "python_version": "2.7", "requires_python": null, "size": 36880, "upload_time": "2018-07-01T20:15:25", "url": "https://files.pythonhosted.org/packages/6a/2b/6b05b0fd97ae6d9e651b5efdf87ff4799d6948f0a288a3582673efb2c388/collective.privacy-1.0a1-py2-none-any.whl" }, { "comment_text": "", "digests": { "md5": "d3e495ac44288e797598dd67f53c6017", "sha256": "cea3ec371fd6e0845517e4993329d42209e34e88a643e70e41a7244163e3e0e1" }, "downloads": -1, "filename": "collective.privacy-1.0a1.tar.gz", "has_sig": false, "md5_digest": "d3e495ac44288e797598dd67f53c6017", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 24226, "upload_time": "2018-08-25T12:20:16", "url": "https://files.pythonhosted.org/packages/82/69/4abaf8d862b66c09927765b9d842512360fe87d57f08355901c5d165565b/collective.privacy-1.0a1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "8cb3fed74dce11e533f6079dfc73ebfb", "sha256": "685b7871d4f968f42d5f72497a86c891fed2adbc0843098be27e1e990e33aaf2" }, "downloads": -1, "filename": "collective.privacy-1.0a1-py2-none-any.whl", "has_sig": false, "md5_digest": "8cb3fed74dce11e533f6079dfc73ebfb", "packagetype": "bdist_wheel", "python_version": "2.7", "requires_python": null, "size": 36880, "upload_time": "2018-07-01T20:15:25", "url": "https://files.pythonhosted.org/packages/6a/2b/6b05b0fd97ae6d9e651b5efdf87ff4799d6948f0a288a3582673efb2c388/collective.privacy-1.0a1-py2-none-any.whl" }, { "comment_text": "", "digests": { "md5": "d3e495ac44288e797598dd67f53c6017", "sha256": "cea3ec371fd6e0845517e4993329d42209e34e88a643e70e41a7244163e3e0e1" }, "downloads": -1, "filename": "collective.privacy-1.0a1.tar.gz", "has_sig": false, "md5_digest": "d3e495ac44288e797598dd67f53c6017", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 24226, "upload_time": "2018-08-25T12:20:16", "url": "https://files.pythonhosted.org/packages/82/69/4abaf8d862b66c09927765b9d842512360fe87d57f08355901c5d165565b/collective.privacy-1.0a1.tar.gz" } ] }