From c92bf7f7bccce16b889c3ee504a485bc12030378 Mon Sep 17 00:00:00 2001 From: teddit Date: Sun, 29 Nov 2020 12:17:23 +0100 Subject: [PATCH] add privacy policy --- routes.js | 4 ++++ views/about.pug | 2 ++ views/privacypolicy.pug | 31 +++++++++++++++++++++++++++++++ 3 files changed, 37 insertions(+) create mode 100644 views/privacypolicy.pug diff --git a/routes.js b/routes.js index c0a2ca2..202bb5d 100644 --- a/routes.js +++ b/routes.js @@ -94,6 +94,10 @@ module.exports = (app, redis, fetch, RedditAPI) => { res.clearCookie('theme') return res.redirect('/preferences') }) + + app.get('/privacy', (req, res, next) => { + return res.render('privacypolicy', { user_preferences: req.cookies }) + }) app.get('/search', (req, res, next) => { let q = req.query.q diff --git a/views/about.pug b/views/about.pug index b1ade7a..b9ddbc2 100644 --- a/views/about.pug +++ b/views/about.pug @@ -14,6 +14,8 @@ html li All requests go through the backend, client never talks to Reddit li Prevents Reddit from tracking your IP or JavaScript fingerprint li Lightweight (teddit frontpage: ~30 HTTP requests with ~270 KB of data downloaded vs. Reddit frontpage: ~190 HTTP requests with ~24 MB) + br + a(href="/privacy") Privacy policy h2 Donating p(class="word-break") XMR: 832ogRwuoSs2JGYg7wJTqshidK7dErgNdfpenQ9dzMghNXQTJRby1xGbqC3gW3GAifRM9E84J91VdMZRjoSJ32nkAZnaCEj p BTC: bc1qlcrmt2pvlh4eq69l3l4h6z5jg74z2m2q3pasan diff --git a/views/privacypolicy.pug b/views/privacypolicy.pug new file mode 100644 index 0000000..f1a373c --- /dev/null +++ b/views/privacypolicy.pug @@ -0,0 +1,31 @@ +doctype html +html + head + title privacy policy - teddit + include includes/head.pug + body + include includes/topbar.pug + .container + .content + h1 Privacy policy + p This document concerns what data you provide to this website, the purpose of the data, how the data is stored, and how the data can be removed. + h2 Data you directly provide + p None. + h2 Data you passively provide + p By default teddit logs fetched subreddit or post URL for debugging reasons. + p No identifying information is logged, such as the visitor's cookie, timestamp, user-agent, or IP address. Here are a couple lines to serve as an example how the debug log looks like: + code + | Got frontpage key from redis. + br + | Fetched the JSON from reddit.com/r/privacytoolsIO. + br + | Got frontpage key from redis. + br + | Fetched the JSON from reddit.com/r/OTMemes/comments/k311hu/we_all_know_sequels_refers_to_the_sequel_trilogy/. + br + | Got frontpage key from redis. + br + | Fetched the JSON from reddit.com/r/aww/comments/k31ddb/a_lot_of_request_to_see_the_dry_cat_here_she_is/. + h2 Data stored in your browser + p This website provides an option to store site preferences, such as the theme without an account. Using this feature will store a cookie in the visitor's browser containing their preferences. This cookie is sent on every request and does not contain any identifying information. + p You can remove this data from your browser by using your browser's cookie-related controls to delete the data.