I was thinking of making a simple webapp with a form, but I'm worried about various worldwide privacy laws and whatnot. Like, my personal servers record visitor IPs for security, and anyone could navigate to one. I don't have a privacy policy for that, but I assume I'm safe there. But a whole ass public website?

So I was looking at small sites and I notice a lot of them don't have a ToS or a privacy policy, and I couldn't find one here. So... Do we have these? If not, are there any legal concerns there?

Comments

joeheadjoe wrote on May 17, 2020 at 4:50 PM

I write down everybodies posts when no one is looking and then i sell them to Larry down by the docks for $4 a post

devtesla wrote on May 16, 2020 at 5:11 PM

We don't have one but raddle has one linked here that might be useful.

twovests OP wrote on May 16, 2020 at 8:05 PM

Oh nice, the signed and recently updated warrant canary was pretty cool too.

(Granted, I didn't check if the signature matches)

hollyhoppet wrote on May 17, 2020 at 3:35 PM (edited on May 17, 2020 at 3:36 PM)

i figured we were too small-time, nor are we a corporate entity, to need one. Nor do we use any data collected on this site for anything other than displaying your posts.

You're not legally required to have a TOS or privacy policy either. In fact, much of the time these are used by corporations to do crummy things like sell data to other companies without being held legally liable. I don't even want to touch the database except for debugging purposes if I can get away with it.

twovests OP wrote on May 17, 2020 at 6:06 PM

But aren't there like, legal requirements jstpst has to meet? Like GDPR and stuff like that?

I don't suspect y'all of anything crummy, but if it's not a concern for us and if we've been running with dozens (hundreds?) of users for so long, I guess I'll be fine too.

hollyhoppet wrote on May 18, 2020 at 5:20 PM (edited on May 18, 2020 at 5:32 PM)

i'll look into it, we don't participate in any economic activity and we don't monitor our users' activity. iirc those are the requirements to fall under its scope. also last i checked the database we haven't broken a hundred users.

if we really want to get down to it i'm probably legally the owner so in the unlikely event that something does happen, the eu will be fining a private citizen outside the eu with a negative net worth so it's not like they'll get anything out of it :P