I've got a few questions about privacy policies.

With all the different modules and such, its difficult to keep track of where cookies are, what they're used for etc. As the site owner, I have no intention of selling member info, etc, so I know what's in my control. I dont know what's not in my control.

Is there a module of sorts that examines my confugration, and produces a general guideline of what's 'private' and what's not?

...that's pretty close to "Drupal wont be complete until it does your laundry...." but its worth asking.

Does anyone have any other suggestions for creating privacy policies?

Thanks,
Kelly

Comments

GEMwriter’s picture

In three years, no one has been able to answer Kelly's question? I must be only the second site owner in 3 years who needs to know what to say in a privacy policy. Kelly makes the excellent point that we can write about things under our control, but if we don't know what Drupal does with cookies, how do we write an accurate privacy policy for our site, saying what we collect, where we store it and what we do with it?

I could make something up and it would be really fun until I got cast into some dungeon for lying.

Can anyone help me stay honest?

Here is the most complete answer I have been able to find so far:
http://drupal.org/node/455588#comment-1700030
Does this suffice?

Thanks to all,

Kay

ayesh’s picture

Yes, the module idea is really great (I think best suits to Drupal Tweaks or Devel module).

To check cookies, you can fully use the site and filter cookies from that domain using Firefox.

As I can remember, following modules play with cookies.
- user management php session cookies.
- core comment
- Google Analytics
- web form
- dhtml menu

ayesh’s picture

Yes, the module idea is really great (I think best suits to Drupal Tweaks or Devel module).

To check cookies, you can fully use the site and filter cookies from that domain using Firefox.

As I can remember, following modules play with cookies.
- user management php session cookies.
- core comment
- Google Analytics
- web form
- dhtml menu

Ela’s picture

subscribing for updates :)

rj’s picture

The privacy policy on my websites (all Drupal) state that cookies are used, but doesn't go into the specifics of what modules use cookies; that's overkill for a privacy statement. There's also something in there about not collecting personally identifiable data unless it's provided by the user (ie. through submitting a webform). And I know in one of the legal forms I use there's something about not renting out/selling data, maybe the privacy policy or terms of service or ???, but I'm too lazy to check.

I think the main point I want to make is that your legal forms should be technology agnostic.

--rj