capytal/capytal.cc
1
0
Fork 0
Code Issues Pull Requests Activity

feat: insert content to html template for privacy policy

Browse Source
This commit is contained in:
Guz
2025-04-11 16:24:42 -03:00
parent cda4705b4c
commit 64a7400dd8
1 changed files with 4 additions and 402 deletions
Download Patch File Download Diff File Expand all files Collapse all files

406
templates/privacy.html
View File

@@ -1,411 +1,13 @@
{{define "privacy-policy"}}
{{template "layout-page-start" (args "Title" "Privacy Policy")}}
{{template "layout-page-start" (args "Title" .Title)}}
<style>
</style>
<div class="flex flex-col h-full w-full justify-center pt-[20vh]">
<header class="mb-10 flex justify-center">
<img src="/assets/icon.svg" alt="Capytal Icon" class="w-10">
<h1 class="h-0 w-0 opacity-0">About</h1>
</header>
<main class="mx-10 md:text-justify md:mx-auto md:w-[80%]">
<h1>Privacy Policy</h1>
<p>
This privacy policy describes how Capytal ("capytal.cc", "we", "us", "Capytal.cc") may collect
personal information and to what degree when you use our websites and services ("Services"), such
as when you:
<ul class="list-disc m-5">
<li>Visit our website at <a href="https://capytal.cc">https://capytal.cc</a>;</li>
<li>Access our services under one of our domains:
"<a href="https://capytal.cc">capytal.cc</a>",
"<a href="https://capytal.company">capytal.company</a>",
and/or "<a href="https://lored.dev">lored.dev</a>";
</li>
<li>Access any website of ours that links to this privacy notice;</li>
<li>Use downloadable software provided by us;</li>
<li>Engage with us in other related ways, including any sales, marketing, or events.</li>
</ul>
<details open="true" class="bg-[#111] p-5 rounded-xl">
<summary class="font-bold">Too Long; Didn't Read (TL;DR)</summary>
<p>
<strong>Our services are developed by people who care about privacy and do not like to have their
personal and identifiable data tracked by analytics tools without their consent</strong>.
We try our best to keep our services in line with regulations such as
<abbr title="General Data Protection Regulation">GDPR</abbr>,
<abbr
title="General Personal Data Protection Law (Portuguese: Lei Geral de Proteção de Dados Pessoais)">
LGDP</abbr>, and <abbr title="California Consumer Privacy Act">CCPA</abbr>, while still providing
useful data to understand our users and their priorities. The only type of data collected by our
tracking scripts are:
</p>
<ul class="list-disc p-5">
<li>Pages that you visit;</li>
<li>Referrer URL;</li>
<li>Operating system, browser type and device (User-Agent header);</li>
<li>Preferred language (Accept-Language header);</li>
<li>Timezone-based location (this limits us to just know the country configured in your system);</li>
<li>Accessibility settings;</li>
<li>Additional metadata about the pages you visit;</li>
</ul>
<p>
<strong>We do not use cookies to track these informations</strong>, we cannot and do not want to
be able to associate an user to any of the said data. The data collected by us is mostly used
to understand things such as what operating system we must prioritize support, what accessibility
concerns we should take care of more, and what languages we should focus on supporting in our
services and websites.
</p>
<p>
<strong>We do not share any of this data to any third-party</strong>, any data provided to us
stay with us and it is used just between us and our first-party services. Any shared data
is due to integrations such as embedded or referred content (for example, YouTube embedded videos).
</p>
</details>
<h2>What we collect automatically by default</h2>
<p>
Capytal.cc by default do not collect any personally-identifiable information on our Services, IP addresses
may or may not appear on automatically-generated log files but these automatically-generated log files
are deleted after every 48 hours.
</p>
<p>
Your browser or system may or may not send additional information such as user-agents that we may
automatically collect to provide useful analytics to our developers and administrators.
</p>
<p>
We use a self-hosted and self-managed script and analytics tool
(<a href="https://medama.io" target="_blank" rel="noopener nofollow noreferrer">Medama</a>)
to provide us additional data on how you interact with our Services. <strong>All analytical
data by default is anonymised</strong>, accessed in bulk, and cannot be pointed to you
or any other specific user of our Services, regardless of if you are registered in one of our
Services or not. We <strong>DO NOT USE Cookies, IP addresses, and technologies like local storage,
session cookies, IP addresses hashing to collect additional data about you by default</strong>,
however, we may use said technologies to provide core functionality on our Services, such data
in most cases is by default not personally-identifiable or used to track you or specific users.
</p>
<p>
The following information is collected to provide us analytical data:
</p>
<dl class="m-5">
<dt class="font-bold" id="page-events">
Page Events
</dt>
<dd>
When you access or exits a page in one of our Services, we collect that information for
to our servers. Information collected includes but is not exhaustive to:
<ul class="list-disc m-5">
<li id="events-timestamps">
Timestamps of the event;
<li id="events-generated-id">
A randomly generated ID;
</li>
<li id="event-type">
Event type ("load" or "unload");
</li>
<li id="event-page-url">
Page URL;
</li>
<li id="event-referrer-url">
Referrer URL;
</li>
<li id="event-new-visitor">
Is you are a new visitor or not
<a href="#unique-visitors" class="italic opacity-50">
(See below how we track unique visitors);</a>
</li>
<li id="event-visited-before">
Has you visited the same page before
<a href="#unique-visitors" class="italic opacity-50">
(See below how we track unique visitors);</a>
</li>
<li id="event-timezone">
Timezone of your browser or system;
</li>
<li id="event-time-spent">
Time spent on a page in milliseconds;
</li>
<li id="event-metadata">
Additional metadata about events (such as if you are logged on the accessed Service
or not, what page theme you are using, clicked links or buttons such as for downloading
a file or contacting us).
</li>
</ul>
</dd>
<dt class="font-bold mt-5" id="http-headers">
HTTP Headers
</dt>
<dd>
Your browser sends us additional data used to better serve our Services. We collect some of
this data on our analytics tool: "Accept-Language" header used by your browser; "User-Agent"
header, which includes information about your browser type, device and operating system.
</dd>
<dt class="font-bold mt-5" id="location">
Location
</dt>
<dd>
<strong>We do not use IP addresses or IP geolocation to determine your location</strong>.
Instead, we determine your country based on
<a href="#event-timezone" class="italic">your browser's timezone</a>. Capytal cannot determine your
exact city or region, this is intentional to preserve end user privacy.
</dd>
<dt class="font-bold mt-5" id="accessibility-settings">
Accessibility Settings
</dt>
<dd>
Capytal may collect your browser's accessibility settings data to better understand the
needs of our users regarding accessibility concerns.
</dd>
</dl>
<h3 id="unique-visitors">How we determine unique visitors</h3>
<p>
<strong>We do not use IP addresses or Cookies to determine unique visitors by default.</strong>
To preserve privacy and not rely or personal identifiers, we use a browser cache-based approach
to track unique visitors of our Services. If you visit one of our Services websites, your
browser will cache our tracking script, and reuse it on future visits instead of requesting
to our services again. This allows us to differentiate between new and returning visitors, and
does not allows us to identify individual users.
</p>
<h2>What information you disclose to us we collect</h2>
<p>
Capytal just collects personally-identifiable information when you disclose it to us while
using our Services, such as when registering an account.
</p>
<p>
We do not collect personally-identifiable and analytical data in a matter that one can be
associated to another. All analytical data collected automatically as mentioned above, is
stored in a anonymised form and cannot be associated with a specific user or personally-identifiable
information.
</p>
<p>
When using our Services, the following personal information may be disclose to us:
</p>
<dl class="m-5">
<dt class="font-bold" id="personal-username">
Username
</dt>
<dd>
Your username is used to allow you to login to our Services;
</dd>
<dt class="font-bold mt-5" id="personal-password">
Password
</dt>
<dd>
We store a hashed password derivate from your password to allow you to login to our Services
secretly;
</dd>
<dt class="font-bold mt-5" id="personal-email">
Email
</dt>
<dd>
Your email is used to contact you and to register you on Services that do not use username.
We never share your email with any third-parties;
</dd>
<dt class="font-bold mt-5" id="personal-additional-data">
Service specific additional data
</dt>
<dd>
You may disclose to us additional data required to use one of our Services. This includes,
for example, but is not exhaustive to:
<ul class="list-disc m-5">
<li>Messages, posts and chats;</li>
<li>Images, videos, and other used-generated content;</li>
<li>
Technical information, such as log files or hardware specification, may be requested
in Services focused on bug tracking and report;
</li>
<li>Your public SSH keys, used on, for example,
<a href="https://forge.capytal.company" target="_blank">our Forge service</a>
to give you access to specific features of the Service;
</li>
<li>
IPs and other medatada. Your system, browser or application may or may not send
information in the form of IP addresses and other forms such as user-agents, this
information might be recorded on automatically-generated log files, these are deleted
every 48 hours, in addition to being private and not shared to any third-parties.
</li>
</ul>
</dd>
</dl>
<h3>What do we use your personal information for?</h3>
<div class="m-5">
<h4 class="font-bold">
Core functionality
</h4>
<p>
Some of our Services require personal information to work properly. In some cases,
you can substitute personal information for pseudonymous or valid false personal information
(such as non-working email addresses) if you do not want to disclose personal information.
Most Services on Capytal require some degree of personal information to provide core functionality.
</p>
<h4 class="font-bold mt-5">
Moderation and detect malicious activity
</h4>
<p>
Your personal information might be collected on automatically-generated log files to detect
possible malicious activity, to aid in moderation of other users, or to detect bots that
are improperly programmed.
</p>
<p>
Automatically-generated log files are deleted every 48, though we might choose to keep some
log files in some cases, such as in the case of an outage or attack on our infrastructure.
</p>
</div>
<h3>What measures we employ to protect you personal information?</h3>
<p>
Capytal employs a variety of security measures to protect personal information from being
breached by malicious actors. These measures include hashing, encryption, containerization
and other industry-standard measures.
</p>
<h3>Do we use cookies and other technologies?</h3>
<p>
Yes. Some of our Services may use cookies and similar technologies to store your preferences or
check if you are logged into an account. These cookies do not store any personally-identifiable
information in most cases and are not used to get analytical data about you.
</p>
<h3>Is information shared to other third-parties?</h3>
<p>
<strong>We do not share your personal information with third-parties</strong>. However, some
Capytal services may be federated, meaning that any messages, chats, public account data
are shared with any similar servers, such as in case of
<a href="https://activitypub.rocks" target="_blank"
rel="noopener nofollow noreferrer">ActivityPub</a>-compatible Services (example of these
services include but is not exhaustive to:
<a href="https://joinmastodon.org" target="_blank" rel="noopener nofollow noreferrer">
Mastodon</a>,
<a href="https://pixelfed.org" target="_blank" rel="noopener nofollow noreferrer">
Pixelfed</a>, and
<a href="https://join-lemmy.org" target="_blank" rel="noopener nofollow noreferrer">
Lemmy</a>)
</p>
<p>
Some information and data, such as username, posts, and user-generated content may be shared
publicly by you while using our Services. This include cases such as, for example, creating a
public bug report on our Forge Service. It is up to you to not share personally-identifiable
information on these public channels, we do not take responsibility on personally-identifiable
information being shared by you accidentally or not on these public Services.
</p>
<h4>Legal Action exception</h4>
<p>
<strong>Your personally-identifiable data may be requested by legal authorities</strong>
and used for legal and regulatory responsibilities if necessary, in such cases we may try
to preserve and fight for your privacy if we think the reason isn't justifiable, but we
cannot prevent authorities to access your information if preventing it results in legal
and financial issues for us.
</p>
<h4>Embedded and referenced content</h4>
<p>
<strong>Embedded content from other providers may be available in our Service, these providers may track
your interaction with their and our content</strong>. For example, if you click in an embedded video
from YouTube, <a href="https://google.com" target="_blank" rel="noopener nofollow noreferrer">
Google</a> will track you interaction.
</p>
<p>
Similarly, content and other third-parties services may be referenced via hyperlinks, accessing
third-parties content may end with your data being shared with a third-party which we cannot
have control over on how and what data is handled and processed.
</p>
<p>
You are recommended to review third-party's Privacy Policies before interacting with them.
</p>
<h3>Data retention policy</h3>
<p>
Automatically-generated log files or server logs are deleted every 48 hours, but may be kept
for longer to investigate malicious behaviour as outline above.
</p>
<p>
Information that you provide to us might be store indefinitely or as long as Capytal and our
Services survives, unless you personally delete it yourself or request us to delete it.
</p>
<h3>Your rights</h3>
<p>Whether your area has enacted <i>or not</i> the
<a href="https://eur-lex.europa.eu/eli/reg/2016/679/oj" target="_blank"
rel="noopener nofollow noreferrer">European Union's General Data Protection Regulation (GDPR)</a>,
<a href="https://www.planalto.gov.br/ccivil_03/_Ato2015-2018/2018/Lei/L13709.htm" target="_blank"
rel="noopener nofollow noreferrer">Brazil's General Personal Data Protection Law
(Portuguese: <i>Lei Geral de Proteção de Dados Pessoais</i>) (LGPD)</a>,
<a href="https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375"
target="_blank" rel="noopener nofollow noreferrer">California Consumer Privacy Act (CCPA)</a>,
or similar law or regulation, you have the following rights <i>if permissible by law</i>:
</p>
<dl class="m-5">
<dt class="font-bold">The right of access</dt>
<dd>
The right of access ensures you are allowed to know
what personal information Capytal has collected, stored or recorded about you.
Also referred as "The Right to Know".
</dd>
<dt class="font-bold mt-5">The right to ratification</dt>
<dd>
The right to ratification means that you are allowed to change any personal
information about you on our Services that you see as invalid, false or misleading.
</dd>
<dt class="font-bold mt-5">The right to data control</dt>
<dd>
The right to data control means that you can request us to anonymise, block or delete
any unnecessary, excessive, or non-compliant personal data of yours.
</dd>
<dt class="font-bold mt-5">The right to data independence</dt>
<dd>
The right of data independence means that you can request us to provide means to
move your personal data to another service or product provider.
</dd>
<dt class="font-bold mt-5">The right to data knowledge</dt>
<dd>
The right of data knowledge means that you have the right to know if and how your
personal data has been shared to third-parties <i>if permissible by law. Legal and
regulatory authorities may request us to not disclose sharing of personal data.</i>
</dd>
<dt class="font-bold mt-5">The right to erasure</dt>
<dd>
The right to erasure means that any personally-identifiable information that Capytal
has collected, stored or recorded about you will be deleted in up to 96 hours after
the initial request. Note that you will have to provide us some personal information
that we can go search for and delete. Also referred as "The Right to Delete" or
"The Right to be forgotten".
</dd>
</dl>
<p>
To exercise your rights, send an email to <a href="mailto:contact@capytal.cc">legal@capytal.cc</a>
</p>
<h2>Versions of this Policy</h2>
<p>
We provide translated versions of this policy in different languages, so users of our
Services can understand how we collect, process and secure their data regardless of
their native language. The <a href="https://capytal.cc/PRIVACY.md?lang=pt">
Brazilian Portuguese version of this Policy</a> applies specifically to users under
the jurisdiction of the Federative Republic of Brazil, otherwise, the English version
(the version you are currently accessing) applies to all other users under any other
jurisdiction.
</p>
<p>
<a href="https://forge.capytal.company/capytal/legal" target="_blank">Copies of this Policy
are also available on our Forge</a>, these copies are formatted differently to provide
better version management and comparison of the Policy versions.
</p>
<h2>Changes to this privacy policy</h2>
<p>
We reserve the right to make changes to this privacy policy at any time.
</p>
<p>
In the case of significant changes to this privacy policy, you will be notified by us
via email in a period of, at minimum, 30 days before the new policy is applied. If you
are not registered on any of our Services and/or have not disclosed to us any direct
way to contact you, the same notification will be sent on our social media platforms. It
is recommended to check this page often, referring to the date of the last modification
listed at the bottom. You can also check for differences between the Policy past versions
<a href="https://forge.capytal.company/capytal/legal" target="_blank">on our Forge</a>.
</p>
<p>
If you object any of the changes to the Policy, you must cease using this Website and
any of the Services provided by Capytal that this Policy applies on. By accessing this
Website or our Services, you agree with the terms described by this Policy.
</p>
<p>
Unless stated otherwise, the current privacy policy listed in this page (<a
href="https://capytal.cc/README.md">https://capytal.cc/PRIVACY.md</a>) applies to
all data we collect about you.
</p>
<h2>Legal Contact Information</h2>
<p>
For any questions, legal concerns, or exercising of your rights, contact us via email at
<a href="mailto:contact@capytal.cc">legal@capytal.cc</a>
</p>
<p class="font-bold text-center md:text-end">Last updated at April 07, 2025</p>
{{.Content}}
</main>
{{template "nav-bar" (args "Lang" .Lang)}}
{{template "footer" (args "Lang" .Lang)}}