Skip to content

GDPR Statements
Feature ID FEA002
Subsystem the feature is part of User interface
Responsible person
Status Backlog

Description

Present information to the users about the service's privacy policy and the data that is collected according to the GDPR. The current GDPR statement can be found here.

User requirements

  • User has to be informed about ALL information that is collected of the said user.
  • User has to be informed about how the collected data is used.
  • User has to be informed about where the collected data is saved.
ID Description
Use Case 2 User accepts cookies on Traffic visualizer website and data is stored safely
FUNC-REQ-C0002 User is able to accept or reject specified cookies according to GDPR
FUNC-REQ-C0026 User has to be informed about how the collected data is used
FUNC-REQ-C0027 User has to be informed about where the collected data is saved

Preliminary user stories

  • As Mysticons member, I want to be ensured that there is no sensitive data available to public. #46
  • As Combitech, I want the application to use public data. #19
  • As Combitech, I want the application to have log-in and logging system. #55
  • As a IoTude developer, I want to see customer feedback so that i know what aspects of the project needs to be improved on. #8

User interface mock-up

Mock-up of possible implementation:

GDPR Mockup

Possible solutions

Show GDPR info inside a React Modal

https://www.npmjs.com/package/react-modal Example on Codepen

Use i18next locales for the GDPR statements so it's quick to add and remove lines from the statement in multiple languages.

Example of JSON

English:

{
  "en": {
    "gdpr_statement": "GDPR Statement",
    "gdpr_description": "We value your privacy and are committed to protecting your personal data. This GDPR statement explains what information we collect and how we use it.",
    "gdpr_information": "Information We Collect",
    "gdpr_information_description": "We may collect various types of personal information from you, including but not limited to:",
    "gdpr_information_list": [
      "Contact information (e.g., name, email address, phone number)",
      "Demographic information (e.g., age, gender, location)",
      "Usage information (e.g., IP address, browser type, pages visited)"
    ],
    "gdpr_usage": "How We Use Your Information",
    "gdpr_usage_description": "We may use the collected information for the following purposes:",
    "gdpr_usage_list": [
      "To provide and maintain our services",
      "To personalize your experience on our website",
      "To communicate with you and respond to inquiries",
      "To improve our products and services",
      "To ensure compliance with applicable laws and regulations"
    ],
    "gdpr_rights": "Your Rights",
    "gdpr_rights_description": "Under GDPR, you have the following rights:",
    "gdpr_rights_list": [
      "The right to access your personal data",
      "The right to rectify any inaccurate or incomplete data",
      "The right to erasure of your personal data",
      "The right to restrict or object to the processing of your personal data",
      "The right to data portability",
      "The right to withdraw consent for data processing",
      "The right to lodge a complaint with a supervisory authority"
    ],
    "gdpr_contact": "Contact Us",
    "gdpr_contact_description": "If you have any questions or concerns regarding our GDPR statement or privacy practices, please contact us:"
  }

Finnish: 

  {
  "fi": {
    "gdpr_statement": "GDPR-lausunto",
    "gdpr_description": "Arvostamme yksityisyyttäsi ja sitoudumme suojaamaan henkilötietojasi. Tämä GDPR-lausunto selittää, mitä tietoja keräämme ja miten niitä käytämme.",
    "gdpr_information": "Keräämämme tiedot",
    "gdpr_information_description": "Voimme kerätä sinulta erilaisia henkilötietoja, mukaan lukien muun muassa:",
    "gdpr_information_list": [
      "Yhteystiedot (esim. nimi, sähköpostiosoite, puhelinnumero)",
      "Demograafiset tiedot (esim. ikä, sukupuoli, sijainti)",
      "Käyttötiedot (esim. IP-osoite, selaintyyppi, vieraillut sivut)"
    ],
    "gdpr_usage": "Tietojesi käyttö",
    "gdpr_usage_description": "Voimme käyttää kerättyjä tietoja seuraaviin tarkoituksiin:",
    "gdpr_usage_list": [
      "Palveluidemme tarjoaminen ja ylläpitäminen",
      "Kokemuksesi personointi verkkosivustollamme",
      "Kommunikointi kanssasi ja vastaaminen tiedusteluihin",
      "Tuotteidemme ja palveluidemme parantaminen",
      "Noudattaa sovellettavia lakeja ja määräyksiä"
    ],
    "gdpr_rights": "Oikeutesi",
    "gdpr_rights_description": "GDPR:n mukaisesti sinulla on seuraavat oikeudet:",
    "gdpr_rights_list": [
      "Oikeus tarkastaa henkilötietosi",
      "Oikeus oikaista virheelliset tai puutteelliset tiedot",
      "Oikeus poistaa henkilötietosi",
      "Oikeus rajoittaa tai vastustaa henkilötietojesi käsittelyä",
      "Oikeus siirtää tiedot järjestelmästä toiseen",
      "Oikeus peruuttaa suostumuksesi tietojen käsittelyyn",
      "Oikeus tehdä valitus valvontaviranomaiselle"
    ],
    "gdpr_contact": "Ota yhteyttä",
    "gdpr_contact_description": "Jos sinulla on kysyttävää tai huolenaiheita GDPR-lausunnostamme tai yksityisyyden suojakäytännöistämme, ota meihin yhteyttä:"
  }
}

Testing / possible acceptance criteria

Testcase Test source Responsible
Testcase 1 FUNC-REQ-CXXXX Testers