GDPR Statements
Feature ID | FEA002 |
Subsystem the feature is part of | User interface |
Responsible person | |
Status | Backlog |
Description
Present information to the users about the service's privacy policy and the data that is collected according to the GDPR. The current GDPR statement can be found here.
Restrictions, requirements and use cases related to this feature
User requirements
- User has to be informed about ALL information that is collected of the said user.
- User has to be informed about how the collected data is used.
- User has to be informed about where the collected data is saved.
ID | Description |
---|---|
Use Case 2 | User accepts cookies on Traffic visualizer website and data is stored safely |
FUNC-REQ-C0002 | User is able to accept or reject specified cookies according to GDPR |
FUNC-REQ-C0026 | User has to be informed about how the collected data is used |
FUNC-REQ-C0027 | User has to be informed about where the collected data is saved |
Preliminary user stories
- As Mysticons member, I want to be ensured that there is no sensitive data available to public. #46
- As Combitech, I want the application to use public data. #19
- As Combitech, I want the application to have log-in and logging system. #55
- As a IoTude developer, I want to see customer feedback so that i know what aspects of the project needs to be improved on. #8
User interface mock-up
Mock-up of possible implementation:
Possible solutions
Show GDPR info inside a React Modal
https://www.npmjs.com/package/react-modal Example on Codepen
Use i18next locales for the GDPR statements so it's quick to add and remove lines from the statement in multiple languages.
Example of JSON
English:
{
"en": {
"gdpr_statement": "GDPR Statement",
"gdpr_description": "We value your privacy and are committed to protecting your personal data. This GDPR statement explains what information we collect and how we use it.",
"gdpr_information": "Information We Collect",
"gdpr_information_description": "We may collect various types of personal information from you, including but not limited to:",
"gdpr_information_list": [
"Contact information (e.g., name, email address, phone number)",
"Demographic information (e.g., age, gender, location)",
"Usage information (e.g., IP address, browser type, pages visited)"
],
"gdpr_usage": "How We Use Your Information",
"gdpr_usage_description": "We may use the collected information for the following purposes:",
"gdpr_usage_list": [
"To provide and maintain our services",
"To personalize your experience on our website",
"To communicate with you and respond to inquiries",
"To improve our products and services",
"To ensure compliance with applicable laws and regulations"
],
"gdpr_rights": "Your Rights",
"gdpr_rights_description": "Under GDPR, you have the following rights:",
"gdpr_rights_list": [
"The right to access your personal data",
"The right to rectify any inaccurate or incomplete data",
"The right to erasure of your personal data",
"The right to restrict or object to the processing of your personal data",
"The right to data portability",
"The right to withdraw consent for data processing",
"The right to lodge a complaint with a supervisory authority"
],
"gdpr_contact": "Contact Us",
"gdpr_contact_description": "If you have any questions or concerns regarding our GDPR statement or privacy practices, please contact us:"
}
Finnish:
{
"fi": {
"gdpr_statement": "GDPR-lausunto",
"gdpr_description": "Arvostamme yksityisyyttäsi ja sitoudumme suojaamaan henkilötietojasi. Tämä GDPR-lausunto selittää, mitä tietoja keräämme ja miten niitä käytämme.",
"gdpr_information": "Keräämämme tiedot",
"gdpr_information_description": "Voimme kerätä sinulta erilaisia henkilötietoja, mukaan lukien muun muassa:",
"gdpr_information_list": [
"Yhteystiedot (esim. nimi, sähköpostiosoite, puhelinnumero)",
"Demograafiset tiedot (esim. ikä, sukupuoli, sijainti)",
"Käyttötiedot (esim. IP-osoite, selaintyyppi, vieraillut sivut)"
],
"gdpr_usage": "Tietojesi käyttö",
"gdpr_usage_description": "Voimme käyttää kerättyjä tietoja seuraaviin tarkoituksiin:",
"gdpr_usage_list": [
"Palveluidemme tarjoaminen ja ylläpitäminen",
"Kokemuksesi personointi verkkosivustollamme",
"Kommunikointi kanssasi ja vastaaminen tiedusteluihin",
"Tuotteidemme ja palveluidemme parantaminen",
"Noudattaa sovellettavia lakeja ja määräyksiä"
],
"gdpr_rights": "Oikeutesi",
"gdpr_rights_description": "GDPR:n mukaisesti sinulla on seuraavat oikeudet:",
"gdpr_rights_list": [
"Oikeus tarkastaa henkilötietosi",
"Oikeus oikaista virheelliset tai puutteelliset tiedot",
"Oikeus poistaa henkilötietosi",
"Oikeus rajoittaa tai vastustaa henkilötietojesi käsittelyä",
"Oikeus siirtää tiedot järjestelmästä toiseen",
"Oikeus peruuttaa suostumuksesi tietojen käsittelyyn",
"Oikeus tehdä valitus valvontaviranomaiselle"
],
"gdpr_contact": "Ota yhteyttä",
"gdpr_contact_description": "Jos sinulla on kysyttävää tai huolenaiheita GDPR-lausunnostamme tai yksityisyyden suojakäytännöistämme, ota meihin yhteyttä:"
}
}
Testing / possible acceptance criteria
Testcase | Test source | Responsible |
---|---|---|
Testcase 1 | FUNC-REQ-CXXXX | Testers |