Hi,
I am searching but I am not getting this thing anywhere and I am thinking this is one of the critical thing.
Recently, I am preparing Privacy policy for my website and I am currently stuck at only one point, What is the privacy policy statement of Drupal CMS itself?. Because, I am not sure,
- Whether Drupal core using any cookies?
- Whether any part of code collecting IP Address?
- Whether any part of code collecting any kind of visitor data?
Hence, I am not sure what to write in Privacy Policy of my website about Drupal.
Now, I read a README.txt file in core, It does has following points on legal aspects, but not on privacy statement.
Legal information about Drupal:
* Know your rights when using Drupal:
See LICENSE.txt in the "core" directory.
* Learn about the Drupal trademark and logo policy:
https://www.drupal.com/trademark
I have asked this question on Drupal answers too: Does Drupal 8 core by default collect visitors date?, but still waiting for answer.
And later, I searched and I found following question, hence looks like some people also have question on this issue.
- What cookies does Drupal use?
A client wants to write a privacy policy for their site and they are asking what cookies Drupal uses so that they can include a description of them in the policy.
- Does Drupal Core use any cookies?
I've just discovered the eu-cookie-compliance module and quite like it. What I want to know is, does the core Drupal installation use cookies for visitors to my site?
I think, It would be great if there is one text file on the Privacy policy statement or somewhere it has to be mentioned on Drupal.org. So website creators can include that in their websites's privacy policy. And this will add ONE OF THE STRONG POINT IN FEATURES OF DRUPAL.
Please, let me know if this Information is already available or I would have missed in searching or reading?
Many Thanks
Comments
Comment #2
Codenext CreditAttribution: Codenext as a volunteer commentedComment #3
Codenext CreditAttribution: Codenext as a volunteer commentedComment #4
cilefen CreditAttribution: cilefen commentedThis may be duplicating #2848974: Privacy Concerns as GDPR Compliance and does not meet the project requirements for critical priority.
Comment #5
Codenext CreditAttribution: Codenext as a volunteer commentedComment #8
Balu ErtlQuoted from the Drupal Answers question mentioned above, it seems the requester has gained satisfying response there:
I'd suggest to close this issue then.
Comment #9
David_Rothstein CreditAttribution: David_Rothstein as a volunteer commentedThis is a documentation issue, not a support request, so I think it's still valid.
Any such privacy statement, though, would need to be really clear that it's talking about Drupal core only, since custom or contrib modules and themes could of course decide to do things that don't comply with it.
Comment #10
mgiffordMore working being done here:
https://www.drupal.org/project/drupal_gdpr_team/
The main chats about this are taking place on DrupalChat.eu which is Rocketchat:
https://www.drupal.org/node/2958812
Comment #11
mgifford