February 22, 2021 in Feedback
I spent numerous hours crafting my Terms and Privacy Policies and and thought I had a pretty good handle on covering all of my bases. I would like to implement the IPS Community App and various Community Enhancements and Login Handlers in the future. I happened to come across the article below this evening and it got me thinking: How much personal data or inferred data this app might be trackable for each user and how one might best let members know so they can make an informed decision whether or not if they want to use the app or other third party services.
Can another installed app interact with this one to extract data? As the amount of apps in use would be on the small side it probably wouldn't be worth it but the possibility still exists.
Study reveals the scary amount of personal data apps can collect without your permission – BGR
I am now using the following blurbs in my Terms and Conditions:
Links to Third Party Sites/Third Party Services
These Sites may contain links to other websites ("Linked Sites"). The Linked Sites are not under our control as such, we are not responsible for the contents of any Linked Site, including without limitation any link contained in a Linked Site, or any changes or updates to a Linked Site. Clicking on a Linked Site may expose you to various tracking services which might infer various personally identifiable details about you and your surfing habits. By clicking on such Linked Sites you accept such consequences and will not hold these Sites responsible for any adverse outcomes. These Sites provide these Linked Sites to you only as a convenience, and the inclusion of any Linked Sites does not imply endorsement of these Sites or any association with its operators.
Certain services made available on our Sites or mobile app may be delivered by third party sites and organizations. By using any product, service or functionality not originating from our Sites or mobile app, you hereby acknowledge and consent that we may share such information and data with any third party with whom we have a contractual relationship to provide the requested product, service or functionality on behalf of our Sites or mobile app.
Third Party Accounts
If the mobile apps is enabled in the ACP one would hope that entries for Apple and Google would be added to the Third Parties Section with links to their privacy policies. Also any login handlers or community enhancements should have entries posted as well. If such functionality doesn't exist or we can't add to the list ourselves, then not including such functionality might be a better approach. We could simply add a "Third Parties" section ourselves and populate it with all of the appropriate third party services used by IPS as well as any utilized by marketplace or custom apps.
I will be candid with you and straightforward.
YES, anything you add to your website, embed on your website, or enable onto your website can and will further allow tracking and data collection. Even your users, hotlinking a harmless photo, can trigger further monitoring and data collection.
Yes, 3rd parties will collect your information and all your users too. Suppose you are using Google login and Google Analytics (for example). In that case, Google will include several tracking cookies well beyond your website's interactions. Facebook login will add their own cookies to track your users for a month or more. Long after they sign off your site and logout off Facebook, assuming they do not clear their browser history. Do you plan to have advertisements on your website? More tracking there too.
And I am only covering the cookies aspect on a desktop or laptop. Within a month's time (if not less), your name, address, phone number, e-mail address, where you shop, what you like to browse, and much, much more are now out there. Suppose your user is using a mobile device such as a cellular phone or tablet. In that case, they're even deep into the spider's web (metaphorically speaking).
But I digress.
YES, anything you add to your website, embed on your website, or enable onto your website can and will further allow tracking and data collection. Even your users, hotlinking a harmless photo, can tricker further monitoring and data collection.
Edit: I see you have updated your post. Originally you had worded this as more of a question.
I think you did an excellent job wording this.
It might be nice to create and make a updateable list of all third parties utilized by IPS and the marketplace complete with links to their privacy policies that we could readily copy and past into ours.
Started 3 hours ago
Started 6 hours ago
Started 4 hours ago