Please update default standard Privacy Policy

[AlexJ]

Recently my FB application get blocked because of privacy policies where not well defined. I noticed IPS website is updated with this policies.

https://invisioncommunity.com/legal/privacy/

This is what FB is looking for and other login Auth as well:

1. What data you are Collecting,

2. How you are processing it,

3. Purposes for which you are Processing it,

4. Users may request Deletion of that data.

 

I think every client of yours will benefit with it. Just a suggestion. Thanks

[Sonya*]

1 hour ago, AlexJ said:

4. Users may request Deletion of that data.

All my apps has been blocked as well because of missing this part.

[Greek76]

Why not just get a custom privacy policy and have all that info included? That’s what I did. I forgot who I used but it cost me something like 60 dollars for three different forms privacy, terms and a disclaimer. There’s usually a questionnaire that you fill out stating what kind of data and other info that you collect. 

[Sonya*]

33 minutes ago, Greek76 said:

Why not just get a custom privacy policy and have all that info included?

If Facebook, Twitter, Google or whoever else updates their policy, then you are going to pay again to re-generate them, right? It would be a service with few efforts from IPS to update default language string. 😉 Policy is just a language string, nothing more.

[opentype]

The main issue is that a privacy policy isn’t a generic disclaimer. It must describe how a website ACTUALLY handles personal data. And that is not defined by IPS. It’s defined by how the owner acts in regards to personal data, which settings they chose in the ACP (e.g. regarding IP storage), which of the many possible 3rd-party services one uses (Google Analytics, Cloudflare, Zapier connections …), how the hosting company stores data and so on. None of that can be covered in a “standard privacy policy”. It’s all highly specific to a certain website. As a result, it’s probably better to not even have a standard privacy policy. It might do more harm than good by giving users the false impression it could be enough. 

And by the way: describing how personal data can be deleted is not a new issue nor a Facebook issue. With GDPR it has been required for years. 

Edited January 27, 2022 by opentype

[Sonya*]

34 minutes ago, opentype said:

And by the way: describing how personal data can be deleted is not a new issue nor a Facebook issue. With GDPR it has been required for years. 

May be. However, my apps have been blocked all at once some months ago (not years😄). Adding data deletion part has resolved the issue.

38 minutes ago, opentype said:

It must describe how a website ACTUALLY handles personal data. And that is not defined by IPS. It’s defined by how the owner acts in regards to personal data, which settings they chose in the ACP (e.g. regarding IP storage), which of the many possible 3rd-party services one uses (Google Analytics, Cloudflare, Zapier connections …), how the hosting company stores data and so on.

Hundreds of services are out there offering you "the best policy", just after clicking some buttons and after paying some bucks. They all have the same issue, you've described above. They do not know what settings I have made in my IPS and 3rd-party integrations.

The most save solution would be to take an attorney to write it down for your community. But attorney is not included in IPS license, not even in IPS Cloud. 😁

Honestly, the suggestion @AlexJ made would just a small service from IPS (adding some lines to the default policy). This would prevent new customers from mass blocking their apps, just because these lines are not there. This is not a substitution for professional made policies.