Adding privacy policy and cookie policy

merge-requests/1/head
Rasika Perera 7 years ago
parent 6316daa13a
commit df6e43eac5

@ -0,0 +1,167 @@
{{!
Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
WSO2 Inc. licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file except
in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
}}
{{#zone "title"}}{{! to override parent page title }}{{/zone}}
{{unit "cdmf.unit.ui.title" pageTitle="Consent Page"}}
{{#zone "content"}}
<div class="row">
<div class="col-xs-12 col-sm-8 col-md-8 col-lg-8 col-sm-offset-2 col-md-offset-2 col-lg-offset-2">
<div class="alert alert-info"><h3>COOKIE POLICY</h3></div>
<div class="panel-body">
<h3>About WSO2 IoT Server</h3>
<p>WSO2 IoT Server 3.3.0 is a complete solution that enables device manufacturers and enterprises to
connect and manage their devices, build apps, manage events, secure devices and data, and visualize
sensor data in a scalable manner.</p>
<p>It also offers a complete and secure Enterprise Mobility Management (EMM/MDM) solution that aims to
address mobile computing challenges faced by enterprises today. Supporting iOS, Android, and Windows
devices, it helps organizations deal with both Corporate Owned, Personally Enabled (COPE) and
employee-owned devices with the Bring Your Own Device (BYOD) concept.</p>
<p>WSO2 IoT Server 3.3.0 comes with advanced analytics, enabling users to analyze speed, proximity, and
geo-fencing information of devices including details of those in motion and stationary state.</p>
</p>
<h2>Cookie Policy</h2>
<p>IoT Server uses cookies to provide you with the best user experience, and to securely identify you.
You can disable cookies if you so wish . However you might not be able to access some of the services
if you disable cookies.</p>
<h3>What is a cookie?</h3>
<p>A browser cookie is a small piece of data that is stored on your device to help websites and mobile
apps remember things about you. Other technologies, including Web storage and identifiers associated
with your device, may be used for similar purposes. In this policy, we use the term “cookies” to
discuss all of these technologies.</p>
<h3>How does WSO2 IoT Server 3.3.0 process cookies?</h3>
<p>WSO2 IoT Server 3.3.0 uses cookies to store and retrieve information on your browser. This
information is used to provide a better user experience. Some cookies serve the purpose of allowing a
user to log in to the system, maintain sessions, and keep track of activities within the login
session.</p>
<p>Some cookies in WSO2 IoT Server 3.3.0 are used to personally identify you. However, the cookie
lifetime ends once your session ends, i.e., after you log-out, or after the session expiry time has
elapsed.</p>
<p>Some cookies are simply used to give you a more personalised web experience, and these cannot be used
to identify you or your activities personally.</p>
<p>This Cookie Policy is part of the IoT Server <a href="{{@app.context}}/privacy-policy">Privacy Policy.</a>
</p>
<h3>What does WSO2 IoT Server 3.0.0 use cookies for?</h3>
<p>Cookies are used for two purposes in WSO2 IoT Server 3.3.0.</p>
<ol>
<li>To identify you and provide security</li>
<li>To provide a satisfying user experience.</li>
</ol>
<h4><u>Preferences</u></h4>
<p>WSO2 IoT Server 3.3.0 uses cookies to remember your settings and preferences and to auto-fill the
fields to make your interactions with the site easier.</p>
<p>These cookies can not be used to personally identify you.</p>
<h4><u>Security</u></h4>
<ol>
<li>WSO2 IoT Server 3.3.0 uses selected cookies to identify and prevent security risks. For example,
WSO2 IoT Server 3.3.0 may use cookies to store your session information to prevent others from
changing your password without your username and password.
</li>
<li>WSO2 IoT Server 3.3.0 uses session cookie to maintain your active session.</li>
<li>WSO2 IoT Server 3.3.0 may use a temporary cookie when performing multi-factor authentication and
federated authentication.
</li>
<li>WSO2 IoT Server 3.3.0 may use permanent cookies to detect the devices you have logged in
previously. This is to to calculate the <b>risk level</b> associated with your current login
attempt. Using these cookies protects you and your account from possible attacks.
</li>
</ol>
<h4><u>Performance</u></h4>
<p>WSO2 IoT Server 3.3.0 may use cookies to allow <b>Remember Me</b> functionalities.</p>
<h4><u>Analytics</u></h4>
<p>WSO2 IoT Server 3.3.0 as a product does not use cookies for analytical purposes.</p>
<h4><u>Third party cookies</u></h4>
<p>Using WSO2 IoT Server 3.3.0 may cause third-party cookie to be set in your browser. WSO2 IoT Server
3.3.0 has no control over how any of them operate. The third-party cookies that maybe set
include:</p>
<ol>
<li>Any social login sites. For example, third-party cookies may be set when WSO2 IoT Server 3.3.0
is configured to use “social” or “federated” login, and you opt to login with your “Social
Account”.
</li>
<li>Any third party federated login.</li>
</ol>
<p>WSO2 strongly advises you to refer the respective cookie policies of such sites carefully as WSO2 has
no knowledge or use on these cookies.</p>
<h3>What type of cookies does WSO2 IoT Server 3.3.0 use?</h3>
<p>WSO2 IoT Server 3.3.0 uses persistent cookies and session cookies. A persistent cookie helps WSO2 IS
3.3.0 to recognize you as an existing user so that it is easier to return to WSO2 or interact with
WSO2 IS 3.3.0 without signing in again. After you sign in, a persistent cookie stays in your browser
and will be read by WSO2 IoT Server 3.3.0 when you return to WSO2 IoT Server 3.3.0.</p>
<p>A session cookie is a cookie that is erased when the user closes the Web browser. The session cookie
is stored in temporarily and is not retained after the browser is closed. Session cookies do not
collect information from the users computer.</p>
<h3>How do I control my cookies?</h3>
<p>Most browsers allow you to control cookies through settings. However, if you limit the given ability
for websites to set cookies, you may worsen your overall user experience since it will no longer be
personalized to you. It may also stop you from saving customized settings like login information.
Most likely, disabling cookies will make it unable for you to use authentication and authorization
functionalities offered by WSO2 IoT Server 3.3.0.</p>
<p>If you have any questions or concerns regarding the use of cookies, please contact the entity or
individuals (or their data protection officer, if applicable) running this WSO2 IoT Server 3.3.0
instance.</p>
<h3>What are the cookies used?</h3>
<table class="table table-striped table-bordered">
<thead>
<tr>
<th>Cookie Name</th>
<th>Purpose</th>
<th>Retention</th>
</thead>
<tbody>
<tr>
<td>JSESSIONID</td>
<td>To keep your session data in order to give you a good user experience.</td>
<td>Session</td>
</tr>
<tr>
<td>commonAuthId</td>
<td>Used to authenticate the the logged in session.</td>
<td>Session</td>
</tr>
<tr>
<td>samlssoTokenId</td>
<td>Used to map the logged in user with the SAML token.</td>
<td>Request</td>
</tr>
<tr>
<td>requestedURI</td>
<td>The URI you are accessing.</td>
<td>Session</td>
</tr>
</tbody>
</table>
<h3>Disclaimer</h3>
<p>This cookie policy is only for illustrative purposes of the product WSO2 IoT Server 3.3.0. The
content in the policy is technically correct at the time of the product shipment. The
entity,organization or individual that runs this WSO2 IoT Server 3.3.0 instance has full authority
and responsibility with regard to the effective Cookie Policy. WSO2, its employees, partners, and
affiliates do not have access to and do not require, store, process or control any of the data,
including personal data contained in WSO2 IoT Server 3.3.0. All data, including personal data is
controlled and processed by the entity, organization or individual running WSO2 IoT Server 3.3.0.
WSO2, its employees partners and affiliates are not a data processor or a data controller within the
meaning of any data privacy regulations. WSO2 does not provide any warranties or undertake any
responsibility or liability in connection with the lawfulness or the manner and purposes for which
WSO2 IoT Server 3.3.0 is used by such entities, organizations or persons.</p>
</div>
</div>
</div>
{{/zone}}

@ -0,0 +1,6 @@
{
"version": "1.0.0",
"layout": "uuf.layout.sign-in",
"uri": "/cookie-policy",
"isAnonymous": true
}

@ -0,0 +1,193 @@
{{!
Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
WSO2 Inc. licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file except
in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
}}
{{#zone "title"}}{{! to override parent page title }}{{/zone}}
{{unit "cdmf.unit.ui.title" pageTitle="Consent Page"}}
{{#zone "content"}}
<div class="row">
<div class="col-xs-12 col-sm-8 col-md-8 col-lg-8 col-sm-offset-2 col-md-offset-2 col-lg-offset-2">
<div class="alert alert-info"><h3>PRIVACY POLICY</h3></div>
<div class="panel-body">
<h3>About WSO2 IoT Server</h3>
<p>WSO2 IoT Server is a complete solution that enables device manufacturers and enterprises to connect
and manage their devices, build apps, manage events, secure devices and data, and visualize sensor
data in a scalable manner.</p>
<p>It also offers a complete and secure Enterprise Mobility Management (EMM/MDM) solution that aims to
address mobile computing challenges faced by enterprises today. Supporting iOS, Android, and Windows
devices, it helps organizations deal with both Corporate Owned, Personally Enabled (COPE) and
employee-owned devices with the Bring Your Own Device (BYOD) concept.</p>
<p>WSO2 IoT Server comes with advanced analytics, enabling users to analyze speed, proximity, and
geo-fencing information of devices including details of those in motion and stationary state.</p>
<h3>Privacy Policy</h3>
<p>This policy describes how WSO2 IoT Server 3.3.0 captures your personal information, the purposes of
collection, and information about the retention of your personal information.
<p>Please note that this policy is for reference only, and is applicable for the software as a product.
WSO2 Inc. and its developers have no access to the information held within WSO2 IoT Server
3.3.0.Please see the Disclaimer section for more information. Entities, organisations or individuals
controlling the use and administration of WSO2 IoT Server 3.3.0 should create their own privacy
policies setting out the manner in which data is controlled or processed by the respective entity,
organisation or individual.
<h3>What is personal information?</h3>
<p>WSO2 IoT Server 3.3.0 considers anything related to you and by which you may be identified as your
personal information.</p>
<p><b>Signing in to WSO2 IoT Server 3.3.0</b></p>
<ol>
<li>Your user name (except in cases where the user name created by your employer is under
contract)
</li>
<li>IP address used to log in</li>
<li>Email address</li>
</ol>
<p><b>Enrolling a device with WSO2 IoT Server 3.3.0</b></p>
<ul>
<li>Your device ID (e.g., phone or tablet), mobile number, IMEI number, and IMSI number</li>
<li>Your devices location</li>
<li>Your devices application list, and memory usage</li>
<li>Your devices usage statistics, such as RAM, battery level, connected hotspot details, and
memory usage
</li>
</ul>
<p>However, WSO2 IoT Server 3.3.0 also collects the following information that is not considered
personal information, but is used only for <b>statistical</b> purposes. The reason for this is that
this information can not be used to track you.
<ul>
<li>City/Country from which you originated the TCP/IP connection</li>
<li>Time of the day that you logged in (year, month, week, hour or minute)</li>
<li>Type of device that you used to log in (e.g., phone or tablet)</li>
<li>Operating system and generic browser information</li>
</ul>
<h3>Collection of personal information</h3>
<p>WSO2 IoT Server 3.3.0 collects your information only to serve your access requirements. For example:
<ul>
<li>WSO2 IoT Server 3.3.0 uses your IP address to detect any suspicious login attempts to your
account.
<li>WSO2 IoT Server 3.3.0 uses attributes like your first name, last name, etc., to provide a rich
and personalized user experience.
<li>WSO2 IoT Server 3.3.0 uses your security questions and answers only to allow account recovery.
</li>
</ul>
<h4><u>Tracking Technologies</u></h4>
<p>WSO2 IoT Server 3.3.0 collects your information by:</p>
<ul>
<li>Collecting information from the user profile page where you enter your personal data.</li>
<li>Tracking your IP address with HTTP request, HTTP headers, and TCP/IP.</li>
<li>Tracking your geographic information with the IP address.</li>
<li>Tracking your login history with browser cookies. Please see our <a href="{{@app.context}}/cookie-policy">cookie policy</a>
for more
information.
</li>
</ul>
<h3>Use of personal information</h3>
<p>WSO2 IoT Server 3.3.0 will only use your personal information for the purposes for which it was
collected (or for a use identified as consistent with that purpose).</p>
<p>WSO2 IoT Server 3.3.0 uses your personal information only for the following purposes.</p>
<ul>
<li>To provide you with a personalized user experience. WSO2 IoT Server 3.3.0 uses your name and
uploaded profile pictures for this purpose.
</li>
<li>To protect your account from unauthorized access or potential hacking attempts. WSO2 IoT Server
3.3.0 uses HTTP or TCP/IP Headers for this purpose.
</li>
<li>
<p>This includes:</p>
<ol>
<li>IP address</li>
<li>Browser fingerprinting</li>
<li>Cookies</li>
</ol>
</li>
<li>Derive statistical data for analytical purposes on system performance improvements. WSO2 IoT
Server 3.3.0 will not keep any personal information after statistical calculations. Therefore,
the statistical report has no means of identifying an individual person.
</li>
<li>WSO2 IoT Server 3.3.0 may use:</li>
<li>
<ol>
<li>IP Address to derive geographic information</li>
<li>Browser fingerprinting to determine the browser technology or/and version</li>
</ol>
</li>
</ul>
<h3>Disclosure of personal information</h3>
<p>WSO2 IoT Server 3.3.0 only discloses personal information to the relevant applications (also known as
“Service Providers”) that are registered with WSO2 IoT Server 3.3.0. These applications are
registered by the identity administrator of your entity or organization. Personal information is
disclosed only for the purposes for which it was collected (or for a use identified as consistent
with that purpose) as controlled by such Service Providers, unless you have consented otherwise or
where it is required by law.</p>
<h4>Legal process</h4>
<p>Please note that the organisation, entity or individual running WSO2 IoT Server 3.3.0 may be
compelled to disclose your personal information with or without your consent when it is required by
law following due and lawful process.</p>
<h3>Storage of personal information</h3>
<h4><u>Where your personal information is stored</u></h4>
<p>WSO2 IoT Server 3.3.0 stores your personal information in secured databases. WSO2 IoT Server 3.3.0
exercises proper industry accepted security measures to protect the database where your personal
information is held.WSO2 IoT Server 3.3.0 as a product does not transfer or share your data with any
third parties or locations.</p>
<p>WSO2 IoT Server 3.3.0 may use encryption to keep your personal data with an added level of
security.</p>
<h4><u>How long your personal information is retained</u></h4>
<p>WSO2 IoT Server 3.3.0 retains your personal data as long as you are an active user of our system. You
can update your personal data at any time using the given self-care user portals.</p>
<p>WSO2 IoT Server 3.3.0 may keep hashed secrets to provide you with an added level of security. This
includes:</p>
<ul>
<li>Current password</li>
<li>Previously used passwords</li>
</ul>
<h4><u>How to request removal of your personal information</u></h4>
<p>You can request the administrator to delete your account. The administrator is the administrator of
the tenant you are registered under, or the super-administrator if you do not use the tenant
feature.</p>
<p>Additionally, you can request to anonymize all traces of your activities that WSO2 IoT Server 3.3.0
may have retained in logs, databases or analytical storage.</p>
<h3>More information</h3>
<h4><u>Changes to this policy</u></h4>
<p>Upgraded versions of WSO2 IoT Server 3.3.0 may contain changes to this policy. Revisions to this
policy will be packaged within such upgrades and would only apply to users who choose to use upgraded
versions.</p>
<h4><u>Your choices</u></h4>
<p>If you are already have an user account within WSO2 IoT Server 3.3.0 ; you have the right to
deactivate your account if you find that this privacy policy is unacceptable to you.</p>
<p>If you do not have an account and you do not agree with our privacy policy, you can chose not to
create one.</p>
<h4><u>Contact us</u></h4>
<p>Please contact WSO2 if you have any question or concerns regarding this privacy policy.</p>
<p><a href="https://wso2.com/contact/">https://wso2.com/contact/</a></p>
<h3>Disclaimer</h3>
<p>WSO2, its employees, partners, and affiliates do not have access to and do not require, store,
process or control any of the data, including personal data contained in WSO2 IoT Server 3.3.0. All
data, including personal data is controlled and processed by the entity or individual running WSO2
IoT Server 3.3.0. WSO2, its employees partners and affiliates are not a data processor or a data
controller within the meaning of any data privacy regulations. WSO2 does not provide any warranties
or undertake any responsibility or liability in connection with the lawfulness or the manner and
purposes for which WSO2 IoT Server 3.3.0 is used by such entities or persons.</p>
<p>This privacy policy is for the informational purposes of the entity or persons running WSO2 IoT
Server 3.3.0 and sets out the processes and functionality contained within WSO2 IoT Server 3.3.0
regarding personal data protection. It is the responsibility of entities and persons running WSO2 IoT
Server 3.3.0 to create and administer its own rules and processes governing users personal data,
Please note that the creation of such rules and processes may change the use, storage and disclosure
policies contained herein. Therefore users should consult the entity or persons running WSO2 IoT
Server 3.3.0 for its own privacy policy for details governing users personal data.</p>
</div>
</div>
</div>
{{/zone}}

@ -0,0 +1,6 @@
{
"version": "1.0.0",
"layout": "uuf.layout.sign-in",
"uri": "/privacy-policy",
"isAnonymous": true
}

@ -64,7 +64,7 @@
<p class="doc-link">
<b>This site uses cookies. By logging in to the site, you are agreeing on the usage of cookies.
For more information, refer
<a href="/privacy-policies/cookie-policy" style="color:#ffffff;" target="_blank">
<a href="{{@app.context}}/cookie-policy" style="color:#ffffff;" target="_blank">
<u>Cookie policy</u>
</a>.
</b>
@ -77,7 +77,7 @@
<label>
<input class="permissionItem" id="privacy-consent" type="checkbox">
I hereby confirm that I have read and understood the
<a href="/privacy-policies/privacy-policy" target="_blank"><u>Privacy policy</u></a>.
<a href="{{@app.context}}/privacy-policy" target="_blank"><u>Privacy policy</u></a>.
</label>
</div>
</div>

@ -50,9 +50,9 @@
{{/if}}
<div class="alert alert-warning" style="border-radius:5px"><p class="doc-link">
This site uses cookies. By logging in to the site, you are agreeing on the usage of cookies. For more information, refer <a href="{{@unit.publicUri}}/privacy-policies/cookie-policy" style="color:#ffffff;"
This site uses cookies. By logging in to the site, you are agreeing on the usage of cookies. For more information, refer <a href="{{@app.context}}/cookie-policy" style="color:#ffffff;"
target="_blank"><u>cookie policy</u></a> and
<a href="{{@unit.publicUri}}/privacy-policies/privacy-policy" style="color:#ffffff;"
<a href="{{@app.context}}/privacy-policy" style="color:#ffffff;"
target="_blank"><u>privacy policy</u></a></p>
</div>

Loading…
Cancel
Save