-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1 from humanmade/587-add-privacy-docs
Add privacy documentation
- Loading branch information
Showing
10 changed files
with
1,122 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,9 @@ | ||
| # Privacy | ||
| # Privacy | ||
|
|
||
| Altis is committed to prividing frameworks, tooling and, where possible, integrations with other modules and platforms to enable customers to build privacy-first solutions. | ||
|
|
||
| Privacy is a core capabiliity for the modern web and something every customer and project has to deal with. Right now, a diverse array of solutions are available for web applications, and each requires custom integration work to get the most out of them. | ||
|
|
||
| Altis provides a consistent method for dealing with acquiring consent, managing user data and documenting privacy measures. In addition, we integrate and provide the controls for managing privacy in Altis' built-in features including analytics, personalization and Google Tag Manager. | ||
|
|
||
| Privacy is provided within Altis as a first-class component. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| # Consent API | ||
|
|
||
| The Consent API is a developer API to read and register consent categories, to allow consent management and other plugins to work together, improving compliance. | ||
|
|
||
| ## How does it work? | ||
|
|
||
| The Consent API adds two new concepts: a `consent_type` and a consent `category`. Categories are used to group user data by its intended usage, e.g. `marketing`. `consent_type` defines whether consent is `optin`, `optout` or some other type defined in the code. | ||
|
|
||
| The default consent type can be set in the code. The Altis Consent module defaults the consent type to `optin`. This means that user data stored locally will only be used if a user explicitly _allows_ access. If the default `consent_type` is set to `optout`, user data will be assumed to be okay to use unless a user explicitly _disallows_ access. | ||
|
|
||
| Other consent types can be defined within the code. | ||
|
|
||
| ### Consent categories | ||
|
|
||
| The Consent API defines five consent categories by default: | ||
|
|
||
| * **statistics** | ||
|
|
||
| Cookies or any other form of local storage that are used exclusively for statistical purposes (Analytics Cookies). | ||
|
|
||
| * **statistics-anonymous** | ||
|
|
||
| Cookies or any other form of local storage that are used exclusively for anonymous statistical purposes (Anonymous Analytics Cookies), that are placed on a first party domain, and that do not allow identification of particular individuals. | ||
|
|
||
| * **marketing** | ||
|
|
||
| Cookies or any other form of local storage required to create user profiles to send advertising or to track the user on a website or across websites for similar marketing purposes. | ||
|
|
||
| * **functional** | ||
|
|
||
| Functional cookies or any other form of local storage are any kind of user data that is required for the proper functionality of a site that cannot be disabled without affecting a user's ability to navigate the site. An example is the cookies that WordPress stores to handle user sign-ins for administrators -- if these cookies were blocked, an administrator would not be able to use the site. In these cases, the technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user. | ||
|
|
||
| * **preferences** | ||
|
|
||
| Cookies or any other form of local storage that can not be seen as statistics, statistics-anonymous, marketing or functional, and where the technical storage or access is necessary for the legitimate purpose of storing preferences. | ||
|
|
||
| Additional consent categories can be defined within a site's code. |
Oops, something went wrong.