When setting up a Samsung TV, read the details of their privay policy. They will resort to capturing images from your TV just to make sure they can snoop you completely and utterly. It's kind of creepy and disgusting. Not to mention that insipid Samsung TV+ app that you can't uninstall and just starts playing anytime you turn the TV on. Samsung has gotten their last dollar from me...
My shift started not long ago and during shift change I heard my coworker getting a call. Though I could only hear her side, I could tell someone was either inquiring about a guest being here, or trying to be connected to a room without knowing the room number.
About a half an hour later once I had taken over, the phone rang again.
>Caller- Hi, can I be connected to James's room?
>Bran- Can I get James's last name and room number?
>Caller- James is the last name, his first name is John.
>Bran- Okay, can I get his room number?
>Caller- I don't have his room number.
>Bran- I'm sorry, but I wouldn't be able to connect you to a guest without that.
>Caller- Please, his mother is very sick and I can't get ahold of him.
>Bran- I'm sorry, but that would be against our privacy policy.
>Caller- Please! His mother is very sick. I can describe him and his car! Just tell me what I need.
>Bran- I need first and last name and the person's room number.
>Caller- But I don't have the room number.
>Bran- In that case I won't be able to help you, sorry.
>Caller- Can you just call him and tell him to come to the desk?
>Bran- Without the room number ma'am I'm not going to look to see if that person is even staying here.
After that she gave up. A few minutes later a man with a terrible beard came to the desk. It was one of these which I guess are in but I do not like them at all.
>Bad Beard- Did anyone call for me?
>Bran- What's your name?
>Bad Beard- John James.
>Bran- Yes.
>Bad Beard John James- Did you tell her I was here?
>Bran- I did not.
>John James- Okay good. It's my ex-girlfriend and she can't stand that I'm with someone else now.
Sick mom indeed lady.
(usual disclaimer, made up names blah blah)
Another day, another douchecanoe who does not give a shit about the protocols hotels implement to protect their guests.
So I'm just sitting around on night audit duty when in comes this non-guest visitor, who we'll call Jane Tiheli. She parks her car in the driveway, normally I'd tell her she can't do that because that's blocking the driveway, but she insists that she'll only stay for five minutes while she goes off to see her husband. I assumed that Jane knew which room her husband was in and that he had told her he was staying here, so I didn't really question her statement, but I did inform her that after 5 minutes I will ask her to move her car out of the driveway, even setting a watch timer to enforce this.
Well a little under five minutes later and Jane has come back asking me for the exact room number of her husband, James Twicobra, since it seems she can't find him. She's asking if James is in Room 102 or 103, which I know is way off because he's in Room 122, but obviously I don't disclose that and I just tell her that I'm not going to give out room numbers or otherwise officially confirm this guest's presence. And nothing in James's reservation or in notes from my day-shift colleagues mention anything about getting contact or providing keys to others.
Jane gets in her shitty car and leaves and I assume that's the end of it.
That is, until 30 minutes later when she comes back and asks me to please pass on some documents to James. I tell her I won't do that; for me to relay anything would confirm that the guest is here. Even without a room number, just revealing that a guest is here could cause problems, let alone danger, for that guest because now they can't safely step out of their room. Yeah, maybe James and Jane are genuinely in a healthy marriage and I'm intruding on that, but it's better I stand by the hotel policies even if it upsets them relatively mildly than honor her request and later find out that James was in an unsafe situation and trying to avoid her.
"I understand you have this policy but--" And yet you are treating our privacy and safety policies like they're things you wipe your ass with.
"I stay in other hotels and I never have this problem!!" Okay shut the fuck up, we are not other hotels, and those other hotels aren't following hotel standards if they're able to just middle-person communications from unauthorized outside parties to guests, or give out room numbers.
Eventual
... keep reading on reddit β‘
Just looking for clarification on what you think this would mean , specifically the part about providing aggregated data to third parties. What does an βaggregated and anonymous basisβ mean when it comes to log level data ? This was from 2009- could this simply mean the entirety of the raw access logs was shared including IP address, user agent etc?
β’ Web servers operated by us, and by third party service providers and advertisers, may automatically collect non-personal information about which pages you visit, as well as your IP address or domain name. We may use this information for various purposes, such as tailoring our web site content, targeting promotional messages, and assessing the amount of traffic to various parts of our web site. We may also provide this information on an aggregated, anonymous basis to our marketing partners and/or advertisers.
Hi all,
I plan on using tools like Google Analytics, Google Ads, and Facebook ads. I plan on using the various tags these tools provide, so I'll have to write a privacy policy page
But would I go about this? Would I need to hire a lawyer to do this for me?
I've read up about using TeamViewer to do it but I don't always have 2 devices on my person if I'm traveling or such. Another would be to take a picture from the second device.
In need of on that only requires the 1 device. I've tried installing screenshot apps, but the screenshot result is a black screen.
Thanks in advance to anyone who assists me with this!
I have been working on a new project management software over the past year and am getting really close to releasing my beta version to the public. Before I go live with it I will need to sort out my policies and terms, which I know nothing about. How should I got about sorting these out?
Right now my app has registration and login(with Amazon Cognito), it uses stripe for handling subscriptions/payments. I don't think there is any other sensitive data used in this app, just general content outside of that.
I have no idea how I should go about this, not sure if there are boilerplate content I can use or if this is something I should see a lawyer about.
Just would like to hear your suggestions and experience during this phase.
Thanks!
Just run into another obstacle on this Journey, wich isn't hopefully to hard to accomplish.
So, got a Funnel already up, got the right Product too, and than I just came across that You require all these things to get it done the right way, leaving me at least a bit overwhelmed,
just to down play it a bit.
Anyone here who can Help me out?
So far, I found this tool, wich might be just the right way, I also need the GDPR (Currently living in Germany).
The Tool is called the Privacy Policy Generator , I hope someone in here has at least some experience with this tool and can recommend it.
I've heard that most people just accept cookies without a moment of thought. Some people even shame those who choose to read the privacy policy.
I'm not a karen, I promise, I just care about cyber security.
On most sites I go to, I like to read the privacy policy.
There are types of cookies.
-
Strictly necessary cookies. These are the cookies needed to keep the site running.
-
Functional cookies. "These cookies allow us to provide enhanced functionality and personalise content for you.
Like how youtube recommends us videos from channels we like. But have you ever searched for something on another device and an advert appears on another device? Creepy.
Some cookie sites ask to "link devices" I believe this is exactly it. I have heard of fishy things like "collect and store personal data offline" and "precise geolocation data" but I'm not a software engineer so I'm not sure. Please educate me further on this, tech savvy people!
(Obviously it's okay to accept cookies, just warning some people who didn't know)
I am currently reading Debian's privacy policy, and it has been an amazing document compared with many other distros. As far as I am aware of, Ubuntu has always had issues of user data collection while the RHEL-based distros even have a subscription manager which has been clearly documented by RedHat as "user data collection tool".
I understand that the default is to opt out from package popularity test, and it leaves the last piece in the system to be the package manager. Some RHEL-based distros use dnf/yum to collect user IP, location, package information, etc. What about Debian with apt? Does Debian on the server side "collect (by this I explicitly mean that the user-submitted information like IP address is to be collected and stored at Debian server)" such user data?
Hi, I have a small app called "When" that I am about to put on the app store but I need some advice on my privacy policy, is this good enough?
"When does not use any trackers of any sort, nor does it keep, track, sell, rent, or share any information on you throughout your use of the app with any third parties.
For any questions, feel free to [contact me](mailto: mail@icloud.com) directly"
I know its short but I don't track or collect any data at all.
Cut to the chase: these guys track down more than just your IP address/location, but every, detail, imaginable. (Your entire apps/files names and types, mobile carrier, screen resolution, KEYSTROKE PATTERNS AND RHYTHMS, etc**.**)
What are they really doing with my information? Should I delete it...?
source: https://www.tiktok.com/legal/privacy-policy-row?lang=en
update: I decided to delete it realizing these guys are making identifiable profiles out of people. (Like every other app). Better late than never, so.
So I am making a demo version of web app that I created. I do not want to get into privacy policy as I do not own company or do not want to bother being administrator of someones date. In short I do not want to be responsible of anything just because I am a student.
So demo website has deleted anything that can create data or content. So in demo no one is able to make changes to database. No creating users, no creating announcements, no creating messages or anything.
However because there is a login system I restricted it to automatically log in into 3 accounts with different permissions. Basically user select what type of account he want to log in from drop down and just click "log in". No typing username, no typing password or anything.
So there is a login system of some kind but without user data, that means there is one cookie that is session. I write a little cookie privacy that in summary says:
there is one cookie that is session. It does not have any data that user provide, it only include login and permission status and that cookie is encrypted and lifespan of cookie. And also some info how to disable it.
User is unable to provide me any data and I do not have access to anything, because I only use one session cookie. In that case I should not need any privacy policy as I do not collect any data.
Is that right?
Also do I need to provide anything more in cookie policy? (my name. contact info or anything)
I've just bought myself a QNAP NAS with the hopes of moving my NextCloud instance from running on a Raspberry Pi to something with a little more robustness.
One of the things that's pushed on you when setting up teh device is the myQNAPCloud service so you can access your files over the internet however, when reading the privacy policy on the site, under 'Personal data we collect' I noticed it says:
>We also collect the content you create, upload, or receive from others when using our services. This includes things like messages you write, photos and videos you save, the contacts you enter, and the event messages pushed to browsers and mobile apps
I'm not sure what is considered 'our services' here but if my files are being transferred to my other devices off the local network via the myQNAPCloud service that would feel like they'd be covered under that term.
Has anyone got any insight into what this actually means from a privacy perspective?
A mindfulness/meditation app I have been using and paying for for over a year recently changed its privacy terms and requested an "accept" before using the app. The other option is "read more," however when you click that it's a 404. Basically, it is impossible to read the terms but also impossible to use the app without accepting them, so I am asked to agree to the unknown. I contacted customer support 12 days ago and they are just giving me the run around. Last week I suggested that they just send me a copy of the terms do that id know them, can agree and use the app. They didn't,and I'm getting frustrated. Isn't even legal to make it possible to accept terms I can't read? If I accept, am I really bound considering I couldn't read them? If I laterfind out that they used my data in a way I don't like, do I have a legal leg to stand on?
Not sure if this post breaks the rules, but I made a super simple and free site yesterday morning where anyone can make a page to show their privacy policy, contact info, and marketing text.
I made it as a quick way to get past the annoying part of setting this up when your about to submit a new app.
If itβs useful for anyone - feel free to use it!
http://someapp.info
My thanks to the team's effort building up this valuable community-driven RHEL-based distro.
I am currently doing research of the privacy policy and protection of different distros. I read the policy document on Alma website, but have come up with a few questions:
" This privacy policy applies to those who visit Almalinux.org and subdomains of those domains (βSiteβ or collectively βSitesβ), as well as users of Almalinux OS and services (βServiceβ or collectively βServicesβ) which is owned and operated by Almalinux OS Foundation ("ALMALINUX", βWeβ, βUsβ or βOurβ). "
Taken from the current website, it seems that the Alma Linux OS itself is also in line with user data collection. Is it possible that we end-users get something documented, including what sort of information is being collected in what manner by which part of the OS (or specifically, which package) and how the data is going to be used? (Just as an example, some random distro has written that they do collect user IP and other data through service DNF/YUM).
Another privacy concern for all RHEL-based distros is the subscription manager. On RHEL itself during every repo access, it is known to connect to the RHEL license server, validate user account (which contains users' name, email, and other information to get a legal RHEL subscription) in RedHat's database, generate a machine-specific key to be stored at server side for identification purpose, and manage license service as well as repo services. As Alma is a community-driven opensource project, I have the impression that it will be totally unnecessary for such a distro to hide its repos deeply after this verification process. So, I wonder how is this process dealt with in Alma and what the current status of subscription-manager is like?
Thanks again for the team's decent work (especially like the ELevate which has long been missing in RHEL derivatives) and look forward to the replies from users and members.
Hello,
I'm looking for a free (or almost free if no other option exists, say 10$/year) email provider that has imap support and will let me use a third party email client. I do understand that I won't get a fully private experience but I'm just looking for a middleground.
I've been digging but can't seem to find a good option. Any suggestions for me to look into? Cheers
I was reading through a privacy policy on a website / app and ran across this in a section titled βpersonal information collected and soldβ
Sensory Information, such as audio, electronic, visual, thermal, or similar information. We collect such information directly from you, e.g., products and services you purchase. We use such information for our business purposes, including specifically, performing services on behalf of the business or service provider, including providing customer service.
Can someone explain? Do they actually collect this type of data from a mic or camera on your device?
If I wanted to create a landing page to collect emails in order to validate a SaaS idea, I assume I would need a privacy policy that outlines how I will use the personal information collected (i.e. name and email for communication and marketing). But if I do this before incorporating the business, under what "entity" should it be? Is it legal to use the name of a company that technically doesn't exist yet? Most privacy policy generators I've looked at ask for the legal name of the company. Is the common practice to not add a privacy policy until the company is incorporated?
Basically what's in the title. Worked as a manager for an awful run Burger King franchise from 2000 to 2002 in the Hamilton Ontario area owned by a piece of shit in Sudbury with an even worse operations manager.
One day I sent an email and the absolute worst excuse for a human was their Operations Manager decided to once again choose to be belligerent and abusive and decided to punish me for an offense of sending an email that was not in violation of any law or policy. This is the same person who previously verbally attacked people personally for committing heinous acts like calls to the health department that caught a manager smoking in the office. This same administration sent an email demoting another manager for calling the fire department when a deep fryer caught fire, again.
Me, not as aware of my rights as I should have been and not knowing how often this admin went ahead and blatantly and viciously violated various laws decided to pull crap again on me. Upon my return to work I find everyone with email access plus some of the crew all talking about whatever it was that I did. I see the email, and have my boss who previously illegally punished me for missing a mandatory unpaid meeting (unpaid meeting, on my day off, a big nono according to our labour authority) print that baseless claim off for me to have a copy beyond the admins statement that it will be added to my file.
I get the copy, fold it up and then ask my boss:
'Can you please provide me a copy of the email policy I supposedly violated?'
Silence.
Clamouring for files.
An hour later she finds me and says she can't find it.
My reply: 'Ok, please let me know when you find a copy that proves that I have read it by the end of the week'.
My boss goes home, I email a copy of the email head office sent to my personal email account.
Edit: about two weeks later the boss comes to me and says oh don't worry about the writeup, they've removed it. She asks for the copy she gave me and I say oops, no idea where it is I'll try finding it (that was a fib and I was never asked again for it).
This, and many other incidents prompted me to get the heck outta there.
A few years later I find ALL of their locations shut down, a few discrete inquiries and I find that corporate seized all assets and locations as keeping them in business was detrimental to the brand. I find out what firm is taking action against the franchise and contribute my stash of documents, including their blatant viol
... keep reading on reddit β‘
