From Fedora Project Wiki

< User:Spot

Revision as of 20:12, 28 September 2015 by Ref (talk | contribs) (Undo revision 423182 by Ref (talk))

Important.png
DRAFT / WORK IN PROGRESS
This page is not an official policy and is a work in progress. Do not rely on it for guidance.

Privacy Statement for the Fedora Project

Scope of This Privacy Statement

Fedora respects your privacy. This Privacy Statement describes the Fedora Project's privacy practices and provides information about the choices you have regarding the ways in which information collected by the Fedora Project is used and disclosed. For convenience, the Fedora Project is referred to in this document as "Fedora" or "we".

The Information We Collect

This Privacy Statement applies to all information collected by or submitted to Fedora, including personal information. "Personal information" is data that reasonably can be used to identify or describe an individual.

Fedora collects personal information when:

  • you create an account in the Fedora Account System (hereinafter "Fedora Account");
  • you participate in surveys and evaluations;
  • you participate in promotions, contests or giveaways;
  • you submit questions or comments to us.

Information Collected in Person

Fedora may also collect personal information from individuals (with their consent) at conventions, trade shows and expositions. The types of personal information collected may include (but are not limited to):

  • your first and last name;
  • your title and your company's name;
  • your home, billing, or other physical address (including street name, name of a city or town, state/province);
  • your country code;
  • your e-mail address;
  • your telephone number;
  • any other identifier that permits Fedora to make physical or online contact with you;
  • any information that Fedora collects online from you and maintains in association with your Fedora Account, such as:
  • your Fedora Account password,
  • your GPG key ID,
  • your SSH public key,
  • your IRC nickname,
  • your language preference,
  • your timezone,
  • your geographic coordinates (longitude/latitude),
  • your affiliation(s).

Personal Information

Publicly Available Personal Information

In keeping with the open nature and spirit of Fedora, certain Personal Information attached to your Fedora Account is made public by default ("Publicly Available Personal Information"). Specifically:

  • your first and last name;
  • your country code;
  • your email address;
  • your language preference;
  • your SSH public key;
  • your timezone;
  • your GPG key ID (if defined);
  • your IRC nickname (if defined);
  • your geographic coordinates (if defined);
  • your affiliations (if defined).

If you wish for this information to be kept private, you can opt-out of displaying this information publicly in your Fedora Account preferences. If you choose to opt-out, Fedora will still have access to this information, but it will not be displayed to others, and will be considered private. The only exception to this is for your email address, which may still be visible in some Fedora services such as Bugzilla.

Using Your Personal Information

Fedora uses the Personal Information you provide to:

  • create and maintain your Fedora Account;
  • answer your questions;
  • send you information;
  • conduct research activities, including the production of statistical reports (such aggregated information is not used to contact the subjects of the report);
  • send you surveys.

We also use your Personal Information to provide you with information related to your Fedora Account and the products or services you acquire from us, to better understand your needs and interests, to improve our service, and to personalize communications.

Sharing Your Personal Information

While Fedora intends to protect your Personal Information, we may disclose your Personal Information to third parties in limited circumstances, including:

  • where you have consented to such disclosure. Please note that Publicly Available Personal Information provided to Fedora is openly available unless the Fedora Account holder opts-out (as already described in this Privacy Statement).
  • as required to provide services and e-mail housing (as a consequence of uses already described in this Privacy Statement).
  • as required by law, such as responding to a valid subpoena, warrant, audit, or other judicial or administrative order, or to prevent fraud
  • for research activities, including the production of statistical reports (such aggregated information is used to describe our services and is not used to contact the subjects of the report).

Your Choices About Receiving E-Mail

Fedora may send you e-mail about your Fedora Account, to inform you of important upcoming Fedora events (e.g. elections), or in response to your questions. For your protection, Fedora may contact you in the event that we find an issue that requires your immediate attention.

Cookies and Other Browser Information

We use cookies to collect information as you navigate our website. A cookie is a small amount of data that is sent to your browser from a web server and stored on your device. All sections of fedoraproject.org which prompt you to log in or that are customizable require your browser to accept cookies.

Generally, we use cookies to:

  1. Remind us of who you are and to access your Fedora Account information (stored on our computers) in order to provide a better and more personalized service. This cookie is set when you register or sign in and is modified when you sign out of our services.
  2. Estimate audience size. Each browser accessing our websites is given a unique cookie that is used to determine the extent of repeat usage and whether usage is by a registered or unregistered user.
  3. Measure certain traffic patterns, which areas of Fedora's network of websites you have visited, and your visiting patterns in the aggregate. We use this research to understand how our users' habits are similar to or different from one another so that we can make each new experience on fedoraproject.org a better one. We may use this information to better personalize the content, banners, and promotions you and other users will see on our sites.

If you do not want your information to be stored by cookies, you can configure your browser so that it always rejects these cookies or asks you each time if you want to accept them or not. However, you must understand that the use of cookies may be necessary to provide certain services, and choosing to reject cookies may reduce the performance and functionality of our websites. Your browser documentation includes precise instructions explaining how to define the acceptance of cookies.

The user agent string of browsers packaged in the Fedora operating system are configured to identify the browser as running on the Fedora operating system.

Non-Personal Information

Anonymous Unique ID

Fedora sometimes collects data using unique UUID signatures. These UUID strings are anonymous labels which are intended to be unique for each installation of the Fedora operating system software. The string is used to produce a more accurate count of the number of computers running the operating system software Fedora provides, and to record the version and variant used. This UUID signature is not related to users or their Personal Information, and is not used to track systems, only to count them. The UUID signature is stored in /etc/fedora-uuid. If you wish to disable the UUID signature reporting, you may simply remove or edit this file.

IP addresses

Fedora's online services automatically capture IP addresses. We use IP addresses to:

  • Help diagnose problems with our servers
  • Administer our website
  • Defend against malicious behavior
  • Research and report usage and traffic based on anonymized statistics
  • Help ensure the security of your interaction with our services

Geolocation

We may use your IP address to identify your location to customize the services you receive. Fedora uses geolocation services as part of the installation and normal operation of the Fedora operating system, as well as in some of our online services. Fedora does not keep any logs of geolocation query results. However, because we retain IP address access logs, we generate graphical heat maps displayed against a world map. These heat maps do not contain IP addresses, and are used solely to illustrate rough estimations of where Fedora services are accessed.

We use geolocation services within the Fedora operating system to provide appropriate localization and time settings for your computer. If you do not wish to use geolocation services, you may disable them on a per application basis. Fedora has enabled geolocation in the following applications:

  • The Fedora installer (anaconda) uses geolocation. To disable it, pass the following option at the beginning of the installation process:
inst.geoloc=0
  • The GNOME Date and Time applet uses geolocation. To disable it, go to the GNOME settings application, then Date & Time. Set "Automatic Time Zone" to off.

There may be other applications within the Fedora repositories which perform geolocation operations. For more information, including how to enable or disable geolocation, refer to the specific documentation for these applications.

Crash and error data

Some of the software Fedora provides can be configured to automatically submit information in the event of an error or crash, in the form of a report. We do not collect this data without your express approval.

Every effort is taken to minimize the risk that bug or crash information reported to Fedora contains personal data. However, because of the nature of bug reporting, it is possible that crash dumps or other debugging data may contain personal data. Our tools provide the ability to remove such data before you send the report. Fedora strongly urges users to take extreme care when submitting data reports via error/crash reporting software, as it may be impractical or impossible for us to remove personal data from these reports once they are submitted.

We use this information to diagnose software issues, and to aggregate it with information in other similar reports to prioritize activities. We do not correlate automatically submitted crash or error information with Personal Information.

Crash and error information submitted to Fedora is retained indefinitely.

Privacy of Information in Other Vendors' Software

Fedora provides open source software that originates with other vendors and that our contributors and participants package. For more information about the privacy policies governing such software, consult the vendor's site. In many cases this information may be accessible through the software itself, for instance in an "About" function.

Our Commitment to Data Security

Fedora intends to protect your Personal Information. We have implemented appropriate physical, administrative and technical safeguards to help us protect your Personal Information from unauthorized access, use and disclosure. Our website uses Secure Socket Layer (SSL) technology, which encrypts your Personal Information when you send it to our website.

Public Forums Reminder

Fedora may make chat rooms, forums, mailing lists, blogs, message boards, and/or news groups available to its users. Please remember that any information that is disclosed in these areas becomes publicly available. We urge you to exercise discretion when submitting such content. Although we value individual ideas and encourage free expression, Fedora reserves the right to take necessary action to preserve the integrity of these areas, such as removing any posting that is vulgar or inappropriate.

Our Commitment to Children's Online Privacy

Out of special concern for children's privacy, Fedora does not knowingly collect personal information from children under the age of 13. Fedora does not knowingly allow children under the age of 13 to become registered members of our sites. Fedora does not knowingly collect or solicit personal information about children under 13.

If you are a parent or guardian of a minor under the age of 13 and believe that he or she has disclosed personal information to us, please contact us.

About Links to Other Sites

This website contains links to other sites. Fedora does not control and is not responsible for the information collected by sites that can be reached through links from fedoraproject.org. If you have questions about the data collection procedures of linked sites, please contact the organizations that operate those sites directly.

How to Access, Modify or Update Your Information

Fedora gives you the ability to access, modify or update some of your personal information at any time. You may log in and make changes to your information, such as your password, your contact information, your general preferences and your personalization settings. If necessary, you may also contact us and describe the changes you want made to the information you have previously provided.

If you wish to remove your personal information from Fedora, you may contact us and request that we remove this information from the Fedora Account System. Other locations where you may have used your personal information as an identifier (e.g. Bugzilla comments, list postings in the archives, wiki change history, and spec changelogs) will not be altered.

How to Contact Us

If you have any questions about Fedora's privacy practices or use of your personal information, please feel free to contact us by email, or by mail at:

 Fedora Legal
 c/o Red Hat, Inc.
 100 East Davie Street
 Raleigh, NC 27601

Changes to this Privacy Statement

Fedora reserves the right to make corrections, changes or amendments to this Privacy Statement at any time. The revised Privacy Statement will be posted on this site. A notice will be posted on our homepage for 30 days whenever this Privacy Statement is changed in a material way, and the date of last update will be indicated at the top of the Privacy Statement. If you do not refuse the changes in writing within that notice period, this shall mean that you have consented to the Privacy Statement as changed. We encourage you to periodically review this Privacy Statement for any changes or updates.

This Privacy Statement was last amended on March 17, 2015.