john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tractatus/public/privacy.html

252 lines
16 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en" data-page="privacy">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title data-i18n="meta.title">Privacy Policy | Tractatus AI Safety Framework</title>
<meta name="description" content="Privacy policy for the Tractatus AI Safety Framework. Learn how we collect, use, and protect your data." data-i18n="meta.description">
<link rel="stylesheet" href="/css/tailwind.css?v=0.1.0.1761346024265">
<link rel="stylesheet" href="/css/tractatus-theme.min.css?v=0.1.0.1761346024265">
<style>
.skip-link { position: absolute; left: -9999px; }
.skip-link:focus { left: 0; z-index: 100; background: white; padding: 1rem; }
/* Accessibility: Focus indicators (WCAG 2.4.7) */
a:focus, button:focus {
outline: 3px solid #3b82f6;
outline-offset: 2px;
}
a:focus:not(:focus-visible) { outline: none; }
a:focus-visible { outline: 3px solid #3b82f6; outline-offset: 2px; }
</style>
</head>
<body class="bg-gray-50">
<!-- Skip Link for Keyboard Navigation -->
<a href="#main-content" class="skip-link">Skip to main content</a>
<!-- Navigation (injected by navbar.js) -->
<script src="/js/components/navbar.js?v=0.1.0.1761346024265"></script>
<!-- i18n Support -->
<script src="/js/i18n-simple.js?v=0.1.0.1761346024265"></script>
<script src="/js/components/language-selector.js?v=0.1.0.1761346024265"></script>
<!-- Main Content -->
<main id="main-content" class="max-w-4xl mx-auto px-4 sm:px-6 lg:px-8 py-12">
<!-- Header -->
<div class="mb-12">
<h1 class="text-4xl md:text-5xl font-bold text-gray-900 mb-4" data-i18n="header.title">Privacy Policy</h1>
<p class="text-lg text-gray-600" data-i18n="header.last_updated">Last updated: October 8, 2025</p>
</div>
<!-- Introduction -->
<div class="bg-blue-50 border-l-4 border-blue-500 p-6 mb-8 rounded">
<p class="text-blue-900">
<strong data-i18n="privacy_first.badge">Privacy First:</strong> <span data-i18n="privacy_first.text">The Tractatus Framework is built on principles of human agency and transparency. We collect minimal data, never sell your information, and give you full control over your data.</span>
</p>
</div>
<!-- Content -->
<div class="prose prose-lg max-w-none space-y-8">
<!-- 1. Information We Collect -->
<section class="bg-white shadow rounded-lg p-8">
<h2 class="text-2xl font-bold text-gray-900 mb-4" data-i18n="section_1.title">1. Information We Collect</h2>
<h3 class="text-xl font-semibold text-gray-900 mt-6 mb-3" data-i18n="section_1.subtitle_1_1">1.1 Information You Provide</h3>
<ul class="list-disc pl-6 text-gray-700 space-y-2">
<li data-i18n="section_1.items_1_1.0"><strong>Donations (Koha):</strong> Name (optional), email address (required for receipt), country (optional), payment information (processed by Stripe, not stored by us)</li>
<li data-i18n="section_1.items_1_1.1"><strong>Media Inquiries:</strong> Name, email, organization, inquiry details</li>
<li data-i18n="section_1.items_1_1.2"><strong>Case Submissions:</strong> Contact information, case description, supporting evidence</li>
<li data-i18n="section_1.items_1_1.3"><strong>Account Creation (if applicable):</strong> Email, password (hashed), optional profile information</li>
</ul>
<h3 class="text-xl font-semibold text-gray-900 mt-6 mb-3" data-i18n="section_1.subtitle_1_2">1.2 Automatically Collected Information</h3>
<ul class="list-disc pl-6 text-gray-700 space-y-2">
<li data-i18n="section_1.items_1_2.0"><strong>Analytics:</strong> Page views, referring sites, browser type, device type, general location (country-level)</li>
<li data-i18n="section_1.items_1_2.1"><strong>Cookies:</strong> Session management, preferences (e.g., selected currency), analytics</li>
<li data-i18n="section_1.items_1_2.2"><strong>Server Logs:</strong> IP addresses, access times, pages accessed (retained for 90 days for security)</li>
</ul>
<h3 class="text-xl font-semibold text-gray-900 mt-6 mb-3" data-i18n="section_1.subtitle_1_3">1.3 Currency Selection</h3>
<p class="text-gray-700" data-i18n="section_1.text_1_3">
When you select a currency for donations, we may detect your approximate location to suggest an appropriate currency. This location data is:
</p>
<ul class="list-disc pl-6 text-gray-700 space-y-2">
<li data-i18n="section_1.items_1_3.0">Derived from your IP address (country-level only, not precise geolocation)</li>
<li data-i18n="section_1.items_1_3.1">Used only to pre-select a currency in the donation form</li>
<li data-i18n="section_1.items_1_3.2">Not stored permanently</li>
<li data-i18n="section_1.items_1_3.3">Can be overridden by manual currency selection</li>
</ul>
</section>
<!-- 2. How We Use Your Information -->
<section class="bg-white shadow rounded-lg p-8">
<h2 class="text-2xl font-bold text-gray-900 mb-4" data-i18n="section_2.title">2. How We Use Your Information</h2>
<ul class="list-disc pl-6 text-gray-700 space-y-3">
<li data-i18n="section_2.items.0"><strong>Process Donations:</strong> Email receipts, acknowledge public supporters (opt-in only), maintain transparency dashboard</li>
<li data-i18n="section_2.items.1"><strong>Respond to Inquiries:</strong> Answer media questions, review case submissions, provide support</li>
<li data-i18n="section_2.items.2"><strong>Improve Services:</strong> Analyze usage patterns, fix bugs, enhance user experience</li>
<li data-i18n="section_2.items.3"><strong>Security:</strong> Prevent fraud, detect abuse, protect against attacks</li>
<li data-i18n="section_2.items.4"><strong>Legal Compliance:</strong> Comply with applicable laws, respond to legal requests</li>
<li data-i18n="section_2.items.5"><strong>Communications:</strong> Send receipts, important updates (we never send marketing emails without explicit opt-in)</li>
</ul>
</section>
<!-- 3. Data Sharing -->
<section class="bg-white shadow rounded-lg p-8">
<h2 class="text-2xl font-bold text-gray-900 mb-4" data-i18n="section_3.title">3. Data Sharing and Disclosure</h2>
<h3 class="text-xl font-semibold text-gray-900 mt-6 mb-3" data-i18n="section_3.subtitle_share">We Share Your Data With:</h3>
<ul class="list-disc pl-6 text-gray-700 space-y-2">
<li data-i18n="section_3.share_items.0"><strong>Stripe:</strong> Payment processing for donations (subject to <a href="https://stripe.com/privacy" class="text-blue-600 hover:underline" target="_blank" rel="noopener">Stripe's Privacy Policy</a>)</li>
<li data-i18n="section_3.share_items.1"><strong>MongoDB Atlas:</strong> Database hosting (subject to <a href="https://www.mongodb.com/legal/privacy-policy" class="text-blue-600 hover:underline" target="_blank" rel="noopener">MongoDB's Privacy Policy</a>)</li>
<li data-i18n="section_3.share_items.2"><strong>Email Service Provider:</strong> For sending receipts and communications</li>
</ul>
<h3 class="text-xl font-semibold text-gray-900 mt-6 mb-3" data-i18n="section_3.subtitle_never">We NEVER:</h3>
<ul class="list-disc pl-6 text-gray-700 space-y-2">
<li data-i18n="section_3.never_items.0">❌ Sell your personal data</li>
<li data-i18n="section_3.never_items.1">❌ Share your data with advertisers</li>
<li data-i18n="section_3.never_items.2">❌ Use your data for tracking across other websites</li>
<li data-i18n="section_3.never_items.3">❌ Share donor information publicly without explicit opt-in</li>
</ul>
<h3 class="text-xl font-semibold text-gray-900 mt-6 mb-3" data-i18n="section_3.subtitle_legal">Legal Disclosures:</h3>
<p class="text-gray-700" data-i18n="section_3.legal_text">
We may disclose your information if required by law, court order, or to protect our rights and safety. We will notify you of such requests unless prohibited by law.
</p>
</section>
<!-- 4. Data Retention -->
<section class="bg-white shadow rounded-lg p-8">
<h2 class="text-2xl font-bold text-gray-900 mb-4" data-i18n="section_4.title">4. Data Retention</h2>
<ul class="list-disc pl-6 text-gray-700 space-y-2">
<li data-i18n="section_4.items.0"><strong>Donation Records:</strong> Retained indefinitely for transparency and tax purposes</li>
<li data-i18n="section_4.items.1"><strong>Server Logs:</strong> Deleted after 90 days</li>
<li data-i18n="section_4.items.2"><strong>Analytics Data:</strong> Aggregated, anonymized after 12 months</li>
<li data-i18n="section_4.items.3"><strong>User Accounts:</strong> Retained until you request deletion</li>
<li data-i18n="section_4.items.4"><strong>Inquiries/Submissions:</strong> Retained for 2 years, then archived or deleted</li>
</ul>
</section>
<!-- 5. Your Rights -->
<section class="bg-white shadow rounded-lg p-8">
<h2 class="text-2xl font-bold text-gray-900 mb-4" data-i18n="section_5.title">5. Your Rights</h2>
<p class="text-gray-700 mb-4" data-i18n="section_5.intro">You have the right to:</p>
<ul class="list-disc pl-6 text-gray-700 space-y-2">
<li data-i18n="section_5.items.0"><strong>Access:</strong> Request a copy of your personal data</li>
<li data-i18n="section_5.items.1"><strong>Correction:</strong> Update or correct inaccurate information</li>
<li data-i18n="section_5.items.2"><strong>Deletion:</strong> Request deletion of your data (subject to legal obligations)</li>
<li data-i18n="section_5.items.3"><strong>Portability:</strong> Receive your data in a machine-readable format</li>
<li data-i18n="section_5.items.4"><strong>Opt-Out:</strong> Withdraw consent for public acknowledgements anytime</li>
<li data-i18n="section_5.items.5"><strong>Object:</strong> Object to processing of your data</li>
</ul>
<p class="text-gray-700 mt-4" data-i18n="section_5.contact">
To exercise your rights, email: <a href="mailto:privacy@agenticgovernance.digital" class="text-blue-600 hover:underline">privacy@agenticgovernance.digital</a>
</p>
</section>
<!-- 6. Cookies -->
<section class="bg-white shadow rounded-lg p-8">
<h2 class="text-2xl font-bold text-gray-900 mb-4" data-i18n="section_6.title">6. Cookies and Tracking</h2>
<p class="text-gray-700 mb-4" data-i18n="section_6.essential"><strong>Essential Cookies:</strong> Required for site functionality (session management, authentication)</p>
<p class="text-gray-700 mb-4" data-i18n="section_6.preference"><strong>Preference Cookies:</strong> Remember your settings (currency selection, theme preferences)</p>
<p class="text-gray-700 mb-4" data-i18n="section_6.analytics"><strong>Analytics Cookies:</strong> Privacy-respecting analytics (no cross-site tracking)</p>
<p class="text-gray-700" data-i18n="section_6.control">
You can control cookies through your browser settings. Disabling cookies may affect site functionality.
</p>
</section>
<!-- 7. Security -->
<section class="bg-white shadow rounded-lg p-8">
<h2 class="text-2xl font-bold text-gray-900 mb-4" data-i18n="section_7.title">7. Security</h2>
<p class="text-gray-700 mb-4" data-i18n="section_7.intro">We implement industry-standard security measures:</p>
<ul class="list-disc pl-6 text-gray-700 space-y-2">
<li data-i18n="section_7.items.0">HTTPS encryption for all connections</li>
<li data-i18n="section_7.items.1">Encrypted database storage</li>
<li data-i18n="section_7.items.2">Password hashing (bcrypt)</li>
<li data-i18n="section_7.items.3">Regular security audits</li>
<li data-i18n="section_7.items.4">Access controls and monitoring</li>
<li data-i18n="section_7.items.5">No storage of payment card data (handled by Stripe PCI-compliant systems)</li>
</ul>
<p class="text-gray-700 mt-4" data-i18n="section_7.disclaimer">
While we take reasonable precautions, no system is 100% secure. Report security issues to: <a href="mailto:security@agenticgovernance.digital" class="text-blue-600 hover:underline">security@agenticgovernance.digital</a>
</p>
</section>
<!-- 8. Children's Privacy -->
<section class="bg-white shadow rounded-lg p-8">
<h2 class="text-2xl font-bold text-gray-900 mb-4" data-i18n="section_8.title">8. Children's Privacy</h2>
<p class="text-gray-700" data-i18n="section_8.text">
The Tractatus Framework is not directed at children under 13. We do not knowingly collect information from children. If you believe a child has provided us with personal data, please contact us at <a href="mailto:privacy@agenticgovernance.digital" class="text-blue-600 hover:underline">privacy@agenticgovernance.digital</a>.
</p>
</section>
<!-- 9. International Users -->
<section class="bg-white shadow rounded-lg p-8">
<h2 class="text-2xl font-bold text-gray-900 mb-4" data-i18n="section_9.title">9. International Data Transfers</h2>
<p class="text-gray-700" data-i18n="section_9.intro">
The Tractatus Framework operates from New Zealand. If you access our services from other countries, your data may be transferred to and processed in New Zealand. By using our services, you consent to this transfer.
</p>
<p class="text-gray-700 mt-4" data-i18n="section_9.gdpr">
<strong>GDPR Compliance:</strong> For EU users, we comply with GDPR requirements including lawful basis for processing, data minimization, and your rights under Articles 15-22.
</p>
</section>
<!-- 10. Changes to This Policy -->
<section class="bg-white shadow rounded-lg p-8">
<h2 class="text-2xl font-bold text-gray-900 mb-4" data-i18n="section_10.title">10. Changes to This Policy</h2>
<p class="text-gray-700" data-i18n="section_10.text">
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Material changes will be communicated via email (for users who provided email) or prominent notice on the website.
</p>
</section>
<!-- 11. Contact Us -->
<section class="bg-white shadow rounded-lg p-8">
<h2 class="text-2xl font-bold text-gray-900 mb-4" data-i18n="section_11.title">11. Contact Us</h2>
<p class="text-gray-700 mb-4" data-i18n="section_11.intro">For privacy-related questions or concerns:</p>
<div class="bg-gray-50 p-4 rounded border border-gray-200">
<p class="text-gray-900"><strong data-i18n="section_11.email">Email:</strong> <a href="mailto:privacy@agenticgovernance.digital" class="text-blue-600 hover:underline" data-i18n="section_11.email_address">privacy@agenticgovernance.digital</a></p>
<p class="text-gray-900 mt-2"><strong data-i18n="section_11.dpo">Data Protection Officer:</strong> <span data-i18n="section_11.dpo_name">John Stroh</span></p>
<p class="text-gray-900 mt-2"><strong data-i18n="section_11.postal">Postal Address:</strong> <span data-i18n="section_11.postal_text">Available upon request</span></p>
</div>
</section>
<!-- Te Tiriti Acknowledgement -->
<section class="bg-gradient-to-r from-blue-600 to-purple-600 text-white rounded-lg p-8 mt-8">
<h2 class="text-2xl font-bold mb-4" data-i18n="te_tiriti.title">Te Tiriti o Waitangi | Treaty Commitment</h2>
<p class="text-blue-100" data-i18n="te_tiriti.text">
As a New Zealand-based project, we acknowledge Te Tiriti o Waitangi and our commitment to partnership, protection, and participation. Our privacy practices respect Māori concepts of data sovereignty (rangatiratanga) and collective guardianship (kaitiakitanga).
</p>
</section>
</div>
</main>
<!-- Footer -->
<script src="/js/components/footer.js?v=0.1.0.1761346024265"></script>
</body>
</html>
Reference in a new issue View git blame Copy permalink