adding privacy policy, closes #37

2022-08-12 11:21:31 +01:00 · 2022-08-12 11:21:31 +01:00 · 978136bb4e
commit 978136bb4e
parent fefbef75eb
4 changed files with 54 additions and 1 deletions
--- a/music/music.py
+++ b/music/music.py
@ -46,6 +46,10 @@ def create_app():

        return render_template('login.html', logged_in=logged_in)

+    @app.route('/privacy')
+    def privacy():
+        return render_template('privacy.html')
+
    @app.route('/app', defaults={'path': ''})
    @app.route('/app/<path:path>')
    def app_route(path):
--- a/music/templates/base.html
+++ b/music/templates/base.html
@ -24,6 +24,8 @@
 	<br><br>
 	<ul class="navbar">
 		<li><a href="/">Home</a></li>
+		<li><a href="https://sarsoo.xyz/mixonomer/">About</a></li>
+		<li><a href="/privacy">Privacy</a></li>
 		<li><a href="https://sarsoo.xyz">sarsoo.xyz</a></li>
 	</ul>

--- a/music/templates/privacy.html
+++ b/music/templates/privacy.html
@ -0,0 +1,42 @@
+{% extends 'base.html' %}
+
+{% block title %}Privacy{% endblock %}
+
+{% block content %}
+
+	{% with messages = get_flashed_messages() %}
+		{% if messages %}
+			{% for message in messages %}
+				<div class="row card pad-12">
+					<p class="center-text" style="color: red">{{ message }}</p>
+				</div>
+			{% endfor %}
+		{% endif %}
+	{% endwith %}
+
+	<div class="row">
+		<h1>Privacy Policy</h1>
+
+		<div class="pad-12 card">
+			<p>Mixonomer is a side project that I don't/won't/can't monetise. No extra personal information is stored and all information can be deleted whenever you like. Your credentials are a username and password only, I don’t want your name/email/phone number. No analytics/ad libraries are used, although you may see Google domains in the connections as the app is hosted on Google’s cloud and the title is a Google font.</p>
+
+			<p>You can see all the information stored about you using the API, while logged in, go to </p>
+
+			<p style="font-family: 'Courier New', Courier, monospace">
+				<a href="/api/user">/api/user</a>
+				<br/>
+				<a href="/api/playlists">/api/playlists</a>
+				<br/>
+				<a href="/api/tags">/api/tags</a>
+			</p>
+			
+			<p>This includes all data except for some sensitive user data including the password hash and Spotify credentials.</p>
+			
+			<p>Mixonomer relies on a link to your Spotify account in order to manage smart playlists on your behalf. When you link your Spotify account, Mixonomer is provided with a key that it can use to make requests of Spotify. You can unlink Spotify from the Mixonomer settings, doing so clears all stored Spotify credentials, completely removing Mixonomer's ability to manage your Spotify account. If and when you would like to prevent Mixonomer's access to your Spotify account, you can also revoke Mixonomer's access from your Spotify account settings.</p>
+
+			<p>Mixonomer also has Last.fm integrations, enabled by providing your username in the Mixonomer settings page. Mixonomer only uses publicly available Last.fm data, no authentication with Last.fm is required and removing the username from Mixonomer’s settings disables the integration.</p>
+
+			<p>Delete account functionality does not yet have a UI implementation, but there is API support, <span style="font-family: 'Courier New', Courier, monospace">POST</span> to <span style="font-family: 'Courier New', Courier, monospace"><a href="/api/user">/api/user</a></span> to delete all user data.</p>
+		</div>
+	</div>
+{% endblock %}
--- a/src/js/MusicTools.js
+++ b/src/js/MusicTools.js
@ -15,7 +15,7 @@ import MenuIcon from '@material-ui/icons/Menu';
 import ChevronLeftIcon from '@material-ui/icons/ChevronLeft';
 import HomeIcon from '@material-ui/icons/Home';

-import { Build, QueueMusic, ExitToApp, AccountCircle, KeyboardBackspace, GroupWork } from '@material-ui/icons'
+import { Build, QueueMusic, ExitToApp, AccountCircle, KeyboardBackspace, GroupWork, Policy } from '@material-ui/icons'

 const axios = require('axios');

@ -157,6 +157,11 @@ class MusicTools extends Component {
                                </ListItem>
                            }

+                            <ListItem button key="privacy" onClick={(e) => { window.location.href = '/privacy' }}>
+                                <ListItemIcon><Policy /></ListItemIcon>
+                                <ListItemText primary="Privacy" />
+                            </ListItem>
+
                            {/* LOGOUT */}
                            <ListItem button key="logout" onClick={(e) => { window.location.href = '/auth/logout' }}>
                                <ListItemIcon><KeyboardBackspace /></ListItemIcon>