From 978136bb4e26d4bfc340eca1dcafdc72eaeddeac Mon Sep 17 00:00:00 2001 From: andy Date: Fri, 12 Aug 2022 11:21:31 +0100 Subject: [PATCH] adding privacy policy, closes #37 --- music/music.py | 4 ++++ music/templates/base.html | 2 ++ music/templates/privacy.html | 42 ++++++++++++++++++++++++++++++++++++ src/js/MusicTools.js | 7 +++++- 4 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 music/templates/privacy.html diff --git a/music/music.py b/music/music.py index 070f1ea..1aae82e 100644 --- a/music/music.py +++ b/music/music.py @@ -46,6 +46,10 @@ def create_app(): return render_template('login.html', logged_in=logged_in) + @app.route('/privacy') + def privacy(): + return render_template('privacy.html') + @app.route('/app', defaults={'path': ''}) @app.route('/app/') def app_route(path): diff --git a/music/templates/base.html b/music/templates/base.html index b87e0a2..728bca5 100644 --- a/music/templates/base.html +++ b/music/templates/base.html @@ -24,6 +24,8 @@

diff --git a/music/templates/privacy.html b/music/templates/privacy.html new file mode 100644 index 0000000..e342c1c --- /dev/null +++ b/music/templates/privacy.html @@ -0,0 +1,42 @@ +{% extends 'base.html' %} + +{% block title %}Privacy{% endblock %} + +{% block content %} + + {% with messages = get_flashed_messages() %} + {% if messages %} + {% for message in messages %} +
+

{{ message }}

+
+ {% endfor %} + {% endif %} + {% endwith %} + +
+

Privacy Policy

+ +
+

Mixonomer is a side project that I don't/won't/can't monetise. No extra personal information is stored and all information can be deleted whenever you like. Your credentials are a username and password only, I don’t want your name/email/phone number. No analytics/ad libraries are used, although you may see Google domains in the connections as the app is hosted on Google’s cloud and the title is a Google font.

+ +

You can see all the information stored about you using the API, while logged in, go to

+ +

+ /api/user +
+ /api/playlists +
+ /api/tags +

+ +

This includes all data except for some sensitive user data including the password hash and Spotify credentials.

+ +

Mixonomer relies on a link to your Spotify account in order to manage smart playlists on your behalf. When you link your Spotify account, Mixonomer is provided with a key that it can use to make requests of Spotify. You can unlink Spotify from the Mixonomer settings, doing so clears all stored Spotify credentials, completely removing Mixonomer's ability to manage your Spotify account. If and when you would like to prevent Mixonomer's access to your Spotify account, you can also revoke Mixonomer's access from your Spotify account settings.

+ +

Mixonomer also has Last.fm integrations, enabled by providing your username in the Mixonomer settings page. Mixonomer only uses publicly available Last.fm data, no authentication with Last.fm is required and removing the username from Mixonomer’s settings disables the integration.

+ +

Delete account functionality does not yet have a UI implementation, but there is API support, POST to /api/user to delete all user data.

+
+
+{% endblock %} diff --git a/src/js/MusicTools.js b/src/js/MusicTools.js index 1129592..12bc860 100644 --- a/src/js/MusicTools.js +++ b/src/js/MusicTools.js @@ -15,7 +15,7 @@ import MenuIcon from '@material-ui/icons/Menu'; import ChevronLeftIcon from '@material-ui/icons/ChevronLeft'; import HomeIcon from '@material-ui/icons/Home'; -import { Build, QueueMusic, ExitToApp, AccountCircle, KeyboardBackspace, GroupWork } from '@material-ui/icons' +import { Build, QueueMusic, ExitToApp, AccountCircle, KeyboardBackspace, GroupWork, Policy } from '@material-ui/icons' const axios = require('axios'); @@ -157,6 +157,11 @@ class MusicTools extends Component { } + { window.location.href = '/privacy' }}> + + + + {/* LOGOUT */} { window.location.href = '/auth/logout' }}>