commit c1f4490de47c44fe860e93a63b2ea0a1515850a2
parent 34a0748a370bbbe4b64e814f9d2c1b3c99297075
Author: Jacob R. Edwards <jacob@jacobedwards.org>
Date: Wed, 9 Oct 2024 14:05:08 -0700
Add policies
Add terms of service, use restriction, refund, and privacy policies
and get agreement on signup.
Hopefully this covers most everything, if the project actually does
well maybe I would invest in getting a lawyer to do it properly.
Diffstat:
6 files changed, 459 insertions(+), 5 deletions(-)
diff --git a/Makefile b/Makefile
@@ -4,7 +4,7 @@ libs =\
github.com/svgdotjs/svg.panzoom.js@2.1.2 \
github.com/mrdoob/three.js@r169 \
-install:
+install: update_policies
rsync $$(./libnames ${libs} | sed 's/^/--exclude=lib\//') -va --del files/ ${prefix}
uninstall:
@@ -22,7 +22,10 @@ update_libs:
./getlib "${lib}"
.endfor
+update_policies:
+ for p in ./files/policies/*.md; do smu < $$p > $${p%.md}.html; done
+
clean:
rm -rf lib/
-.PHONY: install install_libs update_libs
+.PHONY: install install_libs update_libs update_policies
diff --git a/files/policies/privacy-policy.md b/files/policies/privacy-policy.md
@@ -0,0 +1,160 @@
+# Privacy Policy
+
+Last updated: October 9th, 2024
+
+## What we collect and why
+
+### Identity and accesss
+
+When you sign up, we collect a username and password in order to
+authenticate you in the future.
+
+We also collect your email address in order to communicate to you
+necessary account status information. Your email is shared with
+shared with our payment processor [Stripe, Inc.](https://stripe.com)
+so they may contact you in regards to your payment. Please see their
+policies in order to learn how they use this information.
+
+### Advertising and Cookies
+
+We do not use cookies nor do we give your information to advertisers.
+Depending on your account settings, we may ocassionally send you
+emails regardings updates or improvements to the service or our
+other products.
+
+### Voluntary correspondence
+
+When you email or otherwise contact Spaceplanner.App with a question
+or to ask for help, we keep that correspondence, including your
+email address, so that we have a history of the past correspondence
+to refernce if you reach out in the future.
+
+We also store information you may volunteer, for example, written
+responses to surveys.
+
+## Your rights with respect to your information
+
+- Right to Know. You have the right to know what personal information
+ is collected, used, shared or sold. We outline both the categories
+ and specific bits of data we collect, as well as how they are
+ used, in this privacy policy.
+
+- Right of Access. This includes your right to access the personal
+ information we gather about you, and your right to obtain information
+ about the sharing, storage, security and processing of that
+ information.
+
+- Right to Correction. You have the right to request correction of
+ your personal information.
+
+- Right to Erasure / "To Be Forgotten." This is your right to
+ request, subject to certain limitations under applicable law,
+ that your personal information be erased from our possession and,
+ by extension, from all of our service providers. Fulfillment of
+ some data deletion requests may prevent you from using our services
+ because our applications may then no longer work. In such cases,
+ a data deletion request may result in closing your account.
+
+- Right to Complain. You have the right to make a complaint regarding
+ our handling of your personal information with the appropriate
+ supervisory authority.
+
+- Right to Restrict Processing. This is your right to request
+ restriction of how and why your personal information is used or
+ processed, including opting out of sale of your personal information.
+ (Again: we never have and never will sell your personal data.)
+
+- Right to Object. You have the right, in certain situations, to
+ object to how or why your personal information is processed.
+
+- Right to Portability. You have the right to receive the personal
+ information we have about you and the right to transmit it to
+ another party.
+
+- Right to not Be Subject to Automated Decision-Making. You have
+ the right to object to and prevent any decision that could have
+ a legal or similarly significant effect on you from being made
+ solely based on automated processes. This right is limited if the
+ decision is necessary for performance of any contract between you
+ and us, is allowed by applicable law, or is based on your explicit
+ consent.
+
+- Right to Non-Discrimination. We do not and will not charge you a
+ different amount to use our products, offer you different discounts,
+ or give you a lower level of customer service because you have
+ exercised your data privacy rights. However, the exercise of
+ certain rights may, by virtue of your exercising those rights,
+ prevent you from using our Services.
+
+Many of these rights can be exercised by signing in and updating
+your account information. Please note that certain information may
+be exempt from such requests under applicable law. For example, we
+need to retain certain information in order to provide our services
+to you.
+
+In some cases, we also need to take reasonable steps to verify your
+identity before responding to a request, which may include, at a
+minimum, depending on the sensitivity of the information you are
+requesting and the type of request you are making, verifying your
+name and email address. If we are unable to verify you, we may be
+unable to respond to your requests. If you have questions about
+exercising these rights or need assistance, please contact us at
+<privacy@spaceplanner.app>.
+
+Depending on applicable law, you may have the right to appeal our
+decision to deny your request, if applicable. You also have the
+right to lodge a complaint with a supervisory authority. If you are
+in the EU or UK, you can contact your data protection authority to
+file a complaint or learn more about local privacy laws.
+
+## How we secure your data
+
+All data is encrypted via SSL/TLS when transmitted from our servers
+to your browser.
+
+The data in our databases is not encrypted while live in our database
+in order to efficiently process requests, although passwords are
+always hashed before being stored persistantly.
+
+## What happens when you delete content in your account
+
+When you delete a floorplan, all the data associated with it (name,
+address, furniture, etc.) may be kept for under 30 days in order
+to allow you to restore it. Furthermore it may be kept in backups
+for another 30 days. Altogether the information should be purged
+within 60 days.
+
+If you choose to delete your account, your content will become
+immediately inaccessible and should be purged from our systems in
+full within 30 days.
+
+## Data retention
+
+We keep your information for the time necessary for the purposes
+for which it is processed. The length of time for which we retain
+information depends on the purposes for which we collected and use
+it and your choices, after which time we may delete and/or aggregate
+it. We may also retain and use this information as necessary to
+comply with our legal obligations, resolve disputes, and enforce
+our agreements. Through this policy, we have provided specific
+retention periods for certain types of information.
+
+## Location of site and data
+
+Our servers are operated in both the United States and the European
+Union. Please be aware that any information you provide to us will
+be transferred to and stored in the United States or the EU. By
+using our websites or services and/or providing us with your personal
+information, you consent to this transfer.
+
+## Changes and questions
+
+We may update this policy as needed to comply with relevant regulations
+and reflect any new practices. Whenever we make a significant
+change to our policies, we will refresh the date at the top of this
+page and take any other appropriate steps to notify users.
+
+Have any questions, comments, or concerns about this privacy policy,
+your data, or your rights with respect to your information? Please
+get in touch by emailing us at <privacy@spaceplanner.app> and we'll
+be happy to try to answer them!
diff --git a/files/policies/refund.md b/files/policies/refund.md
@@ -0,0 +1,22 @@
+# Refund Policy
+
+Our refund policy is simple: If you're ever unhappy with our products
+for any reason, just contact <support@spaceplanner.app> and we'll
+take care of you.
+
+## Examples of full refunds we'd grant
+
+- If you were just charged for your next month of service but you
+ meant to cancel, we're happy to refund that extra charge.
+
+- If you forgot to cancel your account a couple months ago and you
+ haven't used it since then, we'll give you a full refund for a
+ few back months. No problem.
+
+- If you tried one of our products for a couple months and you just
+ weren't happy with it, you can have your money back.
+
+## Example of partial refunds we'd grant
+
+- If we had extended downtime (multiple hours in a day, or multiple
+ days in a month), we'd issue a partial credit to your account.
diff --git a/files/policies/terms-of-service.md b/files/policies/terms-of-service.md
@@ -0,0 +1,241 @@
+# Terms of Service
+
+Last updated: October 9th, 2024
+
+When we say "Company", "we", "our", or "us" in this document, we
+are referring to the owner of the spaceplanner.app service.
+
+When we say "Services" we mean our websites, including spaceplanner.app,
+and any product created and maintained by us, whether delivered
+within a web browser, desktop application, mobile application, or
+another format.
+
+When we say "You" or "Your" we are referring to the people or
+organizations that own an account with one or more of our Services.
+
+We may update these Terms of Service ("Terms") in the future.
+Whenever we make a significant change to our policies, we will
+refresh the date at the top of this page and take any other appropriate
+steps to notify account holders.
+
+When you use our Services, now or in the future, you are agreeing
+to the latest Terms. There may be times where we do not exercise
+or enforce a right or provision of the Terms; however, that does
+not mean we are waiving that right or provision. These Terms do
+contain a limitation of our liability.
+
+If you violate any of the Terms, we may terminate your account.
+That's a broad statement and it means you need to place a lot of
+trust in us. We do our best to deserve that trust by being open
+about who we are, how we work, and keeping an open door to your
+feedback.
+
+## Account Terms
+
+1. You are responsible for maintaining the security of your account
+ and password and for ensuring that any of your users do the same.
+ The Company cannot and will not be liable for any loss or damage
+ from your failure to comply with this security obligation. We
+ recommend all users set up two-factor authentication for added
+ security. In some of our Services, we may require it.
+
+2. You may not use the Services for any purpose outlined in our
+ [Use Restriction](/policies/use-restriction.html) policy, and
+ you may not permit any of your users to do so, either.
+
+3. You are responsible for all content posted to and activity that
+ occurs under your account, including content posted by and
+ activity of any users in your account.
+
+4. You must be a human. Accounts registered by "bots" or other
+ automated methods are not permitted.
+
+## Payment, Refunds, and Plan Changes
+
+1. Our services are sold as a subscription, the price and duration
+ of which are disclosed before purchase.
+
+2. For upgrades in service level, you are immediately charged the
+ difference in price. For downgrades you will be charged to new
+ price on the next billing cycle.
+
+3. All fees are exclusive of all taxes, levies, or duties imposed
+ by taxing authorities. Where required, we will collect those
+ taxes on behalf of the taxing authority and remit those taxes
+ to taxing authorities. Otherwise, you are responsible for payment
+ of all taxes, levies, or duties.
+
+4. We process refunds in accordance with our [refund
+ policy](/policies/refund.html).
+
+## Cancellation and Termination
+
+- You are solely responsable for properly cancelling your account.
+ We provide a simple, functional account deletion button for you
+ to facilitate this. An email or phone request to cancel your
+ account is not automatically considered cancellation. If you need
+ help canceling your account, you can always contact support
+ <support@spaceplanner.app>.
+
+- All of your content will be inaccessible from the Services
+ immediately upon account cancellation. Within 30 days, all content
+ will be permanently deleted from active systems and logs. Within
+ 60 days, all content will be permanently deleted from our backups.
+ We cannot recover this information once it has been permanently
+ deleted.
+
+- If you cancel the Service before the end of your current paid up
+ month, your cancellation will take effect immediately, and you
+ will not be charged again. We do not automatically prorate unused
+ time in the last billing cycle. See our Fair Refund policy for
+ more details.
+
+- We have the right to suspend or terminate your account
+ and refuse any and all current or future use of our Services for
+ any reason at any time. Suspension means you and any other users
+ on your account will not be able to access the account or any
+ content in the account. Termination will furthermore result in
+ the deletion of your account or your access to your account, and
+ the forfeiture and relinquishment of all content in your account.
+ We also reserve the right to refuse the use of the Services to
+ anyone for any reason at any time. We have this clause because
+ statistically speaking, out of the hundreds of thousands of
+ accounts on our Services, there is at least one doing something
+ nefarious. For more details, see our Use Restrictions policy.
+
+## Modifications to the Services and Prices
+
+- We reserve the right at any time to modify or discontinue,
+ temporarily or permanently, any part of our Services with or
+ without notice.
+
+- Sometimes we change the pricing structure for our products.
+ When we do that, we may exempt existing customers from those
+ changes. We may also choose to change the prices for existing
+ customers. If we do so, we will give advance notice to you via
+ the email on record.
+
+## Uptime, Security, and Privacy
+
+1. Your use of the Services is at your sole risk. We provide these
+ Services on an "as is" and "as available" basis. We do not offer
+ service-level agreements for our Services, but we do try to the
+ best of our abilities to keep services up and running.
+
+2. We reserve the right to temporarily disable your account if your
+ usage significantly exceeds the average usage of other customers
+ of the Services. Of course, we'll reach out to the account owner
+ before taking any action except in rare cases where the level
+ of use may negatively impact the performance of the Service for
+ other customers.
+
+3. We take many measures to protect and secure your data through
+ backups, redundancies, and encryption. We enforce encryption for
+ data transmission from the public Internet.
+
+4. When you use our Services, you entrust us with your data. You
+ agree that we may process your data as described in our Privacy
+ Policy and for no other purpose. We as humans can access your
+ data for the following reasons:
+
+ - To help you with support requests you make.
+
+ - On the rare occasions when an error occurs that stops an automated
+ process partway through. We get automated alerts when such errors
+ occur. When we can fix the issue and restart automated processing
+ without looking at any personal data, we do. In rare cases, we
+ have to look at a minimum amount of personal data to fix the
+ issue. In these rare cases, we aim to fix the root cause to prevent
+ the errors from recurring.
+
+ - To safeguard our Services. We'll look at logs and metadata as
+ part of our work to ensure the security of your data and the
+ Services as a whole. If necessary, we may also access accounts
+ as part of an abuse report investigation.
+
+ - To the extent required by applicable law.
+
+5. We use third party vendors and hosting partners to provide the
+ necessary hardware, software, networking, storage, and related
+ technology required to run the Services. Notably, [OpenBSD
+ Amsterdam](https://openbsd.amsterdam) for our servers and [Stripe,
+ Inc.](https://stripe.com) for payment processing.
+
+6. Under the California Consumer Privacy Act ("CCPA"), we are a
+ "service provider", not a "business" or "third party", with
+ respect to your use of the Services. That means we process any
+ data you share with us only for the purpose you signed up for
+ and as described in these Terms, the Privacy policy, and other
+ policies. We do not retain, use, disclose, or sell any of that
+ information for any other commercial purposes unless we have
+ your explicit permission. And on the flip-side, you agree to
+ comply with your requirements under the CCPA and not use our
+ Services in a way that violates the regulations.
+
+# Copyright and Content Ownership
+
+1. All content posted on the Services must comply with U.S. copyright
+ law. We provide details on how to file a copyright infringement
+ claim.
+
+2. You give us a limited license to use the content posted by you
+ and your users in order to provide the Services to you, but we
+ claim no ownership rights over those materials. All materials
+ you submit to the Services remain yours.
+
+3. We do not pre-screen content, but we reserve the right (but not
+ the obligation) in our sole discretion to refuse or remove any
+ content that is available via the Service.
+
+4. The Company or its licensors own all right, title, and interest
+ in and to the Services, including all intellectual property
+ rights therein, and you obtain no ownership rights in the Services
+ as a result of your use. You may not duplicate, copy, or reuse
+ any portion of the HTML, CSS, JavaScript, or visual design
+ elements without express written permission from the Company.
+ You must request permission to use the Company's logos or any
+ Service logos for promotional purposes. Please email us at
+ <support@spaceplanner.app> for requests to use logos. We reserve
+ the right to rescind any permissions if you violate these Terms.
+
+5. You agree not to reproduce, duplicate, copy, sell, resell or
+ exploit any portion of the Services, use of the Services, or
+ access to the Services without the express written permission
+ of the Company.
+
+## Features and Bugs
+
+We design our Services with care, based on our own experience and
+the experiences of customers who share their time and feedback.
+However, there is no such thing as a service that pleases everybody.
+We make no guarantees that our Services will meet your specific
+requirements or expectations.
+
+As with any software, our Services inevitably have some bugs. We
+attempt to provide you the best product possible, but we don't
+guarantee completely error-free Services.
+
+## Liability
+
+We mention liability throughout these Terms but to put it all in
+one section:
+
+You expressly understand and agree that the Company shall not be
+liable, in law or in equity, to you or to any third party for any
+direct, indirect, incidental, lost profits, special, consequential,
+punitive or exemplary damages, including, but not limited to, damages
+for loss of profits, goodwill, use, data or other intangible losses
+(even if the Company has been advised of the possibility of such
+damages), resulting from: (i) the use or the inability to use the
+Services; (ii) the cost of procurement of substitute goods and
+services resulting from any goods, data, information or services
+purchased or obtained or messages received or transactions entered
+into through or from the Services; (iii) unauthorized access to or
+alteration of your transmissions or data; (iv) statements or conduct
+of any third party on the service; (v) or any other matter relating
+to these Terms or the Services, whether as a breach of contract,
+tort (including negligence whether active or passive), or any other
+theory of liability.
+
+If you have a question about any of these Terms, please contact our
+support team at <support@spaceplanner.app>.
diff --git a/files/policies/use-restriction.md b/files/policies/use-restriction.md
@@ -0,0 +1,28 @@
+# Use Restrictions
+
+## Restricted purposes
+
+When you use any of Spaceplanner.App's Services, you acknowledge
+that you may not:
+
+- Collect or extract information and/or user data from accounts
+ which do not belong to you.
+
+- Circumvent, disable, or otherwise interfere with security-related
+ features of the Services.
+
+- Trick, defraud, or mislead us or other users, including but not
+ limited to making false reports or impersonating another user.
+
+- Upload or transmit (or attempt to upload or to transmit) viruses
+ or any type of malware, or information collection mechanism,
+ including 1x1 pixels, web bugs, cookies, or other similar devices.
+
+- Interfere with, disrupt, or create an undue burden on the Services
+ or the networks or the Services connected.
+
+- Use the Services in a manner inconsistent with any applicable
+ laws or regulations.
+
+Accounts found to be in violation of any of the above are subject
+to cancellation without prior notice.
diff --git a/files/register/index.html b/files/register/index.html
@@ -40,9 +40,9 @@
<p><small><input type="checkbox"
required></input>By checking this box
you agree that you have read and accept the
- <a href="/legal/terms">terms</a> and <a
- href="/legal/privacy-policy">privacy
- policy</a>.</small></p>
+ <a href="/policies/terms-of-service.html">Terms of Service</a> and <a
+ href="/policies/privacy-policy.html">Privacy
+ Policy</a>.</small></p>
<input type="submit" value="Signup"/>
</form>
