Write the privacy policy for the site
Closed this issue · 3 comments
it should include
- google analytics information
- content about the info we collect from submissions
it's done when
- we have a draft of a privacy policy that the team agrees on and that can be put on the site
Since we will have a third-level domain name, I think a link to the GSA privacy policy page should be sufficient.
The following portion should cover us receiving inquiries through the site, either via email for through a form. The GSA privacy policy also talks about using Google Analytics.
Information You Send Us
When you send us personal information (e.g., in an electronic mail message containing a question or comment) or by filling out a form that email us this information, we only use this information to respond to your request. Such application information is carefully protected by the agency and not available in or retained by web tracking software. We may forward your email to the government employee who can best answer your questions. We do not disclose, give, sell, or transfer any personal information about our visitors, unless required for law enforcement or statute.
We want to make it clear that we will not obtain personally identifying information about you when you visit our site, unless you choose to provide that information to us. Except for authorized law enforcement investigations, or as otherwise required by law, we do not share any information we receive with anyone else.
I think we should write our own because it's not true that if someone emails us an idea that we only use that information to respond to their request, and we are likely to keep PII related to that pitch idea for future reference. But I think we can borrow language pretty liberally from that privacy policy and maybe some similar applications that TTS has built (I'm thinking plainlanguage.gov and/or Fugacious/Toast).
In short, I don't think it's a big lift.