It appears that the Terms and Conditions do not protect users from having their data unknowingly collected
gabrielfalcao opened this issue · 3 comments
gitpay/frontend/src/main/app.js
Line 40 in b5176ed
The T&C of LogRocket are way more comprehensive and provide definitions of and explanation to concepts such as "Customer Data" and "Sensitive Data". I believe that the final product deployed the website https://gitpay.me might be creating a loophole where sensitive and possibly critical data is being relayed through its internal javascript libraries. Furthermore, upon opening WebKit's inspection console it appears that there is Javascript code running on https://gitpay.me that attempts to load files in the client computer via the file://
URI scheme. Ultimately, it's also apparent that there are instances of the Solana and Metamask libraries - to whatever extent - running in the client-side machines. Whether such code is mining cryptocurrency on the client-side or not, such intricacies of the system should at the very least be outlined in the Terms and Conditions of https://gitpay.me
Thanks @gabrielfalcao for reporting this, we will address the cookie policy as our next priority (#931) about the data collection as our next priority and we will check the attempt to load files in the clients computer and the Solana and Metamask as well.
We're reviewing our terms and conditions and privacy policy and it will be available in our next release.
@gabrielfalcao we have now a cookie implementation, as our terms of service and privacy policy updated and a starting point for a cookie policy, and I think we cover the basics now