Update privacy policy #418
Conversation
keunes
force-pushed
the
privacy-policy-update
branch
from
ed74365 to
476f6fb
Compare
| - Google: If you have activated backup & reset in your phone settings (`Settings` » `Backup & Reset` » `Back up my data`), you should be aware that Android itself will periodically save a copy of your phone's data in Google's servers. This backup contains private information, including your WiFi passwords, messages and call history. It may also include data from AntennaPod and from other apps you use. The developers of AntennaPod do not have access to this data. For more information, see [Google's privacy policy](https://policies.google.com). | ||
| #### Podcast hosters | ||
| - When provided in the podcast settings, a host will receive authentication data you provided. | ||
| - Web servers that provide podcast feeds may collect additional data, such as your IP address, access time and what is being accessed. This includes the episodes you are downloading or streaming. Please refer to their respective privacy policies for details. You can view a podcast’s URL by opening the podcast and pressing the info icon. AntennaPod allows remote servers to set cookies but clears them when the app is restarted. When AntennaPod reaches out to a server it only sends the cookies created by the same server (based on the domain name). If multiple podcasts are hosted on the same server, the server can detect the list of podcasts that you subscribed to and that are hosted on that server. This can happen when publishers use services like FeedBurner, Podtrac, or similar to distribute their feeds. |
There was a problem hiding this comment.
This sending of cookies only to the correct servers is a bit too detailed and confusing for regular users, I would say.
| - Web servers that provide podcast feeds may collect additional data, such as your IP address, access time and what is being accessed. This includes the episodes you are downloading or streaming. Please refer to their respective privacy policies for details. You can view a podcast’s URL by opening the podcast and pressing the info icon. AntennaPod allows remote servers to set cookies but clears them when the app is restarted. When AntennaPod reaches out to a server it only sends the cookies created by the same server (based on the domain name). If multiple podcasts are hosted on the same server, the server can detect the list of podcasts that you subscribed to and that are hosted on that server. This can happen when publishers use services like FeedBurner, Podtrac, or similar to distribute their feeds. | |
| - Web servers that provide podcast feeds may collect additional data, such as your IP address, access time and what is being accessed. This includes the episodes you are downloading or streaming. Please refer to their respective privacy policies for details. You can view a podcast’s URL by opening the podcast and pressing the info icon. AntennaPod automatically clears any cookies set by the remote servers when the app is restarted. If multiple podcasts are hosted on the same server, the server can detect the list of podcasts that you subscribed to and that are hosted on that server. This can happen when publishers use services like FeedBurner, Podtrac, or similar to distribute their feeds. |
There was a problem hiding this comment.
@ByteHamster I'm not sure. Most people will not read this document. People actually reading it are most likely interested in understanding how exactly it works. So I would not say we're writing for 'regular users'.
Given this I think we can go a bit more into the technical details (for example, indicating that we apply the same principles about cross-domain access as browsers). What about this?
| - Web servers that provide podcast feeds may collect additional data, such as your IP address, access time and what is being accessed. This includes the episodes you are downloading or streaming. Please refer to their respective privacy policies for details. You can view a podcast’s URL by opening the podcast and pressing the info icon. AntennaPod allows remote servers to set cookies but clears them when the app is restarted. When AntennaPod reaches out to a server it only sends the cookies created by the same server (based on the domain name). If multiple podcasts are hosted on the same server, the server can detect the list of podcasts that you subscribed to and that are hosted on that server. This can happen when publishers use services like FeedBurner, Podtrac, or similar to distribute their feeds. | |
| - Web servers that provide podcast feeds may collect additional data, such as your IP address, access time and what is being accessed. This includes the episodes you are downloading or streaming. Please refer to their respective privacy policies for details. You can view a podcast’s URL by opening the podcast and pressing the info icon. AntennaPod allows servers to set cookies but clears them each time the app is restarted. Web servers only get access to cookies that were set by the same server. If multiple podcasts are hosted on the same server, that server can potentially detect which of its hosted podcasts you've subscribed to. This can happen when publishers use services like FeedBurner, Podtrac, or similar to distribute their feeds. |
There was a problem hiding this comment.
for example, indicating that we apply the same principles about cross-domain access as browsers
That goes without saying. Explicitly stating this feels quite odd. Cookies are never sent to a server that did not set them, just by the way cookies work technically.
There was a problem hiding this comment.
That goes without saying. Explicitly stating this feels quite odd. Cookies are never sent to a server that did not set them, just by the way cookies work technically.
I think it goes without saying for the technically inclined. To understand how all this works and be able to get to the current text I had to do some research. I was confused, for example (and am still not sure I understand properly), how we had this whole scandal of Facebook tracking on third party websites if it's not possible for website A to place cookies for website B. So for me, what I proposed gives an explanation of what actually is happening, without assuming prior knowledge.
IMHO the main questions are a) is it correct (truthful) and b) is it understandable (for folks like me).
Closes #139
'Last updated' date to be adjusted when implementing feedback.