Skip to content

Commit

Permalink
Privacy policy updates (#1208)
Browse files Browse the repository at this point in the history 
* Privacy policy updates

* Provide support email on the environment

* Support emails on CI config for RC and Prod
  • Loading branch information
@jonkafton
jonkafton authored Jul 1, 2024
1 parent c812c79 commit 2e9f064
Show file tree
Hide file tree
Showing 5 changed files with 98 additions and 114 deletions.
2 changes: 2 additions & 0 deletions .env.example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,3 +40,5 @@ POSTHOG_PROJECT_API_KEY=
POSTHOG_PERSONAL_API_KEY=
POSTHOG_HOST=https://app.posthog.com
POSTHOG_TIMEOUT_MS=1500

MITOPEN_SUPPORT_EMAIL=[email protected]
1 change: 1 addition & 0 deletions .github/workflows/production.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ jobs:
POSTHOG_PROJECT_API_KEY: ${{ secrets.POSTHOG_PROJECT_API_KEY_PROD }}
MITOPEN_AXIOS_WITH_CREDENTIALS: true
MITOPEN_AXIOS_BASE_PATH: https://api.mitopen.odl.mit.edu
MITOPEN_SUPPORT_EMAIL: [email protected]

- uses: akhileshns/heroku-deploy@581dd286c962b6972d427fcf8980f60755c15520
with:
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/release-candidate.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ jobs:
POSTHOG_PROJECT_API_KEY: ${{ secrets.POSTHOG_PROJECT_API_KEY_RC }}
MITOPEN_AXIOS_WITH_CREDENTIALS: true
MITOPEN_AXIOS_BASE_PATH: https://api.mitopen-rc.odl.mit.edu
MITOPEN_SUPPORT_EMAIL: [email protected]

- uses: akhileshns/heroku-deploy@581dd286c962b6972d427fcf8980f60755c15520
with:
Expand Down
202 changes: 88 additions & 114 deletions frontends/mit-open/src/pages/PrivacyPage/PrivacyPage.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,9 @@ const UnorderedList = styled.ul(({ theme }) => ({
...theme.typography.body1,
}))

const { SITE_NAME } = process.env
const { MITOPEN_SUPPORT_EMAIL } = process.env

const PrivacyPage: React.FC = () => {
return (
<Container>
Expand All @@ -69,24 +72,24 @@ const PrivacyPage: React.FC = () => {
<BodyContainer>
<BodyText variant="h4">Introduction</BodyText>
<BodyText variant="body1">
MIT Open provides information about MIT courses, programs, and
{SITE_NAME} provides information about MIT courses, programs, and
learning materials to learners from across the world. This Privacy
Statement explains how MIT Open collects, uses, and processes
Statement explains how {SITE_NAME} collects, uses, and processes
personal information about our learners.
</BodyText>
<BodyText variant="h4">What personal information we collect</BodyText>
<BodyText variant="body1">
We collect, use, store, and transfer different kinds of personal
We may collect, use, store, and transfer different kinds of personal
information about you, which we have grouped together as follows:
</BodyText>
<UnorderedList>
<li>
Biographic information - name, gender, date of birth, email
address, country of residence, employer, title/position, household
income, CV, company size, job function, industry, university name,
enrollment status, anticipated degree, anticipated date of
graduation, pre-retirement career, year of retirement, and other
demographic info
address, country of residence, education level, employer,
title/position, household income, CV, company size, job function,
industry, university name, enrollment status, anticipated degree,
anticipated date of graduation, pre-retirement career, year of
retirement, and other demographic info
</li>
<li>
Demographics and Interests - Affinity categories, Product Purchase
Expand All @@ -104,11 +107,7 @@ const PrivacyPage: React.FC = () => {
</BodyText>
<BodyText variant="body1">
We collect information, including Personal Information, when you
create and maintain a profile and user account, participate in
online courses, submit applications for financial assistance (if
available), register/pay for a paid certificate, send us email
messages, complete an entrance or exit survey, and/or participate in
our public forums and social media.
create and maintain a profile and user account.
</BodyText>
<BodyText variant="body1">
We also collect certain usage information about learner performance
Expand All @@ -129,21 +128,21 @@ const PrivacyPage: React.FC = () => {
able to determine from an IP address a user's Internet Service
Provider and the geographic location of his or her point of
connectivity. Various web analytics tools, including Google
Analytics, Google Analytics: Demographics and Interests and HubSpot,
are used to collect this information. Some of the information is
collected through cookies (small text files placed on your computer
that store information about you, which can be accessed by the
Site). You should be able to control how and whether cookies will be
accepted by your web browser. Most browsers offer instructions on
how to reset the browser to reject cookies in the "Help" section of
the toolbar. If you reject our cookies, many functions and
conveniences of this Site may not work properly.
Analytics, Google Analytics: Demographics and Interests, and
HubSpot, are used to collect this information. Some of the
information is collected through cookies (small text files placed on
your computer that store information about you, which can be
accessed by the Site). You should be able to control how and whether
cookies will be accepted by your web browser. Most browsers offer
instructions on how to reset the browser to reject cookies in the
"Help" section of the toolbar. If you reject our cookies, many
functions and conveniences of this Site may not work properly.
</BodyText>
<BodyText variant="h4">How we use your personal information</BodyText>
<BodyText variant="body1">
We collect, use, and process your personal information (1) to
process transactions requested by you and meet our contractual
obligations; (2) to facilitate MITx Online's legitimate interests,
obligations; (2) to facilitate {SITE_NAME}'s legitimate interests,
and/or (3) with your explicit consent, where applicable. Examples of
the ways in which we use your personal information are as follows:
</BodyText>
Expand All @@ -152,10 +151,10 @@ const PrivacyPage: React.FC = () => {
To enable us to provide, administer, and improve our courses.
</li>
<li>
To help us improve MITx Online offerings, both individually (e.g.,
To help us improve {SITE_NAME} offerings, both individually (e.g.,
by course staff when working with a student) and in aggregate, and
to individualize the experience and to evaluate the access and use
of the Site and the impact of MIT Open on the worldwide
of the Site and the impact of {SITE_NAME} on the worldwide
educational community.
</li>
<li>
Expand All @@ -180,12 +179,12 @@ const PrivacyPage: React.FC = () => {
</li>
<li>
To publish information, but not Personal Information, gathered
about MITx Online's access, use, impact, and student performance.
about {SITE_NAME}'s access, use, impact, and student performance.
</li>
<li>
To send you updates about online courses offered by MITx Online or
To send you updates about online courses offered by {SITE_NAME} or
other events, to send you communications about products or
services of MITx Online Digital Programs, affiliates, or selected
services of {SITE_NAME} Digital Programs, affiliates, or selected
business partners that may be of interest to you, or to send you
email messages about Site maintenance or updates.
</li>
Expand All @@ -212,89 +211,36 @@ const PrivacyPage: React.FC = () => {
</UnorderedList>
<BodyText variant="body1">
If you have concerns about any of these purposes, or how we
communicate with you, please contact us at
[email protected]. We will always respect a request by you
to stop processing your personal information (subject to our legal
obligations).
communicate with you, please contact us at {MITOPEN_SUPPORT_EMAIL}.
We will always respect a request by you to stop processing your
personal information (subject to our legal obligations).
</BodyText>
<BodyText variant="h4">
When we share your personal information
</BodyText>
<BodyText variant="h4">How we use your personal information</BodyText>
<UnorderedList>
<li>
With service providers or contractors that perform certain
functions on our behalf, including processing information that you
provide to us on the Site, processing purchases via third-party
providers and other transactions through the Site, operating the
Site or portions of it, providing or administering courses, or in
connection with other aspects of MITx Online services.
</li>
<li>
With other visitors to the Site, to the extent that you submit
comments, course work, or other information or content
(collectively, "Postings") to a portion of the Site designed for
public communications; and with other members of an MITx Online
class of which you are a member, to the extent you submit Postings
to a portion of the Site designed for viewing by those class
members. We may provide your Postings to students who later enroll
in the same classes as you within the context of the forums, the
courseware, or otherwise. If we do re-post your Postings
originally made to non-public portions of the Site, we will post
them without your real name and email (except with your express
permission), but we may use your username without your consent.
</li>
<li>
For purposes of scientific research, particularly, for example, in
the areas of cognitive science and education. However, we will
only share Personal Information about you for this purpose to the
extent that doing so complies with applicable law and is limited
to the Personal Information required to fulfill the purposes
stated at the time of collection.
</li>
<li>
To provide opportunities for you to communicate with other users
who may have similar interests or educational goals. For instance,
we may recommend specific study partners or connect potential
student mentees and mentors. In such cases, we may use all
information collected about you to determine who might be
interested in communicating with you, but we will only provide
other users your username, and not disclose your real name or
email address, except with your express permission.
</li>
<li>
To respond to subpoenas, court orders, or other legal processes;
to investigate, prevent, or take action regarding illegal
activities, suspected fraud, or security or technical issues, or
to enforce our Terms of Service or this Privacy Policy; as
otherwise may be required by applicable law; or to protect our
rights, property, or safety or those of others.
</li>
<li>
As otherwise described to you at the point of collection or
pursuant to your consent.
</li>
<li>
To support integration with third party services. For example,
videos and other content may be hosted on YouTube and other
websites not controlled by us.
</li>
</UnorderedList>
<BodyText variant="body1">
In cases where we share or disclose your Personal Information: (1)
the third party recipients are required to handle the Personal
Information in a confidential manner and to maintain adequate
security to protect the information from loss, misuse, unauthorized
access or disclosure, alteration, and destruction; and (2) we will
only disclose and share the Personal Information that is required by
the third party to fulfill the purpose stated at the time of
collection. In addition, we may share aggregated information that
does not personally identify you with the public and with third
parties, including but not limited to researchers and business
partners.
We may share your personal information with departments, labs, and
centers within the MIT Community to provide information which may be
of interest to you. User information may also be shared with
third-party partners to the extent necessary for such third parties
to provide services to us or to users of our services or provide.
Any third parties who receive user information for this purpose are
prohibited from using or sharing user information for any purpose
other than providing services to MIT.
</BodyText>
<BodyText variant="body1">
We may also provide your information to third parties in
circumstances where we believe that doing so is necessary or
appropriate to satisfy any applicable law, regulation, legal process
or governmental request; to enforce our rights, to detect, prevent
or otherwise address fraud, security or technical issues; or to
protect the rights, property or safety of us, our users or others.
</BodyText>
<BodyText variant="h4">
How your information is stored and secured
</BodyText>
<BodyText variant="body1">
MIT Open is designed to protect Personal Information in its
{SITE_NAME} is designed to protect Personal Information in its
possession or control. This is done through a variety of privacy and
security policies, processes, and procedures, including
administrative, physical, and technical safeguards that reasonably
Expand All @@ -308,25 +254,26 @@ const PrivacyPage: React.FC = () => {
How long we keep your personal information
</BodyText>
<BodyText variant="body1">
We consider your relationship with the MITx Online community to be
We consider your relationship with the {SITE_NAME} community to be
lifelong. This means that we will maintain a record for you until
such time as you tell us that you no longer wish us to keep in
touch. Requests to delete your account or personal information can
be sent to [email protected]. After such time, we will retain a core
set of information for MITx Online's legitimate purposes, such as
set of information for {SITE_NAME}'s legitimate purposes, such as
archival, scientific and historical research and for the defense of
potential legal claims.
</BodyText>
<BodyText variant="h4">
Rights for Individuals in the European Economic Area
Rights for Individuals in the European Economic Area (EEA) or United
Kingdom (UK)
</BodyText>
<BodyText variant="body1">
You have the right in certain circumstances to (1) access your
personal information; (2) to correct or erase information; (3)
restrict processing; and (4) object to communications, direct
marketing, or profiling. To the extent applicable, the EU’s General
Data Protection Regulation provides further information about your
rights. You also have the right to lodge complaints with your
marketing, or profiling. To the extent applicable, the EEA’s General
Data Protection Regulation (GDPR) provides further information about
your rights. You also have the right to lodge complaints with your
national or regional data protection authority.
</BodyText>
<BodyText variant="body1">
Expand All @@ -351,16 +298,43 @@ const PrivacyPage: React.FC = () => {
level of protection as the data and privacy laws and regulations of
the EEA.
</BodyText>
<BodyText variant="body1">
You are under no statutory or contractual obligation to provide any
personal data to us. The controller for your personal information is
MIT.
</BodyText>
<BodyText variant="body1">
If you are in the EEA or UK and wish to assert any of your
applicable GDPR rights, please contact [email protected]. You
may also contact MIT's representatives listed below:
</BodyText>
<BodyText variant="h5">
MIT Representative in the European Economic Area
</BodyText>
<BodyText variant="body1">
<strong>PJ-PAL Europe</strong>
<br />
Email: [email protected]
<br />
Address: 48 Boulevard Jourdan, 75014 Paris, France
</BodyText>
<BodyText variant="h5">
MIT Representative in the United Kingdom
</BodyText>
<BodyText variant="body1">
<strong>MIT Press UK</strong>
<br />
Address: 71 Queen Victoria Street, London, EC4V 4BE, United Kingdom
</BodyText>
<BodyText variant="h4">Additional Information</BodyText>
<BodyText variant="body1">
We may change this Privacy Statement from time to time. If we make
any significant changes in the way we treat your personal
information, we will make this clear on our website or by contacting
you directly.
information we will make this clear on our MIT websites or by
contacting you directly.
</BodyText>
<BodyText variant="body1">
The controller for your personal information is MIT. We can be
contacted at [email protected].
<strong>This policy was last updated in June 2024.</strong>
</BodyText>
</BodyContainer>
</PageContainer>
Expand Down
6 changes: 6 additions & 0 deletions frontends/mit-open/webpack.config.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ const {
API_DEV_PROXY_BASE_URL,
WEBPACK_ANALYZE,
SITE_NAME,
MITOPEN_SUPPORT_EMAIL,
} = cleanEnv(process.env, {
ENVIRONMENT: str({
choices: ["local", "docker", "production"],
Expand Down Expand Up @@ -53,6 +54,10 @@ const {
desc: ["The name of the site, used in page titles"],
default: "MIT Open",
}),
MITOPEN_SUPPORT_EMAIL: str({
desc: "Email address for support",
default: "[email protected]",
}),
})

const MITOPEN_FEATURES_PREFIX = "FEATURE_"
Expand Down Expand Up @@ -187,6 +192,7 @@ module.exports = (env, argv) => {
MITOPEN_AXIOS_BASE_PATH,
ENVIRONMENT,
SITE_NAME,
MITOPEN_SUPPORT_EMAIL,
}),
]
.concat(
Expand Down

0 comments on commit 2e9f064

Please sign in to comment.