BlueSpicePrivacy
-
- Last edited 5 years ago by Florian Bäckmann
-
-
- This page is a draft but has an approved version
Contents
What is BlueSpicePrivacy?
BlueSpicePrivacy is an extension that enables users to control the way their data is collected and used by the wiki.
Cookie consent
When anonymous or registered users visit the wiki for the first time, they are presented with a prompt to accept the cookies that the wiki collects. Users have the option to accept all cookies or to manage each group of cookies separately. This is done by opening "Cookie consent settings" and then clicking on the button in the prompt. There are several groups of cookies, based on the function they perform:
- Necessary cookies: Cookies that are needed for the user to be able to use the wiki (cookies for keeping session information, user ID data, and so on).
- Convenience cookies: Cookies that provide a more comfortable wiki experience (saving the state of components of the interface, some user preferences, and more)
Accepting (at least the necessary) cookies is mandatory before using the wiki for the first time.
Cookie settings can be changed afterwards at any point by clicking on "Change cookie consent" in the wiki footer links or on the page Special:PrivacyCenter
.
Privacy Center
The privacy center is the hub for a user's privacy settings. It is located in the profile menu (clicking on user image in the top right corner) or by navigating to Special:PrivacyCenter
.
This special page consist of a number of "modules". Each module performs a privacy-related function.
Anonymization
In this section, users can anonymize their account on the wiki. This means that users can change their username on the wiki. The new username appears wherever the username is used, including comments, page histories and logs. All traces of previous user information including profile information and profile data is removed or renamed.
To anonymize their account, users pick the new username (a random anonymized username is offered by default) and click "Anonymize my account". After confirmation, the process of anonymization starts and the user receives a notification upon completion.
Delete your account
Users can delete all traces of their account from the wiki by clicking the "Delete your account" button. After confirmation, the user account is deleted. In case there is an error in the process, users will be notified of the failed deletion process. By deleting their account, users will remove all references to their user account anywhere on the wiki.All of the user's contributions is then attributed to "Deleted user", which will appear instead of the original username.
Transparency
This module allows users to view and export all data the wiki has collected about them. To only view the data, without exporting it, a user can click on the button "Show all data". This opens a dialog containing all of the user's data. The data is grouped by:
- Mentions in content: Snippets of the page content where the user's name is mentioned.
- Working data: Data from extensions - reminders, page assignments, etc.
- Personal data: Profile data, personal information and the user's status on the wiki.
- Action data: Log data for users actions - edits, page deletions, page moves and administrative actions.
To export the data, the userselects the groups to export and the export format (HTML or CSV). After clicking "Export data", the user can download the compiled file.
Privacy policy consent
In this section, users can change their consents to the wiki's privacy policy. Further options may appear based on a specific wiki configuration. Users can also change their consent to cookies (as described above).
Requesting actions
The wiki can be configured so that users are not allowed to directly execute certain privacy-related actions. They need to request that operation first.
Requesting actions applies to:
- Anonymization
- "Delete your account"
Requests can be enabled for the wiki by setting $bsgPrivacyEnableRequests = true;
in LocalSettings.php
Once enabled, users will be presented with a request form in the affected sections. In this form, users can click "Request anonymization" and "Request account deletion" respectively. For account deletion, users can enter an optional comment explaining the reason for the request.
All submitted requests are sent to wiki admins for review.
After submitting the request, a user sees a "Request pending" notice in the Privacy Center. If the request is denied, the user is notified with a comment from the wiki administrator. If the user's request is approved, the user also receives a notification.
Reviewing user requests
Wiki admins (users with "admin" role) can access the Privacy Admin page located in Global actions > Management or by navigating to Special:PrivacyAdmin
.
This pages lists the submitted requests. The administrator can review and approve or deny them.
In addition, administrators can see the status of Privacy policy consent for every user on the wiki on this page.
See also
Reference page for this extension.