Add Privacy Policy information
This commit is contained in:
parent
da4a99a6ef
commit
b216ec9928
12
ChangeLog
12
ChangeLog
|
@ -1,3 +1,15 @@
|
|||
**v0.8.1 :**
|
||||
|
||||
Server
|
||||
|
||||
* Scroll to page bottom when user adds a new password
|
||||
|
||||
Addon
|
||||
|
||||
* Add Privacy Policy information
|
||||
|
||||
CLI
|
||||
|
||||
**v0.8 :**
|
||||
|
||||
Server
|
||||
|
|
47
PrivacyPolicy.md
Normal file
47
PrivacyPolicy.md
Normal file
|
@ -0,0 +1,47 @@
|
|||
gPass web browser extension Privacy Policy
|
||||
------------------------------------------
|
||||
|
||||
|
||||
## Information we collect ##
|
||||
|
||||
The gPass extension collect three information once invoked :
|
||||
* Site address URL
|
||||
* Login name
|
||||
* Master key
|
||||
|
||||
|
||||
## How we use information we collect ##
|
||||
|
||||
Once collected, site address and login name are crypted by a derived version of your master key.
|
||||
It's then sent to the server you configured in extension configuration page for comparison.
|
||||
|
||||
This server has been set up by the user himself (recommended) or by a provider he trust in.
|
||||
|
||||
The database that the server access to do comparisons only contains the crypted
|
||||
version of your information. They are never decrypted in the server side.
|
||||
|
||||
If a comparison match, the real password is sent back to your extension were
|
||||
it's unencrypted using the same key.
|
||||
|
||||
Finally, the application context is cleared and nothing is retained in memory
|
||||
nor written anywhere.
|
||||
|
||||
|
||||
## Accessing and updating your personal information ##
|
||||
|
||||
As a user, you can add, edit and delete your crypted information through
|
||||
the web interface of the configuration defined server.
|
||||
|
||||
During these operations, no clear information is sent to the server.
|
||||
|
||||
|
||||
## Information we share ##
|
||||
|
||||
Nothing is shared with anyone. Nor on extension side nor on server side.
|
||||
|
||||
|
||||
## Information security ##
|
||||
|
||||
Information transmitted to the server are done through an HTTPS AJAX request.
|
||||
Data are crypted using AES 256 CBC algorithm and the master key is prior
|
||||
derived using PKBDF2 algorithm.
|
|
@ -458,4 +458,8 @@ async function self_test()
|
|||
console.log("Self test OK !");
|
||||
}
|
||||
|
||||
console.log("Welcome to gPass web extension v0.8.1 !");
|
||||
console.log("Privacy Policy can be found at http://indefero.soutade.fr/p/gpass/source/tree/master/PrivacyPolicy.md");
|
||||
console.log("");
|
||||
|
||||
//self_test();
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
"name": "gPass",
|
||||
"short_name": "gPass",
|
||||
"version": "0.8",
|
||||
"version": "0.8.1",
|
||||
"description": "gPass : global password manager",
|
||||
"icons" : {"16":"icons/gpass_icon_16.png", "32":"icons/gpass_icon_32.png", "64":"icons/gpass_icon_64.png", "128":"icons/gpass_icon_128.png"},
|
||||
"author" : "Grégory Soutadé",
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
"name": "gPass",
|
||||
"short_name": "gPass",
|
||||
"version": "0.8",
|
||||
"version": "0.8.1",
|
||||
"description": "gPass : global password manager",
|
||||
"icons" : {"16":"icons/gpass_icon_16.png", "32":"icons/gpass_icon_32.png", "64":"icons/gpass_icon_64.png", "128":"icons/gpass_icon_128.png"},
|
||||
"author" : "Grégory Soutadé",
|
||||
|
|
Loading…
Reference in New Issue
Block a user