Add Privacy Policy information

2017-12-05 08:06:48 +01:00
parent da4a99a6ef
commit b216ec9928
5 changed files with 65 additions and 2 deletions
--- a/12
+++ b/12
@@ -1,3 +1,15 @@
+**v0.8.1 :**
+
+Server
+
+  * Scroll to page bottom when user adds a new password
+
+Addon
+
+  * Add Privacy Policy information
+
+CLI
+
 **v0.8 :**

 Server
--- a/PrivacyPolicy.md
+++ b/PrivacyPolicy.md
@@ -0,0 +1,47 @@
+gPass web browser extension Privacy Policy
+------------------------------------------
+
+
+## Information we collect ##
+
+The gPass extension collect three information once invoked :
+  * Site address URL
+    * Login name
+      * Master key
+
+
+## How we use information we collect ##
+
+Once collected, site address and login name are crypted by a derived version of your master key.
+It's then sent to the server you configured in extension configuration page for comparison.
+
+This server has been set up by the user himself (recommended) or by a provider he trust in.
+
+The database that the server access to do comparisons only contains the crypted
+version of your information. They are never decrypted in the server side.
+
+If a comparison match, the real password is sent back to your extension were
+it's unencrypted using the same key.
+
+Finally, the application context is cleared and nothing is retained in memory
+nor written anywhere.
+
+
+## Accessing and updating your personal information ##
+
+As a user, you can add, edit and delete your crypted information through
+the web interface of the configuration defined server.
+
+During these operations, no clear information is sent to the server.
+
+
+## Information we share ##
+
+Nothing is shared with anyone. Nor on extension side nor on server side.
+
+
+## Information security ##
+
+Information transmitted to the server are done through an HTTPS AJAX request.
+Data are crypted using AES 256 CBC algorithm and the master key is prior
+derived using PKBDF2 algorithm.
--- a/chrome_addon/lib/main.js
+++ b/chrome_addon/lib/main.js
@@ -458,4 +458,8 @@ async function self_test()
    	console.log("Self test OK !");
 }

+console.log("Welcome to gPass web extension v0.8.1 !");
+console.log("Privacy Policy can be found at http://indefero.soutade.fr/p/gpass/source/tree/master/PrivacyPolicy.md");
+console.log("");
+
 //self_test();
--- a/chrome_addon/manifest.json
+++ b/chrome_addon/manifest.json
@@ -3,7 +3,7 @@

    "name": "gPass",
    "short_name": "gPass",
-    "version": "0.8",
+    "version": "0.8.1",
    "description": "gPass : global password manager",
    "icons" : {"16":"icons/gpass_icon_16.png", "32":"icons/gpass_icon_32.png", "64":"icons/gpass_icon_64.png", "128":"icons/gpass_icon_128.png"},
    "author" : "Grégory Soutadé",
--- a/firefox_webextension/manifest.json
+++ b/firefox_webextension/manifest.json
@@ -3,7 +3,7 @@

    "name": "gPass",
    "short_name": "gPass",
-    "version": "0.8",
+    "version": "0.8.1",
    "description": "gPass : global password manager",
    "icons" : {"16":"icons/gpass_icon_16.png", "32":"icons/gpass_icon_32.png", "64":"icons/gpass_icon_64.png", "128":"icons/gpass_icon_128.png"},
    "author" : "Grégory Soutadé",