THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
In order to be GDPR compliant, we will only contact apache.org email addresses, which implies that their users have given ASF permission to use it for contacting them on topics related to ASF. Further, we will announce that this survey will take place in a blog post and participation is opt-in only. we will inform the community members of the processing and offer them a way to opt-out.
GDPR Checks - WIP
☐ We have checked that legitimate interest is the most appropriate basis.
...
Yes. We identified that the only way to measure the impact of the improvements is to measure the activity of the community before and after these improvements are executed.
☐ We understand our responsibility to protect the individual’s interests.
Yes. We do, and therefore we are announcing the launch of the survey in a blog so people are aware of our intentions. We are also providing all measurements to avoid spamming people not interested in the survey. We're doing this through the assignment of unique tokens that match an unsubscribe link. Reminders? informing our community members that we are analyzing public repositories and providing them a way to opt-out from this analysis. (is this something we can do Katia Rojas ?)
☐ We have conducted a legitimate interests assessment (LIA) and kept a record of it, to ensure that we can justify our decision.
Yes. after After the first survey, the community identified multiple improvements points and the need to rerun the survey in order to keep track of this development.
☐ We have identified the relevant legitimate interests.
Yes. It It is to follow up on the efforts done in 2020, understand the current composition of the ASF community, and implement measuring the impact of the improvements applied to the identified barriers.
☐ We have checked that the processing is necessary and there is no less intrusive way to achieve the same result.
Yes. The other available option is to email committers@, if we do this, we will lose the possibility of providing an opt-out link, and we will be compromising survey data integrity. There is no other way to analyze the impact of the improvements.
☐ We have done a balancing test, and are confident that the individual’s interests do not override those legitimate interests.
Yes. As per the above statement, this is the most compliant way to provide an opt-out link. Additionally, since Since the ASF doesn't have an internal service to support surveys, we are reaching out to a third-party vendor to achieve this.
☐ We are not using people’s data in ways they would find intrusive or which could cause them harm, unless we have a very good reason.
Yes. As per the above message, using the committers@ alias Personal data won't let us provide a way to opt-out from the survey and further communications, therefore yes, we are not using people's data in ways they would find less intrusive. be used for a purpose different to identify general trends in the community. Personal data will not be shared with any third party.
☐ If we process prisoners, protected classes or children’s data, we take extra care to make sure we protect their interests.
...
☐ We have considered safeguards to reduce the impact where possible.
Yes. The use of individual emails is limited to one invitation per person. and reminders are only sent if a person did not opt-out or already reply to the survey Sensitive information such as emails is not shown in any of the dashboard panels. No communication is done with the data subject. Information such us the name of the contributors can be pseudononymized in case it is needed to be displayed on the dashboards.
☐ We have considered whether we can offer an opt-out.
...
☐ If our LIA identifies a significant privacy impact, we have considered whether we also need to conduct a DPIA.
N/A. Our LIA did not identify any significant privacy impact. TBD. Is this going to be done Katia Rojas ?
☐ We keep the considerations that have gone into this LIA on file.
Yes. The discussions have occurred in public on mailing lists and in this wiki, which are both archived. TBD. Is this going to be done Katia Rojas ?
☐ We include information about our legitimate interests assessment in our privacy information.
Yes. This wiki page details information about our LIA and we link to it from the blog post and invitation emails. Select information from our LIA are also directly included in the blog post and invitation emails, such as sending individual emails to provide opt-out ability. TBD. Is this going to be done Katia Rojas ?
FAQs
Will there be a message to committer@ explaining that they will receive a subsequent message?
...