|
|
The Swiss equivalent to GDPR "Verordnung über den Datenschutz (DSV)" is fine with Germany as country to obtain and host personal data (like merchant names and addresses, bank account numbers). Cross-border data exchange and storage of merchant configuration and data have to be mentioned, though, as hosting of the Taler Merchant backend will be done on premises at Hetzner in Germany. No data export will go to third-party non-EU countries. Data has not to be treated according to the EU's Data Act. |
|
|
This might help: https://www.cyon.ch/blog/neues-datenschutzgesetz-schweiz |
|
|
We are currently safe on data storage in Germany concerning private data of natural persons, t.i. users' personal data (see https://www.bj.admin.ch/bj/de/home/staat/datenschutz/internationales/anerkennung-staaten.html). But the Taler Merchant Backend does not even collect personal data of individual users, it is merchants who are entering their business data. Thus, https://www.fedlex.admin.ch/eli/fga/2020/1998/de (Neues Datenschutzgesetz nDSG) is not applicable in our case. Work in progress, soon to be finished. |
|
|
Just to be clear about this use-case: The Taler Merchant Backend is not collecting names of buyers. There is data like street, building name, town, country ... but no individual names of payers. No relation between a person and the purchase can be established with the data collected in the backend. |
|
|
Work to be accomplished by tomorrow. Still 2 hours to go, the boss wanted me to dedicate 8h for the ToS draft in English, so the deadline is nearing. I can imagine the RST file should be placed in /taler-typescript-core/packages/merchant-backoffice-ui/ |
|
|
A minor bug was solved during a QC meeting on behalf of testing and showcasing KYC status and configuration of merchant bank accounts in the Merchant Backend. The terms generator for the RST files in /exchange/contrib printed a PDF file as attached. Consequently, "GNU Taler team" was replaced by "Taler Operations AG, Biel/Bienne". Merchant_ToS_shown_at_KYC_status_form.png (130,372 bytes) |
|
|
ToS for the Taler Merchant Backend are done as draft. This was accomplished within the 8 hours originally allocated for the task. It is recommended to place the resulting RST file merchant-tos-v0.en.rst either in /taler-typescript-core/packages/merchant-backoffice-ui/ or in the exchange.git at /exchange/contrib to keep together Terms of service for all different apps, web pages, app stores and Taler Exchanges solely at one location. |
|
|
RST2PDF renders a PDF without issues. The ToS draft is in the exchange.git now. To be reviewed by CG --> assigned |
|
|
Domain name is just 'my.taler-ops.ch,' not 'www...'. Also you mixed up exchange ToS with the self-provisioned merchant ToS, so I removed anything that would be part of the exchange ToS, simplifying it quite a bit. Also clarified the scope, and moved the RST file to the merchant.git. IMO ready to roll ;-) |
|
|
I still need to add the /terms endpoint to the C code, and then we need to think about integrating that a tiny bit with the self-provisioning sign-up screen. |
|
|
The latest merchant.git now has a new endpoint /terms and /privacy. We should show a link to "/terms" on the self-provisioning page, maybe combined with a small checkbox "[X] accept terms of service" (and turn the last 3 words into a link). At this point I don't care about the SPA submitting the checkbox value to the backend (it may, of course), but we should just disable the submit button unless the user checked the box. So basically, I'm asking for the minimal standard ToS acceptor to be added to the SPA page where a new instance is first created. |
|
|
3c86919f1..fead394c8 |
- Anonymous
