jebus/enviPy-bayer
1
0
Fork 0
forked from enviPath/enviPy
Code Issues Pull Requests Actions Releases Activity
Files
5565b9cb9ef6969915a48f41783bcc3cf0bf2ae0
enviPy-bayer/templates/static/privacy_policy.html
Tobias O f905bf21cf [Feature] Update ToS to be more legally safe and sensible (#301) 
- Improved ToS content
- Add ToS pointer and academic use note at signup
- Remove legal collection page (unnecessary)

Reviewed-on: enviPath/enviPy#301
Co-authored-by: Tobias O <tobias.olenyi@envipath.com>
Co-committed-by: Tobias O <tobias.olenyi@envipath.com>
2026-01-20 03:18:40 +13:00

340 lines
13 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{% extends "framework_modern.html" %}
{% load static %}
{% block main_content %}
<div class="mx-auto max-w-4xl px-4 py-8">
<!-- Breadcrumbs -->
<div class="breadcrumbs mb-4 text-sm">
<ul>
<li><a href="/">Home</a></li>
<li>Privacy Policy</li>
</ul>
</div>
<!-- Main Content -->
<div class="bg-base-100 rounded-lg p-8 shadow-xl">
<h1 class="mb-6 text-4xl font-bold">Privacy Policy</h1>
<div class="prose max-w-none">
<p class="mb-6 text-lg">
enviPath is committed to protecting your privacy. This Privacy Policy
explains how we collect, use, disclose, and safeguard personal
information when you use the enviPath platform and related services
(together, the "Platform").
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">
1. Who We Are (Data Controller)
</h2>
<p class="mb-4">
enviPath is operated by enviPath Limited, a legal entity established
in New Zealand, with its principal place of business in Auckland, New
Zealand ("enviPath", "we", "us", or "our").
</p>
<p class="mb-4">
For the purposes of applicable data protection laws, enviPath Limited
is the data controller responsible for personal information processed
through the Platform.
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">
2. Information We Collect
</h2>
<h3 class="mt-6 mb-3 text-xl font-semibold">
2.1 Personal Information You Provide
</h3>
<p class="mb-4">
We may collect personal information that you voluntarily provide when
you:
</p>
<ul class="mb-4 list-inside list-disc space-y-2">
<li>Register for an account</li>
<li>Contact our support team</li>
<li>
Participate in community forums or other community features (where
available)
</li>
</ul>
<p class="mb-4">
This may include your name, email address, institution affiliation,
and research interests (if provided).
</p>
<h3 class="mt-6 mb-3 text-xl font-semibold">
2.2 Usage and Technical Data
</h3>
<p class="mb-4">
We automatically collect certain information when you visit, use, or
navigate the Platform. This may include:
</p>
<ul class="mb-4 list-inside list-disc space-y-2">
<li>
IP address, browser type, and device/operating system information
</li>
<li>Pages or endpoints accessed and time spent</li>
<li>Referring/exit pages or URLs (where available)</li>
<li>
Prediction queries, submitted data, and generated results, including
associated metadata, for the purposes of platform functionality,
performance monitoring, and research analysis
</li>
<li>
Log and diagnostic information (such as timestamps and error logs)
</li>
</ul>
<h3 class="mt-6 mb-3 text-xl font-semibold">
2.3 Cookies and Similar Technologies
</h3>
<p class="mb-4">
We use cookies and similar technologies for essential functionality
and, where applicable, analytics. For more details, see our
<a href="/cookie-policy" class="link link-primary">Cookie Policy</a>.
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">
3. How We Use Your Information
</h2>
<p class="mb-4">
We collect and use personal information only where necessary for
legitimate and lawful purposes connected with operation and
improvement of the Platform. These purposes include:
</p>
<ul class="mb-4 list-inside list-disc space-y-2">
<li>Providing, operating, and maintaining the Platform</li>
<li>
Creating and administering user accounts, authentication, and access
control
</li>
<li>Responding to enquiries and providing support</li>
<li>
Monitoring usage patterns and improving Platform functionality,
performance, and usability
</li>
<li>
Ensuring Platform security, preventing misuse, and investigating
suspected breaches
</li>
<li>
Conducting scientific research and statistical analysis using
<strong>anonymised or aggregated data only</strong>, such that
individuals are not identifiable in published outputs
</li>
<li>
Complying with legal obligations and responding to lawful requests
</li>
</ul>
<h2 class="mt-8 mb-4 text-2xl font-semibold">
4. Legal Bases for Processing (EEA, UK, and Swiss Users)
</h2>
<p class="mb-4">
Where the GDPR (or similar laws) applies, we process personal data on
the following legal bases:
</p>
<ul class="mb-4 list-inside list-disc space-y-2">
<li>
<strong>Performance of a contract</strong> (to provide access to the
Platform and its services)
</li>
<li>
<strong>Legitimate interests</strong> (such as operating the
Platform, improving functionality, conducting anonymised research,
ensuring security, and maintaining service reliability)
</li>
<li>
<strong>Compliance with legal obligations</strong> (where
applicable)
</li>
<li>
<strong>Consent</strong> (where required, for example for
non-essential cookies)
</li>
</ul>
<p class="mb-4">
Where processing is based on consent, you may withdraw your consent at
any time. Withdrawal does not affect the lawfulness of processing
before withdrawal.
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">
5. Data Sharing and Disclosure
</h2>
<p class="mb-4">
We do not sell personal information. We only share personal
information in the following limited circumstances:
</p>
<ul class="mb-4 list-inside list-disc space-y-2">
<li>
<strong>Service Providers:</strong> With trusted third-party
providers who process data on our behalf for hosting,
authentication, analytics, or technical support, subject to
confidentiality and data protection obligations
</li>
<li>
<strong>Academic and Scientific Research:</strong> Using
<strong>anonymised or aggregated</strong> data only, such that
individuals cannot be identified
</li>
<li>
<strong>Legal and Regulatory Requirements:</strong> Where disclosure
is required by law, or necessary to protect our legal rights or the
rights and safety of others
</li>
<li>
<strong>Public Contributions:</strong> Content or data that you
explicitly designate as public may be accessible to other users and
the public (depending on Platform functionality)
</li>
</ul>
<p class="mb-4">
We do not authorise third parties to use personal information for
their own independent purposes.
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">
6. International Data Transfers
</h2>
<p class="mb-4">
The Platform is operated from New Zealand. Personal information may be
processed or stored in New Zealand and other jurisdictions where we or
our service providers operate.
</p>
<p class="mb-4">
New Zealand is recognised by the European Commission as providing an
adequate level of protection for personal data. Where personal
information is transferred to jurisdictions outside the European
Economic Area, we take reasonable steps to ensure appropriate
safeguards are in place.
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">7. Data Retention</h2>
<p class="mb-4">
We retain personal information only for as long as reasonably
necessary to fulfil the purposes described in this Privacy Policy,
unless a longer retention period is required or permitted by law.
</p>
<ul class="mb-4 list-inside list-disc space-y-2">
<li>
<strong>Account information:</strong> retained for the duration of
the user account
</li>
<li>
<strong>Usage and log data:</strong> retained for up to
<strong>[X] months</strong>
</li>
<li>
<strong>Backup data:</strong> retained for up to
<strong>[Y] months</strong>
</li>
</ul>
<p class="mb-4">
You may request deletion of your account and associated personal
information at any time, subject to legal or technical retention
requirements (for example, security logs and backups retained for
limited periods).
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">8. Data Security</h2>
<p class="mb-4">
We implement appropriate technical and organisational measures
designed to protect personal information from loss, unauthorised
access, misuse, alteration, or disclosure. However, no electronic
transmission or storage method is 100% secure, and we cannot guarantee
absolute security.
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">
9. Your Rights and Choices
</h2>
<p class="mb-4">
Depending on your location, you may have rights relating to your
personal information, including:
</p>
<ul class="mb-4 list-inside list-disc space-y-2">
<li>Request access to personal information we hold about you</li>
<li>Request correction of inaccurate or incomplete information</li>
<li>Request deletion of personal information (where applicable)</li>
<li>Object to or restrict certain processing (where applicable)</li>
<li>Request data portability (where applicable)</li>
</ul>
<p class="mb-4">
<strong>New Zealand users</strong> have rights under the Privacy Act
2020 to request access to, and correction of, personal information.
</p>
<p class="mb-4">
To exercise your rights, please contact us using the details in the
"Contact Us" section below. We may need to verify your identity before
responding.
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">
10. Third-Party Services
</h2>
<p class="mb-4">
The Platform may integrate or link to third-party services (for
example, community forums such as Discourse). Third-party services
operate independently and have their own privacy practices. We
encourage you to review their policies.
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">11. Childrens Privacy</h2>
<p class="mb-4">
The Platform is not intended for users under the age of 16. We do not
knowingly collect personal information from children. If you believe
that we have collected personal information from a child, please
contact us so we can take appropriate steps.
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">
12. Changes to This Policy
</h2>
<p class="mb-4">
We may update this Privacy Policy from time to time. We will post the
updated policy on this page and update the "Last updated" date.
Changes take effect when posted.
</p>
<h2 class="mt-8 mb-4 text-2xl font-semibold">13. Contact Us</h2>
<p class="mb-4">
For questions, requests, or concerns about this Privacy Policy or our
handling of personal information, please contact us:
</p>
<ul class="mb-4 list-inside list-disc space-y-2">
<li>
<strong>Email:</strong>
<a href="mailto:privacy@envipath.org" class="link link-primary"
>privacy@envipath.org</a
>
</li>
<li>
<strong>Contact:</strong>
<a href="/contact" class="link link-primary">/contact</a>
</li>
<li>
<strong>Operator:</strong> enviPath Limited, Auckland, New Zealand
</li>
</ul>
<div class="alert alert-info mt-8">
<svg
xmlns="http://www.w3.org/2000/svg"
fill="none"
viewBox="0 0 24 24"
class="h-6 w-6 shrink-0 stroke-current"
>
<path
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
d="M13 16h-1v-4h-1m1-4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z"
></path>
</svg>
<span>version: 1, Last updated: January 2026</span>
</div>
</div>
</div>
</div>
{% endblock main_content %}
Reference in New Issue View Git Blame Copy Permalink