From cffb0dbd6b6094ba045ccf25beaf3f7eca288bf6 Mon Sep 17 00:00:00 2001
From: Dragory <2606411+Dragory@users.noreply.github.com>
Date: Tue, 18 Aug 2020 23:52:24 +0300
Subject: [PATCH] Add privacy policy

---
 dashboard/src/components/PrivacyPolicy.vue    | 92 +++++++++++++++++++
 dashboard/src/components/dashboard/Layout.vue |  2 +-
 dashboard/src/components/docs/DocsLayout.vue  |  2 +-
 dashboard/src/routes.ts                       |  6 ++
 dashboard/src/splash.html                     |  3 +
 dashboard/src/style/app.pcss                  |  1 -
 dashboard/src/style/privacy-policy.pcss       | 51 ++++++++++
 dashboard/src/style/splash.pcss               |  1 -
 8 files changed, 154 insertions(+), 4 deletions(-)
 create mode 100644 dashboard/src/components/PrivacyPolicy.vue
 create mode 100644 dashboard/src/style/privacy-policy.pcss

diff --git a/dashboard/src/components/PrivacyPolicy.vue b/dashboard/src/components/PrivacyPolicy.vue
new file mode 100644
index 00000000..9e652bc2
--- /dev/null
+++ b/dashboard/src/components/PrivacyPolicy.vue
@@ -0,0 +1,92 @@
+<template>
+  <div class="privacy-policy">
+    <div class="wrapper">
+      <h1>Zeppelin Privacy Policy</h1>
+
+      <h2>Zeppelin overview</h2>
+      <p>
+        Zeppelin is a moderation bot for Discord that allows server staff to
+        carry out moderator actions (warn, mute, kick, ban, clean messages, view
+        user information, etc.),
+        keep records of infractions, perform automated actions ("automod", e.g.
+        message filtering), post detailed logs on logging channels, and set up
+        systems such as reaction roles.
+        The bot also includes a web dashboard that server administrators can log
+        in to through Discord OAuth.
+      </p>
+      <p>
+        The bot's source code is available at
+        <a href="https://github.com/Dragory/ZeppelinBot">
+          https://github.com/Dragory/ZeppelinBot
+        </a>
+      </p>
+
+      <h2>Stored data</h2>
+      <p>
+        When Zeppelin is used by a server, the following categories data can be
+        stored by the bot.
+        The specific categories of data saved for each server depends on how the
+        server has configured Zeppelin.
+      </p>
+      <ul>
+        <li>Recent messages and username/nickname changes of users engaged on
+          the server
+        </li>
+        <li>Recent bulk deleted messages</li>
+        <li>Basic user information, moderator-entered text, and relevant message
+          archives for infraction records
+        </li>
+        <li>A subset of previously held roles and nickname on the server to be
+          restored when a user rejoins
+        </li>
+        <li>Basic server details of the server using the bot</li>
+      </ul>
+      <p>
+        Additionally, when a user logs in to the web dashboard the following
+        types of data are stored:
+      </p>
+      <ul>
+        <li>Basic Discord user information</li>
+        <li>Time and originating IP address of the login for security audit
+          purposes
+        </li>
+      </ul>
+
+      <h2>Data retention</h2>
+      <ul>
+        <li>
+          Recent messages are stored for 24h
+          <ul>
+            <li>Deleted messages within this 24h are cleared 5 minutes after
+              deletion
+            </li>
+          </ul>
+        </li>
+        <li>5 most recent usernames and 10 most recent nicknames of users
+          engaged in chat or voice channels are stored for 30 days
+        </li>
+        <li>Archives of bulk-deleted messages are stored for 30 days</li>
+        <li>Infraction record data is kept until the server stops using Zeppelin
+          unless explicitly deleted
+        </li>
+        <li>Roles and nicknames that are restored on rejoin are cleared when the
+          user rejoins
+        </li>
+        <li>User information for users logged in to the bot's web dashboard via
+          Discord OAuth is stored as long as the server uses Zeppelin
+        </li>
+      </ul>
+
+      <h2>Data access and deletion requests</h2>
+      <p>
+        To request access to personal data stored about you, or to request its
+        deletion, to the extent permitted by GDPR, please send an email to <a
+        href="mailto:contact@mivir.fi">contact@mivir.fi</a>.
+      </p>
+    </div></div>
+</template>
+
+<script type="ts">
+  import "../style/privacy-policy.pcss";
+  export default {};
+</script>
diff --git a/dashboard/src/components/dashboard/Layout.vue b/dashboard/src/components/dashboard/Layout.vue
index 081c4b4d..13b9c052 100644
--- a/dashboard/src/components/dashboard/Layout.vue
+++ b/dashboard/src/components/dashboard/Layout.vue
@@ -1,5 +1,5 @@
 <template>
-  <div class="dashboard container mx-auto px-4 py-2">
+  <div class="dashboard container mx-auto px-6 py-6">
     <Title title="Zeppelin - Dashboard" />
 
     <nav class="flex items-stretch pl-4 pr-2 py-1 border border-gray-700 rounded bg-gray-800 shadow-xl mb-8">
diff --git a/dashboard/src/components/docs/DocsLayout.vue b/dashboard/src/components/docs/DocsLayout.vue
index dcf71315..3bb6178e 100644
--- a/dashboard/src/components/docs/DocsLayout.vue
+++ b/dashboard/src/components/docs/DocsLayout.vue
@@ -1,5 +1,5 @@
 <template>
-  <div class="docs container mx-auto px-4 py-2">
+  <div class="docs container mx-auto px-6 py-6">
     <Title title="Zeppelin - Documentation" />
 
     <!-- Top bar -->
diff --git a/dashboard/src/routes.ts b/dashboard/src/routes.ts
index f453720e..c38d1f7e 100644
--- a/dashboard/src/routes.ts
+++ b/dashboard/src/routes.ts
@@ -10,6 +10,12 @@ export const router = new VueRouter({
     { path: "/login", beforeEnter: authRedirectGuard },
     { path: "/login-callback", beforeEnter: loginCallbackGuard },
 
+    // Privacy policy
+    {
+      path: "/privacy-policy",
+      component: () => import("./components/PrivacyPolicy.vue"),
+    },
+
     // Docs
     {
       path: "/docs",
diff --git a/dashboard/src/splash.html b/dashboard/src/splash.html
index 5f191e27..4b2abb9f 100644
--- a/dashboard/src/splash.html
+++ b/dashboard/src/splash.html
@@ -23,6 +23,9 @@
         <li>
           <a href="https://www.patreon.com/zeppelinbot">Patreon</a>
         </li>
+        <li>
+          <a href="/privacy-policy">Privacy Policy</a>
+        </li>
       </ul>
     </div>
   </div>
diff --git a/dashboard/src/style/app.pcss b/dashboard/src/style/app.pcss
index 670f7f0c..c23774e4 100644
--- a/dashboard/src/style/app.pcss
+++ b/dashboard/src/style/app.pcss
@@ -15,5 +15,4 @@ body {
   @apply bg-gray-900;
   @apply text-gray-300;
   @apply text-base;
-  @apply p-4;
 }
diff --git a/dashboard/src/style/privacy-policy.pcss b/dashboard/src/style/privacy-policy.pcss
new file mode 100644
index 00000000..780fded8
--- /dev/null
+++ b/dashboard/src/style/privacy-policy.pcss
@@ -0,0 +1,51 @@
+.privacy-policy {
+  padding: 16px;
+
+  width: 100%;
+  min-height: 100vh;
+
+  background-color: #7289da;
+  background-image: linear-gradient(225deg, #7289da 0%, #5d70b4 100%);
+  color: #fff;
+
+  display: flex;
+  flex-direction: column;
+  justify-content: flex-start;
+  align-items: center;
+
+  & a {
+    color: #fff;
+    text-decoration: underline;
+  }
+
+  & .wrapper {
+    flex: 0 0 auto;
+
+    width: 100%;
+    max-width: 800px;
+  }
+
+  & h1 {
+    font-size: 60px;
+    font-weight: 300;
+  }
+
+  & h2 {
+    font-size: 30px;
+    margin-top: 16px;
+  }
+
+  & p {
+    margin-bottom: 16px;
+  }
+
+  & ul {
+    list-style: disc;
+    margin-left: 24px;
+    margin-bottom: 16px;
+
+    & ul {
+      margin-bottom: 0;
+    }
+  }
+}
diff --git a/dashboard/src/style/splash.pcss b/dashboard/src/style/splash.pcss
index ee1b18d7..37a32b65 100644
--- a/dashboard/src/style/splash.pcss
+++ b/dashboard/src/style/splash.pcss
@@ -77,7 +77,6 @@
       grid-template-columns: 1fr 1fr;
 
       margin-top: 8px;
-      margin-left: -12px;
 
       & .btn {
         margin: 12px;