From 93ac1faab49f177b8b1e41be49b129d40a4e5589 Mon Sep 17 00:00:00 2001 From: Markus Heiser Date: Thu, 16 Feb 2023 16:56:52 +0100 Subject: [PATCH] [mod] info page: Privacy Policy Initial creation of an info page on the topic "Privacy Policy". [1] https://github.com/searxng/searxng/issues/1285#issuecomment-1431497644 Suggested-by: @nicfab [1] Signed-off-by: Markus Heiser --- docs/user/index.rst | 1 + docs/user/privacy-policy.rst | 5 + searx/infopage/__init__.py | 1 + searx/infopage/en/privacy-policy.md | 217 ++++++++++++++++++++++++++++ tests/unit/test_webapp.py | 4 + 5 files changed, 228 insertions(+) create mode 100644 docs/user/privacy-policy.rst create mode 100644 searx/infopage/en/privacy-policy.md diff --git a/docs/user/index.rst b/docs/user/index.rst index 4603b4716..2d1f96abb 100644 --- a/docs/user/index.rst +++ b/docs/user/index.rst @@ -13,3 +13,4 @@ User information search-syntax configured_engines about + privacy-policy diff --git a/docs/user/privacy-policy.rst b/docs/user/privacy-policy.rst new file mode 100644 index 000000000..0ace42b28 --- /dev/null +++ b/docs/user/privacy-policy.rst @@ -0,0 +1,5 @@ +.. _privacy-policy: + +.. include:: privacy-policy.md + :parser: myst_parser.sphinx_ + diff --git a/searx/infopage/__init__.py b/searx/infopage/__init__.py index 6b8fd9133..d3204f2c2 100644 --- a/searx/infopage/__init__.py +++ b/searx/infopage/__init__.py @@ -134,6 +134,7 @@ class InfoPageSet: # pylint: disable=too-few-public-methods self.toc: typing.List[str] = [ 'search-syntax', 'about', + 'privacy-policy', 'donate', ] """list of articles in the online documentation""" diff --git a/searx/infopage/en/privacy-policy.md b/searx/infopage/en/privacy-policy.md new file mode 100644 index 000000000..e40a1f15f --- /dev/null +++ b/searx/infopage/en/privacy-policy.md @@ -0,0 +1,217 @@ +# Privacy Policy + +We provide this information for SearXNG's instances installed on servers in the +Economic European Area (EEA) or outside the EEA for those who consult the +{{link('SearXNG website', 'search')}} or submit queries. So that you know, this +information applies only to this SearXNG instance **and not to other websites +the user may consult through links**. + +When data subjects or SearXNG providers are in the EEA, the [EU Regulation +2016/679 (GDPR)](https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN) +applies. + +Indeed, according to Article 3(2) of the GDPR, we underline whether SearXNG's +instances are installed on servers, not in the EEA, but the service is offered +to users in the EEA, Regulation 2016/679 applies. + +> Article 3 +> Territorial scope +> +> 1. This Regulation applies to the processing of personal data in the context +> of the activities of an establishment of a controller or a processor in the +> Union, regardless of whether the processing takes place in the Union or +> not. +> +> 2. This Regulation applies to the processing of personal data of data subjects +> who are in the Union by a controller or processor not established in the +> Union, where the processing activities are related to: +> +> (a) the offering of goods or services, irrespective of whether a payment of +> the data subject is required, to such data subjects in the Union; or +> +> (b) the monitoring of their behaviour as far as their behaviour takes place +> within the Union. +> +> 3. This Regulation applies to the processing of personal data by a controller +> not established in the Union, but in a place where Member State law applies +> by virtue of public international law. + +## Data controller + +The data controller is `{name of the instance maintaner}` - (`{maintainer's +email}`). + +## How does SearXNG protect privacy? + +SearXNG protects the privacy of its users in multiple ways regardless of the +type of instance (private or public). Removal of private data from search +requests comes in three forms: + +1. Removal of private data from requests going to search services. + +2. Not forwarding anything from third-party services through search services + (e.g., advertisement). + +3. Removal of private data from requests going to the result pages. Removing + private data means not sending cookies to external search engines and + generating a random browser profile for every request. Thus, it does not + matter if a public or private instance handles the request because it is + anonymized in both cases. IP addresses will be the IP of the + instance. However, the SearXNG admin can configure it to use a proxy or Tor. + [Result proxy](https://github.com/asciimoo/morty) is supported, too. SearXNG + does not serve ads or tracking content, unlike most search services. So + private data is not forwarded to third parties who might monetize it. Besides + protecting users from search services, referring pages and search queries are + hidden from visited result pages. + +## What's happened when you send a query through a SearXNG instance? + +We reproduce the steps below: + +1. You send your query from a SearXNG instance; + +2. The SearXNG instance sends your query to the search engines set by default on + every specific SearXNG instance (All the SearXNG instances (private and + public) might differ because it depends on the settings chosen by the admin. + However, you can view and modify what the engines set by default via + {{link('Preferences => Engines', 'preferences')}}). + +3. The search engines (for instance, DDG or Qwant) that receive your query + elaborate on it and send the response to the SearXNG instance. + +## Is your data or personal data transmitted to search engines? + +**The answer is NO, and precisely:** + +1. **None of your data nor personal data is transmitted** from the SearXNG instance except: + + - Your query; + - The language you selected on the SearXNG instance; + - The technical parameters are needed to form the same query. + +2. **No metadata is transmitted**. + +**In the end, only**: + +- your query, +- the language you selected on the SearXNG instance and +- the technical parameters needed to form the same query + +are transmitted to search engines. + +## Can the search engines see your data or install cookies or other stuff on your browser? + +**The answer is: No, they cannot.** + +Indeed, the search engines (for example, DDG or qwant) that receive your query +through the SearXNG instance: + +1. Do not know from where (IP or location) your query comes and see your IP + since they are talking only with the SearXNG instance; + +2. Acquire only the IP of the SearXNG instance you used for your query. + +3. Cannot send your browser cookies or other data to track you since the search + engines that receive your query are only connected to the SearXNG instance + and not your web browser. + +## What data is collected + +This SearXNG instance receives only your IP but does not collect it. + +**Each user is responsible for the content they intend to submit as a query**. + +### Who can access the data, and for what activities? + +None neither the server administrator (instance) can access Personally +Identifiable Information (PII) nor data of the queries but only - for technical +needs - system logs without the possibility of retrieving any personal data +anyway. + +## The purposes of the processing + +When data subjects or SearXNG providers are in the EEA, the GDPR applies. +Still, the purpose is to provide all access to the SearXNG instance by allowing +users to submit queries and read and consult the search results. + +Furthermore, the purposes are also related to server maintenance and system and +application upgrades. + +The optional, explicit, and voluntary sending of electronic mail to the +addresses indicated on the footer of this site involves the acquisition of the +sender's address necessary for the replies and any other personal data contained +in the message. These data are processed to respond to messages sent and handle +related requests. Failure to provide personal data for communications with us or +send requests will prevent evading them. We store data for the time strictly +necessary for the purposes related to data processing. + +## Legal basis for the processing + +When data subjects or SearXNG providers are in the EEA, the GDPR applies. +Still, the processing of personal data is based on consent - according to +Article 6, par. 1, letter a) of EU Regulation 2016/679 - expressed by the user +by browsing this website, choosing the preferences, and submitting queries, thus +accepting this information. + +Consent is optional, and the user can withdraw at any time by request sent by +email to `{maintainer's email}`ยก, specifying that, in this case, whether the +user does not consent, they cannot consult this website. + +Regarding server maintenance and system and application upgrades, the legal +basis is the legitimate interest according to Article 6, letter f) of the EU +Regulation 2016/679. + +The processing of personal data is necessary to pursue the data controller's +legitimate interest in providing information about studies and research, +according to article 6, par. 1, letter f) of EU Regulation 2016/679, in +compliance with the provisions of the same Regulation. + +## Cookies + +The only cookies are only **functional ones** and, therefore, no profiling or +tracking activities. + +**Thus, this site does not use cookies other than functional cookies solely for +the functional purposes described above, and their installation does not require +the user's consent**. + +## Data recipients + +We don't communicate personal data collected from this website following its +consultation to recipients or categories of recipients. + +## Period for storing personal data + +This website does not collect nor store user data. + +## Transferring personal data to a third country or international organization + +When data subjects or SearXNG providers are in the EEA, the GDPR applies. +Still, the data controller, the administrator of SearXNG's instance, does not +transfer any personal data outside the European Economic Area (EEA) if SearXNG +is installed on the server located within the European Economic Area. + +## Security measures + +The SearXNG instance maintainer adopts appropriate security measures to prevent +unauthorized access, disclosure, modification, or unauthorized destruction of +data. Your data in the communication session with this website are protected by +a Secure Sockets Layer (SSL) certificate that uses a cryptographic presentation +protocol, encrypting the information. + +## Data subjects' rights + +When data subjects or SearXNG providers are in the EEA, the GDPR applies. +Still, users (data subjects) who access the service provided by this instance +may exercise the rights according to Articles 15 to 22 of EU Regulation +2016/679. You can lodge all requests to exercise these rights by writing to +`{maintainer's email}`. + +## Right to lodge a complaint + +When data subjects or SearXNG providers are in the EEA, the GDPR applies. +Still, whether a data subject considers that the processing of personal data +relating to them as performed via this SearXNG instance infringes the +Regulation, they have the right to lodge a complaint with the competent +Supervisory Authority (Data Protection Authority) according to Article 77 of the +EU Regulation 2016/679. diff --git a/tests/unit/test_webapp.py b/tests/unit/test_webapp.py index 9f10df908..a6c4e0068 100644 --- a/tests/unit/test_webapp.py +++ b/tests/unit/test_webapp.py @@ -189,6 +189,10 @@ class ViewsTestCase(SearxTestCase): self.assertEqual(result.status_code, 200) self.assertIn(b'

Search syntax

', result.data) + result = self.app.get('/info/en/privacy-policy') + self.assertEqual(result.status_code, 200) + self.assertIn(b'

Privacy Policy

', result.data) + def test_health(self): result = self.app.get('/healthz') self.assertEqual(result.status_code, 200)