[Feature Request]: Legal notice and data protection

[ipod86]

Feature Description

Is it possible (optional) to include a link to the legal notice and data protection on all pages? The link must of course be freely definable.

Something like the bottom left of this picture:

Why is this feature valuable?

In Europe, it is a legal requirement that this information must be accessible from every page in order to operate a website legally.

Suggested Implementation

No response

Additional Information

No response

No Duplicate of the Feature

• I have verified that there are no existing features requests similar to my request.

[Ludy87]

Which imprint and data protection information should be stored? The hoster is responsible for this if it thinks it is worth including extensions. The standard application that is loaded from github or docker does not have any trackers.

[ipod86]

Two links (in your native language) to another domain of the hoster with the corresponding data are also sufficient. The data does not have to be directly accessible in stirling-pdf.

I asked ChatGPT for a summary for Germany. But the situation is similar across the EU.

In Germany , having an Impressum (Legal Notice) and Datenschutzerklärung (Privacy Policy) accessible from any page on your website is a legal requirement under German law. Here's why:

1. Impressum (Legal Notice)

Legal Obligation: German law mandates that websites (including blogs, e-commerce, or business pages) must include an Impressum under the Telemediengesetz (German Telemedia Act). It provides transparency about who runs the website and how they can be contacted.

Content: An Impressum typically includes the company name, address, legal representatives, contact details, and registration information (such as tax numbers and business registration numbers).

Purpose: This ensures accountability and transparency, giving visitors a way to reach the website owner in case of legal issues or disputes. Failure to provide this information can result in fines or legal action.

2. Datenschutzerklärung (Privacy Policy)

Legal Requirement under GDPR: The Datenschutzerklärung is required under the General Data Protection Regulation (GDPR), which has been in effect since 2018. This law protects personal data of individuals and applies to any website that collects, processes, or stores personal data of EU citizens, including Germany.

Content: It should explain how personal data (e.g., cookies, IP addresses, email addresses) is collected, processed, and used. It must also inform users about their rights concerning their data (e.g., the right to access, delete, or rectify their data).

Purpose: To ensure transparency in how personal information is handled and to protect users' privacy. Non-compliance can lead to heavy fines under GDPR, which can reach up to €20 million or 4% of the company's global annual turnover.

3. Accessibility from Any Page

User Protection: To comply with both Telemediengesetz and GDPR, the Impressum and Datenschutzerklärung must be easy to find, typically by placing links in the footer of each page. This ensures that visitors can quickly access legal information and privacy details from any part of the website.

Avoiding Legal Issues: Failure to make these accessible can result in Abmahnungen (warning letters) or fines, as German and EU laws enforce strict standards for data protection and transparency in online businesses.

In summary, these elements are critical for legal compliance, user trust, and avoiding legal penalties in Germany.

[Frooodle]

I'm not sure how this works for this.. we can't exactly put our company name for the service when it's your application that's collecting it

Seems most people just grab from
https://www.freeprivacypolicy.com/free-terms-and-conditions-generator/

But this asks for website URL and company name

I don't know what we can put here

[ipod86]

I think you misunderstood me. It is enough if two links are inserted on the page (optional, as they are apparently not needed in other regions of the world) somehow. The user must enter the destination of the links themselves. For example, I would refer to the imprint and the privacy policy on our company website.

[Frooodle]

I've not seen such a requirement for other selfhost applications (I'm aware of it for general websites)
Can you find any examples of what they do in this usecase? I am curious how selfhosting apps themselves implement this

[ipod86]

I haven't actually seen that either. That surprises me a bit. For me, the explanation was that most users use it privately and perhaps not in their job. Also, it might be because most services (thanks to the EU 😠) are developed outside the EU. If I provide a website as a company, I have to inform visitors about these things (for us it's actually only internal, but the website can be accessed from outside).

[Frooodle]

I believe nextcloud added some customisation for this....
Sure why not 😂
I'll add it for next release , I want to add some opt in tracking so it's good timing

[ipod86]

Cool, thank you very much 👍

[Frooodle]

Added this, will be in text release
in settings.yml you will be able to add

legal:
  termsAndConditions: exampleFile.txt # URL to the terms and conditions of your application (e.g. https://example.com/terms) Empty string to disable or filename to load from local file in static folder
  privacyPolicy: https://stirlingpdf.com/example # URL to the privacy policy of your application (e.g. https://example.com/privacy) Empty string to disable or filename to load from local file in static folder

So you can link to files or other webURLs

[ipod86]

A very good solution. Is there already an area where I can add the translations for the links?

Edit:
"Terms And Conditions" is something different than an imprint. The imprint is mandatory on websites. The terms and conditions (in German AGB) are voluntary.

[Frooodle]

Ahh i see, truely a germany thing looking at https://en.wikipedia.org/wiki/Impressum

I can add for this too, translation files for display name will be there when I merge for you to edit

[Frooodle]

may as well add everything while im at it.. cookie policies and privacy policy and the like

[ipod86]

Are you going to become a lawyer 🤣?

[Frooodle]

legal:
  termsAndConditions: '' # URL to the terms and conditions of your application (e.g. https://example.com/terms) Empty string to disable or filename to load from local file in static folder
  privacyPolicy: '' # URL to the privacy policy of your application (e.g. https://example.com/privacy) Empty string to disable or filename to load from local file in static folder
  accessibilityStatement: '' # URL to the accessibility statement of your application (e.g. https://example.com/accessibility) Empty string to disable or filename to load from local file in static folder
  cookiePolicy: '' # URL to the cookie policy of your application (e.g. https://example.com/cookie) Empty string to disable or filename to load from local file in static folder
  impressum: '' # URL to the impressum of your application (e.g. https://example.com/impressum) Empty string to disable or filename to load from local file in static folder

[Frooodle]

I hate it :D

[Frooodle]

Thankfully it wont show unless provided as an entry...

shows as

etc