From e77fc3c72ace8a973d9dff9f38004aad65310113 Mon Sep 17 00:00:00 2001 From: Ben Hall Date: Tue, 7 Jan 2025 19:40:18 +0000 Subject: [PATCH] feat: Add TOS & Privacy Policy Signed-off-by: Ben Hall --- frontend/src/js/constants.js | 4 +- frontend/src/layouts/LegalLayout.svelte | 63 ++++++++ frontend/src/routes.js | 6 + frontend/src/views/legal/PrivacyPolicy.svelte | 139 ++++++++++++++++ frontend/src/views/legal/TOS.svelte | 149 ++++++++++++++++++ 5 files changed, 359 insertions(+), 2 deletions(-) create mode 100644 frontend/src/layouts/LegalLayout.svelte create mode 100644 frontend/src/views/legal/PrivacyPolicy.svelte create mode 100644 frontend/src/views/legal/TOS.svelte diff --git a/frontend/src/js/constants.js b/frontend/src/js/constants.js index 9a4f67d..5b54f6d 100644 --- a/frontend/src/js/constants.js +++ b/frontend/src/js/constants.js @@ -1,7 +1,7 @@ -export const API_URL = env.API_URL || "http://localhost:3000" +export const API_URL = env.API_URL || "https://api.ticketsbot.cloud" export const PLACEHOLDER_DOCS_URL = "https://docs.ticketsbot.net/setup/placeholders.html" export const OAUTH = { - clientId: env.CLIENT_ID || "700742994386747404", + clientId: env.CLIENT_ID || "1325579039888511056", redirectUri: env.REDIRECT_URI || "http://localhost:5000/callback" } diff --git a/frontend/src/layouts/LegalLayout.svelte b/frontend/src/layouts/LegalLayout.svelte new file mode 100644 index 0000000..b07c097 --- /dev/null +++ b/frontend/src/layouts/LegalLayout.svelte @@ -0,0 +1,63 @@ + + +
+
+ + + +
+ +
+
+
+ + + + \ No newline at end of file diff --git a/frontend/src/routes.js b/frontend/src/routes.js index 0f8dac5..104936a 100644 --- a/frontend/src/routes.js +++ b/frontend/src/routes.js @@ -36,9 +36,15 @@ import EditPanel from "./views/panels/EditPanel.svelte"; import EditMultiPanel from "./views/panels/EditMultiPanel.svelte"; import SelectServers from "./views/premium/SelectServers.svelte"; +import LegalLayout from "./layouts/LegalLayout.svelte" +import PrivacyPolicy from "./views/legal/PrivacyPolicy.svelte" +import TOS from "./views/legal/TOS.svelte" + export const routes = [ {name: '/', component: Index, layout: IndexLayout}, {name: '404', path: '404', component: Error404, layout: ErrorLayout}, + {name: "/legal/privacy", component: PrivacyPolicy, layout: LegalLayout }, + {name: "/legal/tos", component: TOS, layout: LegalLayout }, {name: '/callback', component: LoginCallback}, {name: '/login', component: Login}, {name: '/logout', component: Logout}, diff --git a/frontend/src/views/legal/PrivacyPolicy.svelte b/frontend/src/views/legal/PrivacyPolicy.svelte new file mode 100644 index 0000000..a7e0dce --- /dev/null +++ b/frontend/src/views/legal/PrivacyPolicy.svelte @@ -0,0 +1,139 @@ + + +
+
+ + Privacy Policy +
+

What data do you collect & how do you use the data?

+

+ When you invite Tickets to your server, we cache the guild + object, channel objects and role objects. Additionally, we + may also cache any user or member objects that Discord + provides Tickets with in the GUILD_CREATE payload. Upon + interaction with the bot, we may also cache your member and + user objects if we do not already do so. We store this data + solely for operation of the Tickets service to prevent + excessive API requests to the Discord API. +

+
+

+ When a Ticket is closed in a server, all message content and + participants (specifically username, avatar hash and + discriminator) as retrieved and uploaded to our ticket + archive store. We use OVH's object storage offering to store + the data, which is encrypted by us, and additionally + encrypted by OVH at rest. Backups of our database and ticket + transcripts are encrypted and stored in Switzerland, via + Exoscale. +

+
+

+ When logging into our web dashboard, we also collect all + guild objects for the servers you are a member of. This is + so we can verify your ownership / status in the server, and + provide a list of servers to manage. +

+
+

Third Party Services

+

Bloxlink

+

+ If you have opted into using our Bloxlink integration, the + IDs of users will be sent to Bloxlink when opening a ticket + to retrieve their Roblox user ID. This is then sent to + Roblox's own API and exchanged for the full Roblox user + object. Only the user's snowflake is shared with Bloxlink. +

+

+ You can view Bloxlink's own Terms of Service here. +

+

User-created Integrations

+

+ Administrators of Discord servers using our service can + install or create custom integrations. This means that upon + opening a ticket, your user ID (which is not classed as PII + by Discord) is sent to the operators of the service used by + the integration. Custom integrations are able to define + privacy policies. You should ask the administrators of + servers using our service for the privacy policies of + integrations they have installed. +

+

Cloudflare

+

+ All traffic is routed through Cloudflare, whose service we + use for web performance and security. +

+

+ You can view Cloudflare's privacy policy here. +

+

Google Analytics

+

+ We use Google Analytics on some of our web pages to track + how we can improve your experience using our sites. Google + Analytics is a industry standard tool, used by most + websites. All data is anonymised before being forwarded. We + do not use this data for advertising purposes. +

+

+ You can view Google Analytics' terms of service and privacy + policy here. +

+
+

+ How can I contact you regarding concerns with the Tickets + service? +

+

+ We are happy to resolve any data processing of security + concerns you may have. The best way to get in contact with + us is by joining our Discord support server and opening a + Ticket in the #support channel. +

+
+

How can I request my data or data removal?

+

+ Please join our Discord support server and open a Ticket in + the #support channel. Unfortunately, we are unable to help + you with these queries via external channels, as we would + not be able to reliably verify your identity. We will handle + your request within 30 days of it being logged. +

+
+ +
+
+ + diff --git a/frontend/src/views/legal/TOS.svelte b/frontend/src/views/legal/TOS.svelte new file mode 100644 index 0000000..9f1da38 --- /dev/null +++ b/frontend/src/views/legal/TOS.svelte @@ -0,0 +1,149 @@ + + +
+
+ + Terms of Service +
+

+ Please read these terms of service ("terms", "terms of + service") carefully before using Tickets Discord bot and + ticketsbot.cloud (the "service") operated by + ticketsbot.cloud ("us", 'we", "our"). +

+
+

+ We will provide their services to you, which are subject to + the conditions stated below in this document. Every time you + visit this website, use its services or make a purchase, you + accept the following conditions. +

+
+

+ By using the service, you represent and warrant that you + agree to these terms, and have the legal capacity to do so. +

+
+

Privacy

+

+ When you visit this website or use the service, we collect + information about you. Please review our privacy policy for further information. +

+
+

User Guidelines

+
    +
  1. + Do not take any actions to attempt to abuse or purposely + disrupt or cause other damage to the service. +
    2. +
  2. + Do not use the service in a manner inconsistent with any + applicable laws or regulations of your local region and + the United Kingdom. +
    3. +
  3. + Do not attempt to access any data that you are not + permitted to. +
    4. +
  4. + Do not interfere with, disrupt, or create an undue + burden on the service or the networks or services + connected to the service. +
    5. +
  5. + Do not attempt to bypass any measures of the service + designed to prevent or restrict access to the service, + or any portion of the service. +
    6. +
  6. + Do not use the service to process or store adult visual + media content, including but not restricted to images + and videos. +
    7. +
  7. + Do not use the service to process or store + privacy-sensitive data from users, such as identity + documents. +
    8. +
  8. + Do not use the service to, or in association to a way + that would, violate the Discord Terms of Service + or + Discord Community Guidelines. Please take additional care to review the following + extracts: +
    +
    + You agree not to use the Service in order to: +
    + ... +
    + Exploit, distribute or publicly inform other members + of any game error, miscue or bug which gives an unintended + advantage; violate any applicable laws or regulations; + or promote or encourage illegal activity including, but + not limited to, hacking, cracking or distribution of + counterfeit software, compromised accounts, or cheats + or hacks for the Service. +
    +
    + Do not abuse Discord products in any way, such as + selling or purchasing an account or server, or + participating in fraudulent Nitro incentives or + Boosting activities. +
    +
    9. +
+
+ +
+
+ +