diff --git a/app/formatters.py b/app/formatters.py index c0dda4738..11ae113d9 100644 --- a/app/formatters.py +++ b/app/formatters.py @@ -285,7 +285,7 @@ def format_notification_status_as_url(status, notification_type): return { 'email': url(_anchor='email-statuses'), - 'sms': url(_anchor='sms-statuses') + 'sms': url(_anchor='text-message-statuses') }.get(notification_type) diff --git a/app/templates/views/accessibility_statement.html b/app/templates/views/accessibility_statement.html index 927636400..8256cc168 100644 --- a/app/templates/views/accessibility_statement.html +++ b/app/templates/views/accessibility_statement.html @@ -41,7 +41,7 @@ AbilityNet has advice on making your device easier to use if you have a disability.
-We know some parts of this website are not fully accessible: @@ -63,7 +63,7 @@ We also know that the emails Notify sends are not fully accessible. The JAWS and NVDA screen readers announce extra spaces in emails when you view them in Microsoft Outlook.
-If you need any part of this service in a different format like large print, audio recording or braille, contact the GOV.UK Notify team. @@ -73,13 +73,13 @@ We’ll consider your request and get back to you within one working day.
-We’re always looking to improve the accessibility of this website. If you find any problems not listed on this page or think we’re not meeting accessibility requirements, contact the GOV.UK Notify team.
-The Equality and Human Rights Commission (EHRC) is responsible for enforcing the Public Sector Bodies (Websites and Mobile Applications) (No. 2) Accessibility Regulations 2018 (the ‘accessibility regulations’). If you’re not happy with how we respond to your complaint, contact the Equality Advisory and Support Service (EASS). @@ -89,7 +89,7 @@ Find out how to contact the GOV.UK Notify team.
-GDS is committed to making its website accessible, in accordance with the Public Sector Bodies (Websites and Mobile Applications) (No. 2) Accessibility Regulations 2018. @@ -99,13 +99,13 @@ GOV.UK Notify is partially compliant with the Web Content Accessibility Guidelines (WCAG) version 2.1 AA standard, due to the non-compliances listed below.
-The content listed below is non-accessible for the following reasons.
-The following content on the Notify website is not compliant with the WCAG version 2.1 AA standard: @@ -127,7 +127,7 @@ We expect to fix these issues by the end of March 2022.
-We’ve identified the following problems with the user interface: @@ -155,7 +155,7 @@ We hope to fix these issues by the end of June 2022.
-We use cookies to make GOV.UK Notify work and collect information about how you use our service.
-Essential cookies keep your information secure while you use Notify. We do not need to ask permission to use them.
@@ -62,7 +62,7 @@ -With your permission, we use Google Analytics to collect data about how you use Notify. This information helps us to improve our service.
diff --git a/app/templates/views/documentation.html b/app/templates/views/documentation.html index e0557bf7d..d2ec1d80b 100644 --- a/app/templates/views/documentation.html +++ b/app/templates/views/documentation.html @@ -8,7 +8,7 @@This documentation is for developers who want to integrate the GOV.UK Notify API with a web application or back office system.
-Links to documentation open in a new tab.
A developer should be able to set up the API client and start sending test messages in around 30 minutes. A full integration can take a few days, depending on the other systems you’re using.
-If you cannot use the client libraries, you can integrate directly with the API instead.
Read the REST API documentation (this link opens in a new tab).
diff --git a/app/templates/views/guidance/who-can-use-notify.html b/app/templates/views/guidance/who-can-use-notify.html index 5a6a44407..6dab232c6 100644 --- a/app/templates/views/guidance/who-can-use-notify.html +++ b/app/templates/views/guidance/who-can-use-notify.html @@ -26,7 +26,7 @@ If you work for one of these organisations but get an error when you try to create an account, contact support. -If you’re doing work for a public sector organisation you can use GOV.UK Notify.
@@ -34,12 +34,12 @@ Someone from the public sector organisation you’re working with needs to set up the account. Then they can invite you as a team member. -Notify is not currently available to charities.
-The GOV.UK Notify service is only for people who work in the government or other public sector organisations. diff --git a/app/templates/views/message-status.html b/app/templates/views/message-status.html index f56ab4793..4ce23379e 100644 --- a/app/templates/views/message-status.html +++ b/app/templates/views/message-status.html @@ -43,7 +43,7 @@
Notify cannot tell you if your users open an email or click on the links in an email. We do not track open rates and click-throughs because there are privacy issues. Tracking emails without asking permission from users could breach General Data Protection Regulations (GDPR).
-GOV.UK Notify is a service that lets public service teams in the UK send emails, text messages, and letters to users of their service.
@@ -31,7 +31,7 @@For more information see the Information Commissioner’s Office (ICO) Data Protection Public Register. The Cabinet Office registration number is: Z7414053
-The personal data we collect from public sector employees that create a GOV.UK Notify account includes:
@@ -45,11 +45,11 @@The legal basis for processing this data is ‘public task’ – allowing you to access GOV.UK Notify to send notifications to users of your public service.
-We need your personal data to ensure that only legitimate users of GOV.UK Notify can use it to send notifications.
-We use your data to check that you are allowed to access GOV.UK Notify and to record your activity when using it. We use third party suppliers to do this.
@@ -62,31 +62,31 @@We will share your data if we are required to do so by law – for example, by court order, or to prevent fraud or other crime.
-We will retain your personal data for as long as you have a GOV.UK Notify account.
-We design, build and run our systems to make sure that your data is as safe as possible at any stage, both while it’s processed and when it’s stored.
Your personal data will be processed both in the UK and the European Economic Area (EEA). Your data receives the same level of protection in the EEA as it does in the UK through the safeguard of Adequacy Decisions.
-We are committed to doing all that we can to keep your data secure. To prevent unauthorised access or disclosure we have put in place technical and organisational procedures to secure the data we collect about you – for example, we protect your data using varying levels of encryption. We also make sure that any third parties that we deal with have an obligation to keep all personal data they process on our behalf secure.
-We understand the importance of protecting children’s privacy online. Our services are not designed for, or intentionally targeted at, children 13 years of age or younger. It is not our policy to intentionally collect or maintain data about anyone under the age of 13.
-You have the right to request:
@@ -106,14 +106,14 @@If you have any of these requests, get in contact with our Data Protection Officer - you can find their contact details below.
-We may modify or amend this privacy notice at our discretion at any time. When we make changes to this notice, we will amend the last modified date at the top of this page. Any modification or amendment to this privacy notice will be applied to you and your data as of that revision date. We encourage you to periodically review this privacy notice to be informed about how we are protecting your data.
-Contact the GDS Privacy Team if you either:
diff --git a/app/templates/views/roadmap.html b/app/templates/views/roadmap.html index 72145638d..69405aef5 100644 --- a/app/templates/views/roadmap.html +++ b/app/templates/views/roadmap.html @@ -12,8 +12,8 @@ {{ content_metadata( data={ - "Last updated": "30 November 2021", - "Next review due": "20 January 2022" + "Last updated": "20 January 2022", + "Next review due": "20 April 2022" } ) }} @@ -22,39 +22,50 @@The roadmap is only a guide. It does not cover everything we do, and some things may change.
You can contact us if you have any questions about the roadmap or suggestions for new features.
-Since January 2021 we’ve sent 1 billion messages for services that were set up in response to the coronavirus (COVID-19) pandemic. This includes 4.5 million vaccination invitation letters and 700 million test results.
+In 2021 we sent 1.3 billion messages for coronavirus (COVID-19) services. This includes 270 million booster vaccination invitations and 751 million test results.
-More recently, we’ve upgraded some of the software we use to more recent versions.
+Recently we have:
+ +On Notify, data is encrypted:
Other technical security controls on Notify include:
Some messages include sensitive information like security codes or password reset links.
If you’re sending a message with sensitive information, you can choose to hide those details on the Notify dashboard once the message has been sent. This means that only the message recipient will be able to see that information.
-You can set different user permissions in Notify. This lets you control who in your team has access to certain parts of the service.
To sign in to Notify, you’ll need to enter:
@@ -54,7 +54,7 @@If signing in with a text message is a problem for your team, contact us to find out about using an email link instead.
-Our approach to information risk management follows NCSC guidance. It assesses:
This approach also applies to the service providers Notify uses to send messages.
-Things we do to manage risks on Notify include:
Notify has been assessed and approved by the Cabinet Office Senior Information Risk Officer (SIRO). The SIRO checks this approval once a year.
Notify also has approval from the Office of the Government’s SIRO to host data within the EEA.
-You can use Notify to send messages classified as ‘OFFICIAL’ or ‘OFFICIAL-SENSITIVE’ under the Government Security Classifications policy.
Notify does not process data classified as ‘SECRET’ or ‘TOP SECRET’.
The Notify team has Security Check (SC) level clearance from United Kingdom Security Vetting (UKSV).
diff --git a/app/templates/views/terms-of-use.html b/app/templates/views/terms-of-use.html index 60e0ab6fc..3080ab3b5 100644 --- a/app/templates/views/terms-of-use.html +++ b/app/templates/views/terms-of-use.html @@ -13,7 +13,7 @@ These terms apply to your service’s use of GOV.UK Notify. You must be the service manager to accept them. -You must:
You can leave Notify at any time. Just contact us and we’ll close your account.
When you leave Notify, all your data will be deleted.
diff --git a/tests/app/main/test_formatters.py b/tests/app/main/test_formatters.py index 3739c942b..58f0b1b56 100644 --- a/tests/app/main/test_formatters.py +++ b/tests/app/main/test_formatters.py @@ -22,9 +22,9 @@ from app.formatters import ( ('temporary-failure', 'email', partial(url_for, 'main.message_status', _anchor='email-statuses')), ('permanent-failure', 'email', partial(url_for, 'main.message_status', _anchor='email-statuses')), ('technical-failure', 'email', partial(url_for, 'main.message_status', _anchor='email-statuses')), - ('temporary-failure', 'sms', partial(url_for, 'main.message_status', _anchor='sms-statuses')), - ('permanent-failure', 'sms', partial(url_for, 'main.message_status', _anchor='sms-statuses')), - ('technical-failure', 'sms', partial(url_for, 'main.message_status', _anchor='sms-statuses')), + ('temporary-failure', 'sms', partial(url_for, 'main.message_status', _anchor='text-message-statuses')), + ('permanent-failure', 'sms', partial(url_for, 'main.message_status', _anchor='text-message-statuses')), + ('technical-failure', 'sms', partial(url_for, 'main.message_status', _anchor='text-message-statuses')), # Letter statuses are never linked ('technical-failure', 'letter', lambda: None), ('cancelled', 'letter', lambda: None), diff --git a/tests/app/main/views/test_index.py b/tests/app/main/views/test_index.py index 78deab351..e5b4eb842 100644 --- a/tests/app/main/views/test_index.py +++ b/tests/app/main/views/test_index.py @@ -188,12 +188,12 @@ def test_message_status_page_contains_message_status_ids(client_request): page = client_request.get('main.message_status') assert page.find(id='email-statuses') - assert page.find(id='sms-statuses') + assert page.find(id='text-message-statuses') def test_message_status_page_contains_link_to_support(client_request): page = client_request.get('main.message_status') - sms_status_table = page.find(id='sms-statuses').findNext('tbody') + sms_status_table = page.find(id='text-message-statuses').findNext('tbody') temp_fail_details_cell = sms_status_table.select_one('tr:nth-child(4) > td:nth-child(2)') assert temp_fail_details_cell.find('a').attrs['href'] == url_for('main.support')