From 7fd19b3906660bd48105fcf61b83c75cdc90227e Mon Sep 17 00:00:00 2001 From: Pete Herlihy Date: Wed, 2 Nov 2016 15:45:19 +0000 Subject: [PATCH] Updated the terms of use on 2 November in line with MOU changes --- app/templates/views/terms-of-use.html | 113 +++++++++----------------- 1 file changed, 38 insertions(+), 75 deletions(-) diff --git a/app/templates/views/terms-of-use.html b/app/templates/views/terms-of-use.html index 29e9c6282..c48633a77 100644 --- a/app/templates/views/terms-of-use.html +++ b/app/templates/views/terms-of-use.html @@ -23,7 +23,7 @@ Terms of use – GOV.UK Notify {% endcall %} -

To accept these terms, you must be the service manager for your service. If you’re not the service manager, you’ll need to invite them.

+

To accept these terms, you must be the service manager for your service.

@@ -34,25 +34,20 @@ Terms of use – GOV.UK Notify

You agree:

-

Before you can send real messages:

- -

@@ -64,37 +59,37 @@ Terms of use – GOV.UK Notify We agree to send all the messages you pass to us -

We will send all the messages you pass to us, as long as they meet our guidelines.

+

We’ll send all the messages you pass to us, as long as they meet our guidelines.

-

We endeavour to provide continuous uptime for both accepting messages and sending them.

+

We aim to provide a continuous service so you can use GOV.UK Notify 24 hours a day, 365 days a year.

-

We’ve made sure that GOV.UK Notify can handle large volumes of messages. For email and text messages we have several delivery providers concurrently integrated. This provides GOV.UK Notify with real-time failover capability.

+

We’ve made sure that GOV.UK Notify can handle large volumes of messages. For text messages we use multiple delivery providers at any one time. If a provider’s service fails, GOV.UK Notify will automatically switch to a different provider.

-

GOV.UK Notify is supported 24/7 for high-priority issues. We provide a ticketing system and escalation routes for service teams to address incidents.

+

+ We agree to keep you informed about the performance of GOV.UK Notify +

-

You’ll be able to see how our service is performing on our status page.

+

You’ll be able to see how the service is performing on our status page.

+ +

We have a ticketing system and escalation routes to address incidents. We also provide 24 hour support for high-priority issues.

+ +

We also have a chat room for talking to the GOV.UK Notify team. We are available to discuss your needs, and to see how Notify is working for you.

We agree to keep your data secure

-

GOV.UK Notify (as a whole, including subcontractors) currently store personal data for up to 1 year, and non-personal data indefinitely.

- -

GOV.UK Notify has been through an information assurance process to assess information risks, to determine appropriate treatments for those risks and to obtain risk acceptance from the Cabinet Office Senior Information Risk Officer (SIRO). This work includes the completion of a Privacy Impact Assessment to ensure compliance with the Data Protection Act.

- -

We do not conduct, or enable, analysis of when the same recipient (mobile number, email or postal address) is contacted by multiple Government organisations. We may do so if required by law enforcement.

- -

We maintain appropriate technical and organisational measures to protect data. We make sure our subcontractors follow the same procedures.

+

GOV.UK Notify has been through an information assurance process to assess information risks, to determine appropriate treatments for those risks and to obtain risk acceptance from the Cabinet Office Senior Information Risk Officer (SIRO). This work includes the completion of a privacy impact assessment to ensure compliance with the Data Protection Act.

Cabinet Office act as data processor, as parent organisation of GOV.UK Notify. Your organisation remains the data controller.

-

We’ll never transfer or store data on servers outside of the European Economic Area.

+

Contact us if you want more information about our approach to data protection and information risk management.

-

- We agree to give you three months’ notice if we change these terms +

+ We agree to give you one months’ notice if we change these terms

-

We’ll email you if you need to change these terms. We’ll tell you clearly what is changing and when the change will come into effect.

+

We’ll email to tell you what is changing and when the change will come into effect.

This includes when any of our email, text message or postal providers change.

@@ -115,37 +110,35 @@ Terms of use – GOV.UK Notify

You must follow industry best practices for keeping your API keys secure.

-

You must ensure you have obtained correct levels of consent - both to send messages but also for how data is shared in order to do so.

+

You must ensure you have obtained correct levels of consent - both to send messages but also for how data is shared, stored, and processed in order to do so.

-

You must not perform any load testing on GOV.UK Notify, since we’ve already done it.

- -

- You agree not to use GOV.UK Notify to send marketing messages +

+ You agree not to use GOV.UK Notify to send unsolicited messages

-

GOV.UK Notify is for sending transactional messages.

+

GOV.UK Notify is for sending transactional messages and subscription based alerts or reminders.

Transactional messages relate directly to something the user did. For example:

-

You don’t need to ask permission to send messages that directly relate to a transaction. By using a transaction, a user is implicitly agreeing to receive messages about that transaction.

+

You don’t need to ask permission to send messages that directly relate to a transaction. By making a transaction and providing their contact details, a user is implicitly agreeing to receive messages about that transaction.

-

Marketing messages don’t relate directly to something the user did. For example:

+

Subscription based messages relate to something a user has explicitly asked to be updated with. For example:

-

You must agree not to use GOV.UK Notify to send marketing messages.

+

All subscription based messages must, by law, contain a way for users to unsubscribe.

-

If you do use GOV.UK Notify to send marketing messages, we may refuse to accept further messages for delivery.

+

If you do use GOV.UK Notify to send unsolicited messages, we may refuse to accept further messages for delivery.

You agree to send messages consistent with our design patterns, style guide and information security guidelines @@ -153,15 +146,15 @@ Terms of use – GOV.UK Notify

Your messages must follow our design patterns, style guide and information security guidelines.

-

Your messages must not contain any personal, or otherwise sensitive, information.

+

Your messages must not contain any personally or commercially sensitive information.

You agree to use GOV.UK Notify delivery data to continuously improve the quality of your contact data

-

When you send messages through GOV.UK Notify, we provide feedback on the status of every text message, email and letter.

+

When you send messages through GOV.UK Notify, we provide feedback on the status of every text message, email and letter you send.

-

You agree to use our delivery data to check (and potentially remove) bounced email addresses, mobile numbers and postal addresses from your database.

+

You agree to use our delivery data to check (and potentially remove) bounced email addresses, mobile numbers, and postal addresses from your database.

You agree to ensure your user’s personal data is kept accurate and up to date, in line with Data Protection Act principles.

@@ -169,36 +162,6 @@ Terms of use – GOV.UK Notify
-
-

- Requesting to go live -

- -

Before you can send real messages:

- - - -

- You must tell us how many text messages, emails and letters you plan to send -

- -

You must estimate how many text messages, emails and letters you plan to send each year, including any spikes or seasonal variation.

- -

We will make sure GOV.UK Notify is easily able to handle your estimated sending volume.

- -

- We’ll check your templates before you can go live -

- -

We’ll check your templates to make sure they are transactional, not marketing, and follow our design patterns, style guide and information security guidelines.

-
-

Leaving GOV.UK Notify @@ -206,7 +169,7 @@ Terms of use – GOV.UK Notify

You can remove your service from GOV.UK Notify at any time. Contact us and we’ll delete your account.

-

Any data that you have processed through GOV.UK Notify will be deleted as part of the existing data deletion processes.

+

Any data that you have already processed through GOV.UK Notify will be deleted as part of the existing data deletion processes and data retention periods.