Page MenuHomePhabricator
Create Task
Maniphest T229163

Is using HotJar on toolabs in compliacy with WMFs privacy policy?
Closed, InvalidPublic
Actions

Description

https://tools.wmflabs.org/iabot/index.php has HotJar on their page. However, nowhere is there a mention on HotJar's Privacy policy, which I automatically must agree to. Is that compatible with WMFs privacy policy?

Related Objects

Event Timeline

Josve05a created this task.Jul 27 2019, 1:16 PM
Restricted Application added a subscriber: Cyberpower678. · View Herald TranscriptJul 27 2019, 1:16 PM
Cyberpower678 closed this task as Invalid.Jul 27 2019, 1:18 PM

It's an opt in service. If you are seeing it, then you are opted in to it. You can opt back out in your preferences. As for using it, I'm allowed to as long as users consent to it.

Legoktm subscribed.Jul 27 2019, 3:54 PM

Assuming hotjar is some analytics platform..what's the purpose of it? Who has access to it?

I note that the iabot terms of use include:

PRIVACY:
All actions made on the interface is publicly logged, to maintain accountability. All users of the interface during initial sign on have some insensitive data saved. This data includes current username, last sign on, last action, preferred language, cached public data provided by the OAuth extension, and whether they are blocked or not. No private data whatsoever is recorded or logged.

That last part of which isn't true if the user opts in.

Quiddity subscribed.Jul 28 2019, 4:09 AM
sbassett added a subscriber: JFishback_WMF.Jul 29 2019, 2:39 PM
Josve05a added a comment.EditedJul 30 2019, 6:30 PM
In T229163#5370834, @Cyberpower678 wrote:

It's an opt in service. If you are seeing it, then you are opted in to it. You can opt back out in your preferences. As for using it, I'm allowed to as long as users consent to it.

It is not opt-ed in on my profile, but I still saw the "HotJar" icon-thingy in the bottom right of the page. So, that statement might not be completely true.

sbassett triaged this task as Medium priority.Oct 16 2019, 4:36 PM
sbassett moved this task from Intake to Done on the Privacy board.
Legoktm mentioned this in T281532: Use of non-free third party analytics tool (Hotjar) by tools-iabot.Apr 29 2021, 11:22 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL