this post was submitted on 14 Oct 2024
43 points (100.0% liked)

Open Source

31029 readers
876 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
43
What to write in the 'Terms of Service' and 'Privacy Policy' of my open source project? (lemm.ee)
submitted 3 weeks ago by [email protected] to c/[email protected]
7 comments fedilink hide all child comments
 

I don't know what to write in both of these pages before I publish my project. I would greatly appreciate if someone would help me in this regard as I know nothing about the legal side of hosting open source apps nor do I want to spend too much time on this.

For context, my project is a web app that I specifically made sure to be as private as possible. All data generated by the user is made to be completely stored locally in the browser with no trackers or analytics installed. The data can be modified and deleted as per the user's will along with the ability to import and export the data as JSON files. A local account is required to save progress else the data will be wiped on exiting the site and the core functionalities of the site do not depend on whether an account has been created or not. The only privacy risk would be occasional loading of external resources like image links which I couldn't find a viable alternative to.

Frankly this is just a small side FOSS project which I do not intend to capitalise on. I still want to mention the TOS and the Privacy Policy just in case, but I couldn't be bothered to write all this legal matter by hand.

top 7 comments
sorted by: hot top controversial new old
[–] [email protected] 7 points 3 weeks ago

my understanding is that terms of service would be helpful but not needed if someone trued to sue because you blocked access to the site. I would not expect ToS for a site like you are explaining, but if it did it would say "the web admin will ban you if you are naughty, you have been warned"

For privacy policy i think what you wrote to give us context is near perfect. Explain how your app stores data, be specific about encryption at rest and in motion. If your app is designed to hold name, email address, billing info you should highlight that in your policy. including a (monitored) contact email for questions would be nice, but not needed imo unless you are storing PII

[–] [email protected] 3 points 3 weeks ago

This may not be the best advice, but it is what I did for a project that was required to have these statements. There are online templates and services that will create and host your terms and data privacy policy for free, with upgrades of you want more customized wording. The format is clunky and in my case allowed for more data collection than the app would ever actually do because I did not pay to customize it, but it serves the purpose. Termsfeed.com privacypolicygenerator.com You could just generate one to see the general idea and then customize it yourself if you don't need the hosting.

[–] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

I guess LLMs are OK at this as most ToS and Privacy Policies have quite fixed formats.

[–] [email protected] 2 points 3 weeks ago (1 children)

And if you decide to use an LLM, don’t settle for the first version. Ask thoughtful questions, request relevant improvements, and spend some time with this document. The first version tends to have a bunch of flaws, mistakes and oversights, and the LLM might even be able to find and fix them if you tell it to do that. After a few iterations of ironing out the wrinkles, you should show the document to a real lawyer just in case.

[–] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Repeated revisions with LLM of course is needed. For a small side FOSS project, the TOS and privacy policy is just in case. Plus the OP isn't intended to make money off of it. The risk of someone going after OP is really low. I don't really think OP need to get a real lawyer to do it.

[–] [email protected] 1 points 3 weeks ago (1 children)

Yeah, those services can be really expensive, so justifying expenses like that might be hard in a small project.

[–] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago)

If OP really needs it, law school students might be a good way to get cheaper rates. AFAIK, TOS and Privacy Policy are basically contracts, and every law student should know how to.