Jump to: content, navigation, search

Navigation menu

Privacy Policy: Difference between revisions

1st version GDPR compliant statement
(fix broken links due to uprooting from the main wiki (and drop some over-linking))
(1st version GDPR compliant statement)
== Introduction==
This page describes the OpenStreetMap '''privacy policy''' for services formally operated and provided by the [http://osmfoundation.org/ OpenStreetMap Foundation].
 
This document states the OpenStreetMap '''privacy policy''' for services formally operated and provided by the [http://osmfoundation.org/ OpenStreetMap Foundation (OSMF)]. In particular these are
It describes what personal information we may be gathering from you, who can see this information, and what options you have for controlling this. OpenStreetMap developers, contributors and related companies will often use the OpenStreetMap name and logo to set up groups or services on third-party web sites. For example, there might be a Facebook page, a Google Plus page, a Slack channel, a page on Xing or LinkedIn, a Meetup group, and so on. Such services are outside of OSMF's control and might be located in countries with different data protection rules. Data you share on these platforms cannot, therefore, be covered by this policy.
 
* the openstreetmap.org website and associated services and APIs,
== Community development ==
* the OpenStreetMap data distribution,
* the OpenStreetMap wiki and help sites,
* the OpenStreetMap mailing lists and forums.
 
It describes what personal information we may be gathering from you, who can see this information, and what options you have for controlling this. We value your privacy and strive to achieve a balance between the legitimate interests of the OpenStreetMap project and your interests and rights.
Development of the software behind OpenStreetMap is a community effort, with many developers involved and work taking place on many separate components. Generally a good level of care is being taken to ensure that personal information of contributors will not fall into the wrong hands. This has come about as a series of independent decisions within the design of the various components. The following descriptions are a de facto accumulation of this into a 'privacy policy' describing how we work with the data. We are working to improve the technology to offer a more coherent privacy model.
 
This document is mainly intended for OpenStreetMap contributors, if you are using services provided by the OSMF without contributing, section [[#Data_we_receive_automatically | Data we receive automatically]] will be most relevant for you.
 
As the OSMF has many legacy systems and practices that have currently not been fully reviewed and documented, it is possible that a subject of particular interest to you has not been covered yet or is inaccurately described. Please use the [[#Contact | contact information]] if you have any such questions or believe that you have found a discrepancy. As we will be updating this document regularly to reflect our better understanding of these issues, please check from time to time for updates.
 
OpenStreetMap developers, contributors and related companies will often use the OpenStreetMap name and logo to set up groups or services on third-party web sites. For example, there might be a Facebook page, a Google Plus page, a Slack channel, a page on Xing or LinkedIn, a Meetup group, and so on. The privacy practices of such services are outside of OSMF's control and might be located in countries with different data protection rules. Data you share on these platforms cannot, therefore, be covered by this policy. Please refer to the privacy policies of those third-party services.
 
==Why do we store and process personal data?==
 
The purpose of the OpenStreetMap project and the OSMF is to provide open geographic data, such as street maps, to anyone.
 
To fulfill the goal of distributing data that is truly open, untethered by rights of third parties and of high quality, we do not support anonymous contributions and retain additional, non-geographic, data on a legitimate interest base (see [https://gdpr-info.eu/art-6-gdpr/ GDPR article 6.1f ]), to enable:
 
* identifying all the contributions made by an account,
* contacting the contributor in the case of questions in respect to the nature and source of the contributions,
* detection, removal and correction of spam accounts, vandallism and violations of the rights of third parties,
* facilitating the communication between OpenStreetMap contributors.
* research and analysis on aggregate contributions to improve or prioritise OSMF services, such as evaluating mapping efficacy, map completeness, determining if locations or mappers are disproportionately represented.
 
==What data do we store and process?==
 
===Data from contributions to OpenStreetMap===
 
Besides the geographic data contributed (point, ways, areas with associated attributes and GPS trace data), and communications related data (diary posts and comments, the user page, changeset comments, messages) we store
 
* editing session meta-data. For example comments added by the user, any version and similar information added by the editing application, which editing application and which aerial imagery layers where used.
* user id and login name of the author of every change to an object and a timestamp when that change occured.
* the e-mail address associated with your account,
* any blocks the user has received and associated messages.
* network access data (example IP addresses) for the systems and services operated by the OSMF. see [[#Data_we_receive_automatically | Data we receive automatically]] .
===OSMF Membership Data===
You should always view OpenStreetMap systems and software with a questioning mind, and feel free to raise any concerns you have about matters of privacy via our [https://wiki.openstreetmap.org/wiki/Contact_channels Contact channels]
 
The full personal name and residential address of members of the organisation according to the companies act are, by law, required to be added to the OSMF register of members. Terminating membership does not lead to the entry being deleted. Associate members are not required to provide their full details and the information can be deleted in membership is terminated. Payment details for both classes of members is retained for accounting purposes as long as required by law. The processing of this data is necessary for compliance with a legal obligation (see [https://gdpr-info.eu/art-6-gdpr/ GDPR article 6.1c]).
 
More details on OSMF membership options can be found on [https://join.osmfoundation.org/ https://join.osmfoundation.org/].
 
===Conference and Event Registration Data===
 
Some events organized by the OSMF require prior registration to be able to participate, most notably our annual State of the Map conference. This data is required to verify payment of entry fees, planning of venues, catering and scheduling of talks and presentations and is visible to the group organizing the event. The processing of this data is necessary for the performance of a contract (see [https://gdpr-info.eu/art-6-gdpr/ GDPR article 6.1b]).
==Who has access to the data==
 
We do not share email addresses associated with accounts with any third party and they are only accessible to our operations and working group personnel that have signed confidentiality agreements. User to user messages are visible to the sender and recipient, other access is limited to our operations staff and only if required for operational reasons, to enforce our acceptable use policies, to fulfil any legal obligations and most notably to prevent SPAM.
 
Similarly, network access data is only used for internal purposes and access is limited to operating personnel for operational and vandalism and SPAM protection purposes.
 
The other data is made available, depending on the use case, via the website, via the editing API and from our data dumps, to users with accounts and to the general public. Some of the non-geographic data may be available only by some methods however this is subject to change.
 
To reduce the distribution of the non-geographic information we offer our data dumps with and without the additional data. Entities that require and process the additional data can register with the OSMF and you can find contact information for them here: [[Registered data controllers]]. We do not contract with them and any processing of the data carried out by such entities is done on their own behalf.
 
==Where do we store the data==
 
The website, API servers, databases and the servers for auxiliary services are currently located in the United Kingdom.
 
Map tiles are provided by a global network of cache servers, which tile server your browser or app access is determined dynamically by geolocation of the IP address and selection of the cache server "nearest" to you. While in general this means that you will be using the tile cache physically nearest to you, this can be affected by
 
* uncertainties in determining the location of the client from its IP address
* operational issues (server downtime etc)
* network topology and load
 
The current list of tile cache servers can be found here: [https://hardware.openstreetmap.org/#tile-caches https://hardware.openstreetmap.org/#tile-caches] and you can determine which one is currently being used with the following link [https://tile.openstreetmap.org/cgi-bin/debug https://tile.openstreetmap.org/cgi-bin/debug].
 
==How can you control the processing of your data and reduce privacy related issues==
 
While not required by law, we provide the following mechanism to reduce the exposure of potentially privacy related information for you.
 
* you can select a non identifying login name and change it at any time you want,
* you are not required to include personal data in diary posts, comments, email listserv, the wiki, or other OSM communications methods, and you may delete diary posts at any time through your account,
* you can request your account to be deleted (restrictions see below) and this will be conveyed to registered entities that are using our full data.
 
You should not enable gravatar support or use an e-mail address you have associated with a gravatar with if privacy is a concern.
 
You can further reduce exposure by not adding personal information to the map data (personal names and similar). Such information is in general not considered to be an useful addition to our data and you should refrain from adding it.
 
==Right to Object==
== Other Policies ==
 
You have a [https://gdpr-info.eu/art-21-gdpr/ right to object] against processing based on legitimate interests of the data controller.
As well as privacy issues, users and contributors ''must'' also be aware of the [http://www.openstreetmap.org/copyright OpenStreetMap License]. This includes [https://wiki.openstreetmap.org/wiki/Disclaimer disclaimers]. We also have an [https://wiki.openstreetmap.org/wiki/Acceptable_Use_Policy Acceptable Use Policy] covering various types of server usage.
 
==Detailed Information==
== Privacy Policy ==
 
=== GPS Trace Data ===
 
The uploading of GPS data is entirely optional and not a prerequisite for contributions to OpenStreetMap. If you do submit GPS data, it is uploaded in the form of individual GPX files. These are kept as raw files, as well as imported into the database. GPX files can be marked "[https://wiki.openstreetmap.org/wiki/Visibility_of_GPS_traces public]" by the uploader; this is completely unrelated to the option of making one's ''edits'' "public".
 
When GPS data for an area is downloaded via the API no indication is provided of which user uploaded a point, or of the timestamp that was associated with the point. Points are however returned in timestamp order. GPS data downloaded in this way will include points from traces which were not marked as public.
 
If a GPS trace is marked as public when it is uploaded then the raw trace may be downloaded from the web site or using an API call. In this case the user's display name is shown (regardless of whether the user has made their ''edits'' public) and the timestamps in the GPX file will be included. Also, any additional information placed in the GPX file will still be present, e.g. waypoints with their names and/or notes entered, associated symbols, elevation data, etc. You should remove any such information from the data and trim enough information from beginning and end of the trace to obscure start and destination before uploading it if you have privacy concerns
 
=== Map Data ===
All edits made to the map are recorded in the database with the user ID of the user making the change, and a timestamp at the time of change upload. In general all of this information is also made available to everyone via the website, including links to allow everyone to easily cross-reference which user has made which edit.
 
Editing programs (such as JOSM and iD) can store further data in the database that may be relevant to your privacy. Please refer to the respective authors and distributors of the programs for more information. For example, iD and JOSM may add yourthe selectedlanguage localesettings of your device to the metadata of each changeset and the make and operating system of the device may be visible from the transmitted version strings.
 
=== User 'home' location ===
=== Email Addresses ===
 
The registered email address for an OSM user account, will never intentionally be published on the internet anywhere, shared with third party organisations, or revealed directly to other logged in users. Email addresses will be used by the server to notify the user if another user has sent a message through the website., Onlyand [https://wiki.openstreetmap.org/wiki/System_Administratorsfor Systemother Administrators]system willgenerated have direct access to email address datanotifications. It may be used by these people to contact users directly about their edits or other OpenStreetMap related issues.
 
Only [https://wiki.openstreetmap.org/wiki/System_Administrators System Administrators] will have direct access to email address data associated with the OSM account. It may be used by these people to contact users directly about their edits or other OpenStreetMap related issues.
Note that some other types of [https://wiki.openstreetmap.org/wiki/Accounts Accounts] used by developers/community ''do'' expose email address information more publicly (due to technical limitations of the software used, rather than policy decisions) The Trac system exposes your email address in plaintext on the page if the email address (rather than the display name) is used to login. The mailing list system exposes email addresses of people posting messages, in the archive web pages, but with obfuscation. If you want to post to the list, the system also requires you to register with your proper 'from' address, not a forwarding address.
 
Email addresses associated with wiki, forum and help site accounts are stored separately from the OSM user account data in the respective systems. These address are used for notifications and user to user communication (if enabled). These addresses are not publicly visible or shared with third parties, but may be visible to the administrators of the systems.
 
Note that some other types of [https://wiki.openstreetmap.org/wiki/Accounts Accounts] used by developers/community do expose email address information more publicly (due to technical limitations of the software used, rather than policy decisions). The Trac system exposes your email address in plaintext on the page if the email address (rather than the display name) is used to login. The mailing list system exposes email addresses of people posting messages to everyone who receives the message, as well as in the archive web pages. If you want to post to the list, the system also requires you to register with your proper 'from' address, not a forwarding address.
 
==== Gravatar ====
The openstreetmap.org website supports the display of [http://gravatar.com/ Gravatars], these are retrieved from gravatar.com by generating a globally unique key from your e-mail address. Our website software will check on the initial signup and on every email address change if you have a Gravatar for the new address and start displaying it if one exists. You can stop this behaviour by explicitly turning Gravatar support off in your account settings. You should be aware that, if a Gravatar is displayed, the key can be used to track your account over any website that has Gravatar support.
 
===Data we receive automatically===
Note: the above behaviour is current as of August 19th 2016, previously the Gravatar key was exposed regardless of if you actually had a Gravatar or not.
 
===Log files and Information submitted to OSMF Services===
 
The OSMF operates a number of services for the OpenStreetMap community, examples are the openstreetmap.org website, the "Standard" style online map, the OSM API and the nominatim search facility.
 
AccessingWhen you visit an OSMF website, access any of the services via a browser or via applications that utilize the provided APIs produces, records of that use, forare example in webserver log files. Furtherproduced, we maycollect operateinformation userabout interactionyour trackingbrowser softwareor thatapplication willand generateyour additionalinteraction recordswith ofour user activitywebsite, for example Piwik. Services that use Geo-DNS or similar mechanisms to distribute load to geographically distributed servers will potentially generateincluding (a) recordIP ofaddress, your(b) locationbrowser atand adevice large scaletype, (forc) exampleoperating thesystem, OSMF(d) tilereferring cacheweb networkpage, determines(e) the countrydate youand aretime likelyof topage be located invisits, and directs(f) yourthe requestspages toaccessed anon appropriateour server)websites.
 
Further we may operate user interaction tracking software that will generate additional records of user activity, for example Piwik.
 
Services that use Geo-DNS or similar mechanisms to distribute load to geographically distributed servers will potentially generate a record of your location at a large scale (for example the OSMF tile cache network determines the country you are likely to be located in and directs your requests to an appropriate server).
 
These records are used or can be used in the following ways:
* to improve the OpenStreetMap dataset. For example by analysing nominatim queries for missing addresses and postcodes and providing such data to the OSM community.
 
The data collected on the systems will be accessible by the system administrators and the appropriate OSMF working groups, for example the Data Working Group. No personal information or information that could beis linked to an individual will be released to third parties, except as required by law.
 
Given the temporary nature of this storage, it is generally not feasible for us to provide access to IP addresses or the logs associated with them.
Third party services providing content linked to via or third party JavaScript files utilised by OSMF provided sites are not covered by this policy and you will need to refer to the respective service providers for more information. Examples of such services and content are the HOT and CycleMap map layers on openstreetmap.org and the JavaScript frameworks used by help.openstreetmap.org.
 
The above mentioned data is processed on a legitimate interest base (see [https://gdpr-info.eu/art-6-gdpr/ GDPR article 6.1f ]).
 
Third party services providing content linked to via or third party JavaScript files utilised by OSMF provided sites are not covered by this policy and you will need to refer to the respective service providers for more information.
 
These are specifically
:
* Cycle and Transport Map layers available via the openstreetmap.org website operated by [http://www.thunderforest.com/contact/ Gravitystorm Limited, New Malden, United Kingdom]
* Humanitarian map layer available via the openstreetmap.org website operated by the [http://openstreetmap.fr/contact OpenStreetMap France c/o Maison des Associations du 2ème Arrondissement, 23 rue Greneta, 75002 Paris]
* overpass-api used by the query function on the openstreetmap.org website operated by [https://www.fossgis.de/datenschutzerklaerung FOSSGIS e.V., Römerweg 5, 79199 Kirchzarten, Germany]
 
===Communication via OSMF provided Systems===
 
The OSM community uses a number of channels for public and inter-personal communication. ExamplesSome areof the messagingsystems systemare onoperated openstreetmap.org,and thecontrolled OpenStreetMapby forums,third IRC channelsparties and thecan mailboxesbe located in countries other than the osmfoundationUK.org domainYou will need to refer to the respective service providers for more information.
 
These 3rd party operated systems are:
Some of the systems are operated and controlled by third parties and can be located in countries other than the UK. You will need to refer to the respective service providers for more information. By using those that are provided by the OSMF, for example the messaging system on openstreetmap.org, you agree to your communications being intercepted by OSMF system managers when necessary to address operational issues, to enforce our acceptable use policies, most notably to prevent SPAM, and to fulfil any legal obligations.
 
* Mailboxes for the OSMF e-mail addresses are provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043. USA
* IRC channels on the [https://www.oftc.net/ OFTC network]
* openstreetmap Organisation and source code repositories on [https://help.github.com/articles/github-privacy-statement/ Github]
 
By using those systems that are provided by the OSMF, for example the messaging system on openstreetmap.org, you agree to your communications being intercepted by OSMF system managers when necessary to address operational issues, to enforce our acceptable use policies, most notably to prevent SPAM, and to fulfil any legal obligations.
 
You should be aware of the above when communicating sensitive information and you should employ encryption to protect your communications content.
===Account Removal===
 
You can [//wiki.openstreetmap.org/wiki/FAQ#How_can_I_close_my_account.3F request your account to be removed] and we will honor such requests as far as possible. If you have not actively contributed to the project we will not retain any records, user page, diary posts and similar will be removed. If you have contributed your account will be renamed to user_''USERID'' and contributions and changeset comments will be retained with this name, diary entries and your user page will be removed. Since we do not allow anonymous edits we will non-publicly retain your e-mail address in case you need to be contacted with respect to your contributions.
 
If you have not actively contributed to the project we will not retain any records, user page, diary posts and similar will be removed.
 
If you have contributed your account will be renamed to user_''USERID'' and contributions and changeset comments will be retained with this name, diary entries and your user page will be removed. Since we do not allow anonymous edits we will non-publicly retain your email address in case you need to be contacted with respect to your contributions.
 
Wiki and forum accounts will be renamed to a pseudo-anonymous name, but otherwise will remain as is. You can unsubscribe yourself from any mailing lists, however you need to realize that personal copies held by the recipients of any mails you sent to the lists and the archives on lists.openstreetmap.org can not be removed.
 
In your request for account removal you need to identify all accounts that are affected as we do not have information on which accounts belong to which OpenStreetMap id.
 
===Cookies===
 
Numerous OSMF operated services use cookies to store information on your login and site navigation state. We also use cookies and similar technologies to recognize and improve your use of our websites.. You may delete cookies from your computer, and most browsers provide the option to block them. If you block cookies placed by us (first party cookies), you will not be able to access parts of the OSMF websites and services that require a login. However, your access to our websites will not be affected if you disable cookies placed by third parties.
Numerous OSMF operated services use cookies to store information on your login and site navigation state.
 
== Other Relevant Policies ==
 
As well as privacy issues, users and contributors must also be aware of the [http://www.openstreetmap.org/copyright OpenStreetMap License]. This includes [https://wiki.openstreetmap.org/wiki/Disclaimer disclaimers]. We also have an [https://wiki.openstreetmap.org/wiki/Acceptable_Use_Policy Acceptable Use Policy] covering various types of server usage.
 
==Contact==
 
If you have questions or concerns with respect to this policy, please contact the OSMF via our [https://wiki.openstreetmap.org/wiki/Contact_channels Contact channels].
===Contact===
 
If you havebelieve questionsthat orwe hold information that concernswould withallow respectus to correct, amend, or delete inaccurate information about you or if you believe that information about you has been processed in violation of this privacy policy, please contactemail the OSMFus at [mailto:legal-questionsprivacy@osmfoundation.org legal-questionsprivacy@osmfoundation.org] or start a public discussion via our [https://wiki.openstreetmap.org/wiki/Contact_channels Contact channels].
Note that you may change your username, email associated with your account, and ‘home’ location through your account without contacting the OSMF.
508

edits