jennie/ghostguild-org
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ghostguild-org/app/pages/policies/privacy.vue
Jennie Robinson Faber c5e901ed24 feat(signup): community guidelines agreement and policies routes 
Introduces /community-guidelines and /policies/{privacy,terms,[slug]} pages,
swaps the signup/invite checkbox from agreedToTerms to agreedToGuidelines,
adds Member.agreement.acceptedAt, and stamps the field when a Helcim
customer is created.
2026-04-18 17:06:10 +01:00

328 lines
11 KiB
Vue
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<template>
<PageShell title="Privacy Policy" subtitle="How Ghost Guild handles your data">
<div class="policy-prose">
<p class="policy-updated">Last updated: April 18, 2026</p>
<section class="policy-section">
<p>
Ghost Guild is a program of Baby Ghosts, a Canadian non-profit. This
policy explains what information we collect when you use
ghostguild.org and wiki.ghostguild.org, what we do with it, and what
choices you have.
</p>
<p>
We treat your data as something you've trusted us with, not something
we own. If anything here is unclear or feels off, email us at
<a href="mailto:hello@ghostguild.org">hello@ghostguild.org</a>.
</p>
</section>
<section class="policy-section">
<h2>What we collect</h2>
<p>
<strong>When you apply for membership:</strong> your name, pronouns,
location, email, the answers you give in your application, and which
membership circle you're applying for.
</p>
<p>
<strong>When you build a profile:</strong> anything you choose to add
(bio, studio affiliation, skills, social links, availability for peer
support, Slack handle). Your profile is visible to other Ghost Guild
members. It isn't made public or visible to search engines. If you
don't want something seen by other members, don't put it in your
profile.
</p>
<p>
<strong>When you contribute to the wiki:</strong> your edits,
comments, and authorship are recorded so members can see who wrote
what and so we can roll back if needed.
</p>
<p>
<strong>When you post on the bulletin board:</strong> your posts
(needs you have, offers you can make), your name as the poster, and
the timestamps. The actual connecting between members happens in
Slack, not on our platform.
</p>
<p>
<strong>When you pay dues:</strong> payment is handled by Helcim. We
see the amount, date, and that the payment came from you. We don't
see or store card numbers or banking details.
</p>
<p>
<strong>When you get emails from us:</strong> Resend delivers them.
They process your email address and basic delivery metadata.
</p>
<p>
<strong>For site analytics:</strong> we use Plausible. Plausible
doesn't use tracking cookies, doesn't store IP addresses, and doesn't
follow you across sites. It tells us aggregate things like which
pages get visited and roughly how many people use the site. It
doesn't tell us who you are.
</p>
<p>
We don't use Google Analytics, advertising pixels, or any other
tracking. The site uses cookies needed to keep you logged in. That's
it.
</p>
</section>
<section class="policy-section">
<h2>Why we collect it</h2>
<p>
<strong>To run the membership program:</strong> review applications,
give you access, support your participation, send you things you've
signed up for.
</p>
<p>
<strong>To help members find each other:</strong> making your profile
and bulletin board posts visible to the rest of the community.
</p>
<p>
<strong>To report on impact:</strong> anonymized, aggregated numbers
for funders and the community (how many members, what topics come up
on the bulletin board, where members are based).
</p>
<p>
<strong>To meet our obligations</strong> as a non-profit corporation
under Canadian law.
</p>
</section>
<section class="policy-section">
<h2>Who else sees it</h2>
<p>The services that store or process your data on our behalf:</p>
<ul>
<li>Helcim, payment processing, Canada</li>
<li>Resend, transactional email, US</li>
<li>Hetzner, server hosting, Germany</li>
<li>Outline, wiki software running on our Hetzner server</li>
<li>Plausible, anonymous site analytics, EU</li>
<li>
Slack, if you accept an invitation to the shared Gamma Space
workspace
</li>
</ul>
<p>
<strong>Other Ghost Guild members:</strong> they can see your profile
and any bulletin board posts you make. None of this is public or
visible to search engines.
</p>
<p>
<strong>Wiki contributions:</strong> anything you post on
wiki.ghostguild.org is part of a public knowledge commons (see the
<NuxtLink to="/policies/terms">Terms of Service</NuxtLink> for the
specifics) and may be visible to anyone on the internet.
</p>
<p>
<strong>Baby Ghosts staff and the Membership Committee:</strong> for
purposes related to running the program.
</p>
</section>
<section class="policy-section">
<h2>What we don't do</h2>
<p>We don't sell your data.</p>
<p>We don't share it with third parties for marketing.</p>
<p>
We don't feed your messages, profile, applications, bulletin board
posts, or other community content into generative AI tools, and we
don't allow members to do that with each other's content either. This
is a community commitment, not just a policy line.
</p>
<p>
If we ever want to do something different than what's in this policy,
we'll ask first.
</p>
</section>
<section class="policy-section">
<h2>How long we keep it</h2>
<p>
<strong>While you're a member:</strong> as long as you have an
account.
</p>
<p>
<strong>After you leave:</strong> we keep basic account records for
one year for administrative reasons (renewals, returning members,
financial records we're required to keep). Your wiki contributions
remain in the commons under their license; that's how a commons works
(see <NuxtLink to="/policies/terms">Terms of Service</NuxtLink>).
Your bulletin board posts are removed when you close your account.
Aggregate impact data has no expiry and doesn't identify you.
</p>
<p>
<strong>Financial records:</strong> we keep what we have to keep
under tax law (currently six years).
</p>
<p>
You can ask us to delete your account and personal data at any time.
We'll do it unless we're legally required to retain something
specific, in which case we'll tell you what and why.
</p>
</section>
<section class="policy-section">
<h2>Your rights</h2>
<p>You can:</p>
<ul>
<li>See what we have about you</li>
<li>Correct anything that's wrong</li>
<li>Download your data</li>
<li>Delete your account</li>
<li>Withdraw consent for anything you previously agreed to</li>
</ul>
<p>
To do any of these, email
<a href="mailto:hello@ghostguild.org">hello@ghostguild.org</a>. We'll
respond within 30 days.
</p>
<p>
If you live in a province with its own privacy law (Quebec, British
Columbia, Alberta), you may have additional rights under that law.
PIPEDA may also apply to some of what we do. We'll respect those
rights regardless of which framework technically covers your
situation.
</p>
</section>
<section class="policy-section">
<h2>Security</h2>
<p>
We host on a private server, encrypt data in transit, and limit
access to staff who need it. Perfect security doesn't exist. If
something happens that affects your data, we'll tell you within a
reasonable time and explain what we're doing about it.
</p>
</section>
<section class="policy-section">
<h2>Children</h2>
<p>
Ghost Guild is for adults. We don't knowingly collect data from
anyone under 18.
</p>
</section>
<section class="policy-section">
<h2>Changes</h2>
<p>
If we change this policy in a way that affects how we handle your
data, we'll email members and post the change with a date stamp at
least 30 days before it takes effect. Continued use after that means
you accept the changes. If you don't, close your account first.
</p>
</section>
<section class="policy-section">
<h2>Contact</h2>
<p>
Questions, requests, complaints:
<a href="mailto:hello@ghostguild.org">hello@ghostguild.org</a>
</p>
<p class="policy-address">
Baby Ghosts<br>
3230 Yonge Street #4052<br>
Toronto ON M4N 3P6<br>
Canada
</p>
</section>
</div>
</PageShell>
</template>
<script setup>
useHead({
title: 'Privacy Policy · Ghost Guild',
})
</script>
<style scoped>
.policy-prose {
max-width: 720px;
padding: 32px;
}
.policy-updated {
font-family: "Commit Mono", monospace;
font-size: 11px;
font-weight: 600;
letter-spacing: 0.08em;
text-transform: uppercase;
color: var(--candle);
margin-bottom: 24px;
}
.policy-section {
padding: 28px 0;
border-bottom: 1px dashed var(--border);
}
.policy-section:first-of-type {
padding-top: 0;
}
.policy-section:last-child {
border-bottom: none;
}
.policy-section h2 {
font-family: "Brygada 1918", serif;
font-size: 20px;
font-weight: 600;
color: var(--text-bright);
letter-spacing: -0.01em;
margin-bottom: 16px;
line-height: 1.25;
}
.policy-section p {
font-size: 13px;
color: var(--text-dim);
line-height: 1.7;
margin-bottom: 12px;
}
.policy-section ul {
list-style: none;
padding: 0;
margin: 8px 0 14px;
}
.policy-section ul li {
position: relative;
padding: 2px 0 2px 18px;
font-size: 13px;
color: var(--text-dim);
line-height: 1.7;
margin-bottom: 4px;
}
.policy-section ul li::before {
content: "";
position: absolute;
left: 0;
top: 2px;
color: var(--candle-faint);
font-size: 14px;
line-height: 1.7;
}
.policy-section a {
color: var(--candle);
}
.policy-section strong {
color: var(--text-bright);
font-weight: 600;
}
.policy-address {
font-family: "Commit Mono", monospace;
font-size: 12px;
line-height: 1.7;
color: var(--text-dim);
margin-top: 16px;
}
@media (max-width: 640px) {
.policy-prose {
padding: 20px 16px;
}
}
</style>
Reference in a new issue View git blame Copy permalink