Page MenuHomeMiraheze

Review AddThis CSP Entry
Open, NormalPublic

Description

addthis.com


CSP REVIEW

  • Is the site equipped with a privacy policy? Yes
  • Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights? No, claims that " AddThis Data is not collected from individuals located in the EU/EEA, Switzerland or the UK"
  • Does the site provide a list of personal data being collected by using the service? Yes, potentially problematic "We may associate personal information about you with interest segments or profiles as part of the provision of AddThis services to our customers and partners"
  • Is the website owner known to have a bad reputation regarding privacy? No, however it is potentially problematic
  • Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking? Unclear
  • Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker? Yes
  • Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze? Yes
  • Is the site equipped with a security policy? Yes, see PP
  • Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources? No details; general standard statement
  • Is the website owner known to have a bad reputation regarding information security? No
  • Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze? Someone can probably be contacted via general support.

Event Timeline

John triaged this task as Normal priority.Aug 28 2021, 19:18
John created this task.

I'm unsure what to make of this due to the data collected (at least for non-EU users), because of this a second opinion would be great.