I suggest you ...

CSO need terms to be able to use HIBP in their company.

We have integrated HIBP api in some of our security tools in our company in order to estimate the probability of one of our client getting hacked if his email appears in many breaches.

We beta tested it, but our legal staff pointed out that we needed terms on the website to be able to use it, as the fact you only tell that you don't collect and store email that are searched (we do trust you but legal team don't work on trust :p) is not enough.

we got in touch with the french "national comity for IT liberty" CNIL, and they seem to like the id, but we need terms ! It would be really cool if company can use this awsome tool to make the web a better place.

1 vote
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    nope shared this idea  ·   ·  Admin →

    3 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • AdminTroy Hunt (Admin, Have I been pwned?) commented  · 

        "who is running the website, where are the servers, what you do collect and do not collect."

        All of this is already in the FAQs. If you're saying that your company can't use the service because the title of the page is "FAQs" and not "T&Cs" then no, this is not a "feature" I'll implement, it's a bureaucratic problem with your company!

        If I've misunderstand and there's specific information missing from the site then please let me know what it is, but if it's merely "there is no page called T&Cs" then this may not be the right service for you.

      • nope commented  · 

        Thx for your fast answer !

        So it's not really about what's documented or not, it's pretty much having your "FAQ" on a "terms of service / use" page with a basic template.

        There are a lot of "basic" terms template that you can find, it must have some info like : who is running the website, where are the servers, what you do collect and do not collect...

        If you don't have a clue on how to do it i can help.

        It's just formalizing on a page, named : terms of service / use, all the info you give on the FAQ, and some there are on the blog.

        It would be really awsome !

      Feedback and Knowledge Base