CSO need terms to be able to use HIBP in their company.
We have integrated HIBP api in some of our security tools in our company in order to estimate the probability of one of our client getting hacked if his email appears in many breaches.
We beta tested it, but our legal staff pointed out that we needed terms on the website to be able to use it, as the fact you only tell that you don't collect and store email that are searched (we do trust you but legal team don't work on trust :p) is not enough.
we got in touch with the french "national comity for IT liberty" CNIL, and they seem to like the id, but we need terms ! It would be really cool if company can use this awsome tool to make the web a better place.
nope
shared this idea
-
"who is running the website, where are the servers, what you do collect and do not collect."
All of this is already in the FAQs. If you're saying that your company can't use the service because the title of the page is "FAQs" and not "T&Cs" then no, this is not a "feature" I'll implement, it's a bureaucratic problem with your company!
If I've misunderstand and there's specific information missing from the site then please let me know what it is, but if it's merely "there is no page called T&Cs" then this may not be the right service for you.
-
nope
commented
Thx for your fast answer !
So it's not really about what's documented or not, it's pretty much having your "FAQ" on a "terms of service / use" page with a basic template.
There are a lot of "basic" terms template that you can find, it must have some info like : who is running the website, where are the servers, what you do collect and do not collect...
If you don't have a clue on how to do it i can help.
It's just formalizing on a page, named : terms of service / use, all the info you give on the FAQ, and some there are on the blog.
It would be really awsome !
-
What are you actually looking for in terms which is not already documented on the site? Give me some more detail and I'll see if I can fill the gaps.
