get to prod tasks
This commit is contained in:
78
tasks/web-production/21-legal-pages.md
Normal file
78
tasks/web-production/21-legal-pages.md
Normal file
@@ -0,0 +1,78 @@
|
||||
# 21. Privacy Policy, TOS & Legal Pages
|
||||
|
||||
meta:
|
||||
id: web-production-21
|
||||
feature: web-production
|
||||
priority: P2
|
||||
depends_on: []
|
||||
tags: [compliance, legal, production]
|
||||
|
||||
objective:
|
||||
- Create and deploy all required legal pages for production operation
|
||||
|
||||
deliverables:
|
||||
- Privacy Policy page (/privacy)
|
||||
- Terms of Service page (/terms)
|
||||
- Cookie Policy page (/cookies)
|
||||
- Data Processing Agreement (DPA) page
|
||||
- Legal pages linked in footer
|
||||
|
||||
steps:
|
||||
1. Create Privacy Policy:
|
||||
- Data collection practices (what, why, how long)
|
||||
- Third-party services (Stripe, Clerk, Twilio, Firebase)
|
||||
- User rights (access, rectification, deletion, portability)
|
||||
- Contact information for privacy inquiries
|
||||
- Last updated date
|
||||
2. Create Terms of Service:
|
||||
- Service description and limitations
|
||||
- User responsibilities and prohibited conduct
|
||||
- Subscription terms and billing
|
||||
- Termination clauses
|
||||
- Limitation of liability
|
||||
- Dispute resolution
|
||||
3. Create Cookie Policy:
|
||||
- Types of cookies used (essential, analytics, marketing)
|
||||
- Purpose of each cookie
|
||||
- How to manage cookies
|
||||
- Third-party cookies
|
||||
4. Create Data Processing Agreement:
|
||||
- Roles and responsibilities
|
||||
- Data security measures
|
||||
- Subprocessor list
|
||||
- Breach notification procedures
|
||||
5. Add legal pages to app:
|
||||
- Create routes: /privacy, /terms, /cookies, /dpa
|
||||
- Add links in Footer component
|
||||
- Ensure pages are server-rendered for SEO
|
||||
6. Review with legal counsel:
|
||||
- Have privacy policy reviewed by attorney
|
||||
- Ensure compliance with applicable jurisdictions
|
||||
- Update based on feedback
|
||||
|
||||
tests:
|
||||
- Unit: Test routes render correctly
|
||||
- Integration: Verify links in footer navigate correctly
|
||||
- Compliance: Review with legal counsel
|
||||
|
||||
acceptance_criteria:
|
||||
- Privacy Policy live at /privacy
|
||||
- Terms of Service live at /terms
|
||||
- Cookie Policy live at /cookies
|
||||
- DPA live at /dpa
|
||||
- All pages linked in site footer
|
||||
- Pages reviewed and approved by legal counsel
|
||||
- Last updated date within 30 days of launch
|
||||
- Contact email for privacy inquiries functional
|
||||
|
||||
validation:
|
||||
- Navigate to /privacy → complete policy displayed
|
||||
- Click footer links → correct pages load
|
||||
- Legal counsel approval documented
|
||||
- Email to privacy@kordant.com → received
|
||||
|
||||
notes:
|
||||
- Consider using Termly or iubenda for generated policies
|
||||
- Ensure policies cover all data processors (Stripe, Clerk, etc.)
|
||||
- Update policies when adding new third-party services
|
||||
- Keep records of user consent to terms
|
||||
Reference in New Issue
Block a user