Pautes de conservación de datos

From Meta, a Wikimedia project coordination wiki
Jump to navigation Jump to search
This page is a translated version of the page Data retention guidelines and the translation is 16% complete.

Outdated translations are marked like this.
Other languages:
Bahasa Indonesia • ‎Bahasa Melayu • ‎Basa Banyumasan • ‎Deutsch • ‎English • ‎Lëtzebuergesch • ‎Nederlands • ‎Nordfriisk • ‎Scots • ‎Türkçe • ‎asturianu • ‎azərbaycanca • ‎català • ‎dansk • ‎español • ‎français • ‎hrvatski • ‎la .lojban. • ‎norsk bokmål • ‎occitan • ‎polski • ‎português • ‎português do Brasil • ‎română • ‎suomi • ‎svenska • ‎čeština • ‎Ελληνικά • ‎български • ‎русский • ‎татарча/tatarça • ‎қазақша • ‎ייִדיש • ‎עברית • ‎اردو • ‎العربية • ‎سنڌي • ‎فارسی • ‎مصرى • ‎नेपाली • ‎हिन्दी • ‎ਪੰਜਾਬੀ • ‎தமிழ் • ‎తెలుగు • ‎中文 • ‎客家語/Hak-kâ-ngî • ‎日本語 • ‎한국어

Introducción

Los datos son importantes. Son una de les maneres al traviés de les que podemos aprender y crecer como organización y como movimientu, y podemos ameyorar los proyeutos pa aquellos que los usen pa crear, deprender y compartir. Al mesmu tiempu, comprometémonos a retener la so información privada «el menor tiempu posible que seya consistente col mantenimientu, comprensión y ameyoramientu de los sitios de Wikimedia, y coles nueses obligaciones baxo les lleis aplicables de los Estaos Xuníos» (cita de la Política de proteición de datos de la Fundación Wikimedia).

Esti documentu esplica cómo cumplimos esti compromisu, y describe les nueses normes para la retención de datos, diseño de sistemes, y auditoría y mantenimientu continuos. Estes normes quieren ser un documentu vivu — anovaránse nel tiempu pa espeyar les práctiques actuales de retención de datos.

¿A qué datos s'apliquen estes pautes?

Estes pautes aplíquense a tolos datos non públicos que recoyemos nos sitios de Wikimedia cubiertos pola Política de proteición de datos.

¿Cuánto tiempu retenemos los datos non públicos?

Si nun s'indica lo contrario, retenemos los siguientes tipos de datos, nunca más que los siguientes periodos de tiempu:

Tipu de datu Orixe Exemplos Periodu máximu de retención

Información personal

Collechada automáticamente d'un usuariu
  • Direiciones IP de los visitantes del sitiu (datos operativos)
  • Direcciones IP de los suxetos de prueba A/B (datos analíticos)
  • Identifying user-agent information of site visitors
After at most 90 days, it will be deleted, aggregated, or de-identified
Account settings
  • Email address
Until user deletes/changes the account setting.
Non-personal information Collected automatically from a user Indefinitely
After at most 90 days, it will be deleted, aggregated, or de-identified
Provided by a user
  • Logs of terms entered into the site's search box, or terms within prefilled links to the search engine that have been followed by user navigation
After at most 90 days, it will be deleted, aggregated, or de-identified
Provided by a user
  • Language
Until user deletes/changes the account setting.
Non-personal information not associated with a user account[T 1] Collected automatically from various users Indefinitely
Articles browsed by readers Collected automatically from a reader
  • A list of articles visited by readers
After at most 90 days, if retained at all, then only in aggregate form
  1. For the purposes of this table, "user account" means username, user ID, or IP address; "reader" means visitor to a Wikimedia project.

How long do we retain public data?

Wikimedia hosts Wikipedia and the associated projects as part of our mission to collect, document, and freely distribute the sum of human knowledge to the world. Accordingly, when you make a contribution to any Wikimedia Site, including on user or discussion pages, you are creating a permanent, public record of every piece of content added, removed, or altered by you. The page history will show when your contribution or deletion was made, as well as your username (if you are signed in) or your IP address (if you are not signed in). We may use your public contributions, either aggregated with the public contributions of others or individually, to create new features or data-related products for you, or to learn more about how the Wikimedia Sites are used. If you mistakenly included your personal information in a contribution to a Wikimedia Site and you would like to have it removed, please consult the community’s oversight policy. Keep in mind that the transparency and integrity of our sites’ revision histories is essential to our mission, and the Foundation supports our community’s right to reject oversight requests in order to protect the projects.

If you choose to register for an account with the Wikimedia projects, you will be asked to select a username. Usernames are retained until the user requests that the account be renamed, or goes through the community courtesy vanishing process.

For more information, see our Privacy Policy.

Definitions

For the purposes of these guidelines:

  • "Personal information" means information you provide us or information we collect from you that identifies or could be used to personally identify you. For details, please see the Wikimedia Foundation Privacy Policy and Non-Wiki Privacy Policy.
  • Some examples of "public information" would include:
    • (a) your IP address, if you edit without logging in;
    • (b) your gender, if it is disclosed under your user profile;
    • (c) any personal information you disclose publicly on the Wikimedia Sites, such as your real name or age.
  • Some examples of types of information that are considered to be "nonpublic information" include:
    • (a) your IP address, if you edit while logged in;
    • (b) your email address, if you provided one to us during account registration (but didn’t post it publicly); and
    • (c) your general location information as might be derived from your IP address, if you have not posted it publicly. The types of information that are considered "nonpublic" as opposed to "public" are more fully explained in our Privacy Policy.
  • Data is "de-identified" when when it has been aggregated or otherwise retained in a manner such that it can no longer be used to identify the user.
  • Data is "aggregated" when the data associated with a specific user has been combined with data from others to show general trends or values without identifying specific users.

An example of how data can be aggregated includes:

Using ranges rather than specific numbers, such as recording that there are "between 1 and 10 editors in language X in country Y" rather than recording that there are 4 editors.

Terms that are not defined in this document have the same meaning given to them in the Privacy Policy.

Exceptions to these guidelines

If we make exceptions to these guidelines, we will notify the community by describing the exception on this page.

  • Data may be retained in system backups for longer periods of time, not to exceed 5 years.
  • When we conduct a survey or other research, we will provide you with a privacy statement specifying the term of retention for information (including personal information) collected through your participation in such research. In certain cases, information may be retained indefinitely for educational, development, or other related purposes, unless otherwise indicated in the relevant privacy statement. Such information may be retained in raw, aggregated, or de-identified form until we receive a request from the participant to delete the information.
  • In rare cases, we, or particular users with certain administrative rights as described in our Privacy Policy, may need to retain your personal information, including your IP address and user agent information, for as long as reasonably necessary (which may be longer than the period described in the table above) to:
    • enforce or investigate potential violations of our Terms of Use, this Privacy Policy, or any Foundation or user community-based policies;
    • investigate and defend ourselves against legal threats or actions;
    • help protect against vandalism and abuse, fight harassment of other users, and generally try to minimize disruptive behavior on the Wikimedia Sites;
    • prevent imminent and serious bodily harm or death to a person, or to protect our organization, employees, contractors, users, or the public; or
    • detect, prevent, or otherwise assess and address potential spam, malware, fraud, abuse, unlawful activity, and security or technical concerns.

Audits and improvements

The Foundation is committed to continuous evaluation and improvement of these guidelines, and to periodic audits in order to identify such improvements. As we make changes to existing and systems, we will update these guidelines to reflect our changing practices.

Design of new systems

In order to support these data retention periods and our overall privacy policy, new tools and systems implemented by the Foundation will be designed with privacy in mind. This will include:

  • inclusion of these data retention guidelines as requirements during the design process;
  • legal consultation during the design and development process; and
  • inclusion of privacy considerations in the code review process.

Ongoing handling of new information

Despite our best efforts in designing and deploying new systems, we may occasionally record personal information in a way that does not comply with these guidelines. When we discover such an oversight, we will promptly comply with the guidelines by deleting, aggregating, or de-identifying the information as appropriate.

Contact us

If you think that these guidelines have potentially been breached, or if you have questions or comments about compliance with the guidelines, please contact us at privacy@wikimedia.org.

Privacy-related pages