diff --git a/docs/user/abandoned-projects.rst b/docs/user/abandoned-projects.rst index ac94186c1c8..fa6b79d1bc0 100644 --- a/docs/user/abandoned-projects.rst +++ b/docs/user/abandoned-projects.rst @@ -1,5 +1,5 @@ -Policy for Abandoned Projects -============================= +Abandoned projects policy +========================= This policy describes the process by which a Read the Docs project :term:`slug` may be changed. diff --git a/docs/user/index.rst b/docs/user/index.rst index 667b24ae713..60f0e5f4158 100644 --- a/docs/user/index.rst +++ b/docs/user/index.rst @@ -110,6 +110,7 @@ to help you create fantastic documentation for your project. /server-side-search/api /reference/features /server-side-search/syntax + /reference/policies Read the Docs feature overview @@ -307,10 +308,6 @@ of Read the Docs and the larger software documentation ecosystem. :hidden: :caption: About Read the Docs - security - dmca/index - abandoned-projects - unofficial-projects changelog about @@ -321,8 +318,6 @@ of Read the Docs and the larger software documentation ecosystem. advertising/index sponsors - legal/index - Developer Documentation glossary gsoc diff --git a/docs/user/legal/index.rst b/docs/user/legal/index.rst deleted file mode 100644 index e43193e4547..00000000000 --- a/docs/user/legal/index.rst +++ /dev/null @@ -1,28 +0,0 @@ -Legal Documents and Policies -============================ - -Here is some of the fine print used by |org_brand| and |com_brand|: - -.. toctree:: - :glob: - :hidden: - - /terms-of-service - /privacy-policy - security-policy - dpa/index - -:doc:`/terms-of-service` - The terms of service for using |org_brand| and |com_brand|. You may instead - have a master services agreement for your subscription if you have a custom - or enterprise contract. - -:doc:`/privacy-policy` - Our policy on collecting, storing, and protecting user and visitor data. - -:doc:`/legal/security-policy` - Our policies around application and infrastructure security. - -:doc:`/legal/dpa/index` - For GDPR and CCPA compliance, we provide a data processing addendum for - |com_brand| customers. diff --git a/docs/user/legal/security-policy.rst b/docs/user/legal/security-policy.rst index 0df5811419c..bfc85aa2502 100644 --- a/docs/user/legal/security-policy.rst +++ b/docs/user/legal/security-policy.rst @@ -1,4 +1,4 @@ -Security Policy +Security policy =============== Read the Docs adheres to the following security policies and procedures with @@ -73,3 +73,17 @@ Continuous integration Incident response Our engineering team is on a rotating on-call schedule to respond to security or availability incidents. + +Account security +---------------- + +* All traffic is encrypted in transit so your login is protected. +* Read the Docs stores only one-way hashes of all passwords. + Nobody at Read the Docs has access to your passwords. +* Account login is protected from brute force attacks with rate limiting. +* While most projects and docs on Read the Docs are public, + we treat your private repositories and private documentation as confidential + and Read the Docs employees may only view them + with your explicit permission in response to your support requests, + or when required for security purposes. +* You can read more about account privacy in our :doc:`/privacy-policy`. diff --git a/docs/user/privacy-policy.rst b/docs/user/privacy-policy.rst index 194cebbef8a..67b99518f95 100644 --- a/docs/user/privacy-policy.rst +++ b/docs/user/privacy-policy.rst @@ -1,7 +1,7 @@ .. This is linked from the footer of readthedocs.org .. and from the version (flyout) menu on docs sites -Privacy Policy +Privacy policy ============== Effective date: **September 30, 2019** diff --git a/docs/user/reference/policies.rst b/docs/user/reference/policies.rst new file mode 100644 index 00000000000..32db4054109 --- /dev/null +++ b/docs/user/reference/policies.rst @@ -0,0 +1,48 @@ +============================ +Policies and legal documents +============================ + +Here is some of the fine print used by |org_brand| and |com_brand|: + +.. File locations are a bit odd here because of legacy. +.. We will move files to new locations and create redirects in a later refactor + +.. toctree:: + :maxdepth: 1 + :hidden: + + /abandoned-projects + /unofficial-projects + /privacy-policy + /legal/security-policy + /security + /terms-of-service + DMCA takedown policy + /legal/dpa/index + +:doc:`/abandoned-projects` + Our policy of taking action on abandoned projects. + +:doc:`/unofficial-projects` + Our policy of taking action on unofficial and unmaintained projects. + +:doc:`/terms-of-service` + The terms of service for using |org_brand| and |com_brand|. You may instead + have a master services agreement for your subscription if you have a custom + or enterprise contract. + +:doc:`/privacy-policy` + Our policy on collecting, storing, and protecting user and visitor data. + +:doc:`/legal/security-policy` + Our policies around application and infrastructure security. + +:doc:`/security` + How we respond to security incidents and how you report a security issue. + +:doc:`/legal/dpa/index` + For GDPR and CCPA compliance, we provide a data processing addendum for + |com_brand| customers. + +:doc:`/dmca/index` + Our process for taking down content based on DMCA requests and how to submit requests. diff --git a/docs/user/security.rst b/docs/user/security.rst index fed0048e712..19e5e3f9e02 100644 --- a/docs/user/security.rst +++ b/docs/user/security.rst @@ -2,8 +2,8 @@ .. https://readthedocs.org/.well-known/security.txt .. https://readthedocs.org/security/ -Security -======== +Security reports +================ Security is very important to us at Read the Docs. We follow generally accepted industry standards to protect the personal information @@ -16,20 +16,10 @@ we are committed to responsible reporting and disclosure of security issues. :backlinks: none :depth: 1 +.. seealso:: -Account security ----------------- - -* All traffic is encrypted in transit so your login is protected. -* Read the Docs stores only one-way hashes of all passwords. - Nobody at Read the Docs has access to your passwords. -* Account login is protected from brute force attacks with rate limiting. -* While most projects and docs on Read the Docs are public, - we treat your private repositories and private documentation as confidential - and Read the Docs employees may only view them - with your explicit permission in response to your support requests, - or when required for security purposes. -* You can read more about account privacy in our :doc:`privacy-policy`. + :doc:`/legal/security-policy` + Read our policy for security, which we base our security handling and reporting on. Supported versions ------------------ diff --git a/docs/user/unofficial-projects.rst b/docs/user/unofficial-projects.rst index 374a04da69e..851452238aa 100644 --- a/docs/user/unofficial-projects.rst +++ b/docs/user/unofficial-projects.rst @@ -1,5 +1,5 @@ -Policy for Unofficial and Unmaintained Projects -=============================================== +Unofficial and unmaintained projects policy +=========================================== This policy describes a process where we take actions against unmaintained_ and unofficial_ forks of project documentation. @@ -84,7 +84,7 @@ Projects that are determined to be unmaintained_ and unofficial_ will have a ``r # robots.txt User-agent: * - # This project is delisted according to the Policy for Unofficial and Unmaintanied Projects + # This project is delisted according to the Unofficial and Unmaintanied Project Policy # https://docs.readthedocs.io/en/stable/unofficial-projects.html Disallow: /