Privacy policy link is confusing

[andypiper]

There is a link labelled "privacy policy" in the footer of the Fediwall page.

This appears to redirect to the privacy policy page for the first Mastodon instance from the configuration, but there could be several.

I'm not certain how to suggest to resolve this. The implication of having the link is (to me) that this would be the privacy policy for the site in use, i.e. Fediwall; but that site is aggregating public timelines from elsewhere, and content may not be appearing from all of the instances in the configuration list (if there is nothing to show). Worth thinking about.

[defnull]

The thing is, a privacy policy does not really make sense for an application like Fediwall. It's a client side application, it does not ask for personal information and does not store or process anything outside of the users browser. The GDPR does not really apply here. But it's a website, and some people believe that privacy policy and contact information are required by EU law (it is not, in this case).

Most Fediwalls will only observe a single instance (because federation generally works) and that instance is the only party that actually processes personal information (IP addresses). So linking to that is a cheap way to be legally on the save side, and not lie to the user.

I planned to add a config option for that, though, so the hoster of a Fediwall (or wall-config.json) can override that link. I'll keep this open as a reminder.