Please note that we are an
independent non-profit and not affiliated with the companies listed in our
company database.
diff --git a/content/en/devlog/tweasel-update-4/data-tweasel-org-screenshot.png b/content/en/devlog/tweasel-update-4/data-tweasel-org-screenshot.png
new file mode 100644
index 000000000..3a5f319c4
Binary files /dev/null and b/content/en/devlog/tweasel-update-4/data-tweasel-org-screenshot.png differ
diff --git a/content/en/devlog/tweasel-update-4/index.md b/content/en/devlog/tweasel-update-4/index.md
new file mode 100644
index 000000000..6e8caabfe
--- /dev/null
+++ b/content/en/devlog/tweasel-update-4/index.md
@@ -0,0 +1,74 @@
+{
+ "title": "Tweasel update #4: Request database, tracker documentation and legal research",
+ "type": "devlog",
+ "date": "2023-10-05T19:08:23+02:00",
+ "description": "Our tweasel updates are back after the summer. We have made our request data publicly available, such that anyone can run SQL queries against our datasets. We have also better documented many of our TrackHAR adapters. Furthermore, we have begun doing legal research to inform our decisions on how to establish tracker IDs as personal data in our complaints.",
+ "authors": [ "baltpeter" ]
+}
+
+Now that summer is over, we’re back to our semi-regular updates from the [tweasel project](https://docs.tweasel.org/), where we are building a web app for fighting privacy violations in mobile apps. In this update, we are excited to announce that we have launched our open request database, where anyone can access and query the traffic data that we have collected from thousands of Android and iOS apps. We have also been busy documenting the trackers that we encounter in our data, using various sources and methods to identify the types of personal data that they transmit. Additionally, we have started doing legal research into how to establish tracker IDs as personal data and to prepare for writing our complaint templates.
+
+## TrackHAR and documentation
+
+* We have launched our open request database at [data.tweasel.org](https://data.tweasel.org/). We regularly run traffic analyses on thousands of Android and iOS apps. As we want to enable as many people as possible to look into the inner workings of trackers, we are finally publishing our datasets for other researchers, activists, journalists, and anyone else who is interested in understanding tracking. There are already 250k requests from between January 2021 and July 2023, with more to come in the future.
+
+ {{< img name="data-tweasel-org-screenshot.png" alt="Screenshot of data.tweasel.org, showing a query that returns multiple requests. The screenshot shows seven rows, with the following columns: initiator (e.g. com.amazon.dee.app@2.2.453377.0, com.opera.app.news@11.1.2254.67011), platform (android or ios), endpointUrl (e.g. https://us-u.openx.net/w/1.0/cm, https://csi.gstatic.com/csi), content (one requests has a base64-encoded binary content, another one has an XML document, for the others, the content is blank), and headers." >}}
+
+ To publish the data, we are using the phenomenal [Datasette](https://datasette.io/). We have installed a few plugins to provide even more features, and have written a custom plugin to enhance the display of requests in table views ([source code](https://github.com/tweaselORG/data.tweasel.org), [more details](https://github.com/tweaselORG/meta/issues/33)).
+
+ This setup allows anyone to run arbitrary SQL queries (enhanced with additional features by the plugins) against the data. We hope that this will enable others to do investigations that we couldn't even think of. To give just a few (pretty basic) examples of the kinds of queries that can be run:
+ * [endpoints that were contacted by the most apps](https://data.tweasel.org/data?sql=select+count(distinct+regex_replace(%27%40.%2B%3F%24%27%2C+coalesce(initiator%2C+%27%3Cno+app+ID%3E%27)%2C+%27%27))+appCount%2C+count(1)+requestCount%2C+endpointUrl+from+requests%0D%0Awhere+endpointUrl+is+not+null%0D%0Agroup+by+endpointUrl++order+by+appCount+desc+limit+101%3B)
+ * [requests by a particular app, e.g. Airbnb on Android](https://data.tweasel.org/data?sql=select+link(dataset%2C+id)%2C+initiator%2C+platform%2C+runType%2C+startTime%2C+method%2C+httpVersion%2C+endpointUrl%2C+scheme%2C+host%2C+port%2C+path%2C+content%2C+headers%2C+cookies+%0D%0Afrom+requests%0D%0Awhere+initiator+like+%3AappId+||+%27%40%25%27%0D%0Alimit+101%3B&appId=com.airbnb.android)
+ * [longest requests](https://data.tweasel.org/data?sql=select+length(content)+%2B+length(path)+%2B+length(headers)+%2B+length+(cookies)+as+length%2C+link(dataset%2C+id)%2C+initiator%2C+platform%2C+runType%2C+startTime%2C+method%2C+httpVersion%2C+endpointUrl%2C+scheme%2C+host%2C+port%2C+path%2C+content%2C+headers%2C+cookies+from+requests%0D%0Aorder+by+length+desc%0D%0Alimit+10%3B)
+* I've been busy [backing up our adapters with proper documentation](https://github.com/tweaselORG/TrackHAR/issues/9) on the reasoning behind why we think properties contain certain data types. In the first prerelease of TrackHAR, we have called most associations "obvious" but we want to do better than that. This is especially important for the complaints later on. It is a very labor-intensive process but this is also one of the main benefits our the adapter approach: We can provide verifiable evidence for each bit of data that we claim was transmitted. In fact, I have found that a surprising number of the trackers (around half) actually have public documentation on these properties that we can reference. Obviously, the companies themselves admitting to which types of data they collect is the best evidence we can get.
+
+ But sometimes, such documentation is not available. We have a [hierarchy of possible justifications](https://trackers.tweasel.org/research) that we go through in those cases: SDK source code, obvious property names, observed values match known device parameters, obvious observed values, experiments.
+
+ So far, I have produced documentation for the following trackers/adapters, adding missing properties and adapters along the way (though none of them are merged or released yet): [Adjust](https://github.com/tweaselORG/TrackHAR/issues/26) ([PR](https://github.com/tweaselORG/TrackHAR/pull/28)), [branch.io v1](https://github.com/tweaselORG/TrackHAR/issues/30) ([PR](https://github.com/tweaselORG/TrackHAR/pull/31)), [Bugsnag](https://github.com/tweaselORG/TrackHAR/pull/51), [Facebook](https://github.com/tweaselORG/TrackHAR/issues/27) ([PR](https://github.com/tweaselORG/TrackHAR/pull/35)), [ioam.de](https://github.com/tweaselORG/TrackHAR/issues/38) ([PR](https://github.com/tweaselORG/TrackHAR/pull/43)), [Microsoft App Center](https://github.com/tweaselORG/TrackHAR/issues/44) ([PR](https://github.com/tweaselORG/TrackHAR/pull/47)), [OneSignal](https://github.com/tweaselORG/TrackHAR/issues/49) ([PR](https://github.com/tweaselORG/TrackHAR/pull/50)), [singular.net](https://github.com/tweaselORG/TrackHAR/issues/16) ([PR](https://github.com/tweaselORG/TrackHAR/pull/24))
+* When I started the adapter work, we only had a very basic idea of how we actually wanted to document all this but I decided to just get my feet wet and gain a better understanding of the problem as I worked on it. That sparked some very [in-depth discussions](https://github.com/tweaselORG/meta/issues/3#issuecomment-1682038715). To summarize the main conclusions:
+ * Where should the documentation be stored (in pads hosted somewhere, in GitHub issues, in Markdown files in some repo, …)?
+We decided to keep the documentation as [Markdown files in the TrackHAR repo](https://github.com/tweaselORG/TrackHAR/pull/32), such that each page gets its own folder and each property its own file. We glue the sections together using Hugo in the `tracker-wiki` repo (which Lorenz has already [implemented](https://github.com/tweaselORG/tracker-wiki/pull/7)). This way, we can easily reference the reasoning for each property and generate links to the final documentation.
+ * [How should we archive the external links that we use as sources for our documentation?](https://github.com/tweaselORG/meta/issues/36)
+This one is particularly tricky. We ideally want to use an established and trusted service like the [Wayback Machine](https://web.archive.org/) but that has issues with lots of the pages we tried (sites blocking the archiving resulting in broken snapshots, dynamic content not being captured properly). The only other public alternative is archive.today, which is heavily gated behind reCAPTCHA and cannot be automated. Meanwhile, the available self-hosted solutions all have their own problems, and we wouldn't be able to host them publicly anyway due to copyright issues. In the end, we decided to create our own solution, keeping that as simple as possible:
+ * We store the original links in the `reasoning` field of the adapters, and have a file watcher that tries to archive them using the [Save Page Now API](https://archive.org/details/spn-2-public-api-page-docs-2023-01-22) of archive.org. Errors are recorded in a local file so we can retry using an exponential backoff strategy. Lorenz has mostly [implemented](https://github.com/tweaselORG/TrackHAR/pull/54) this already.
+
+ The archived links are stored in a CSV file in the TrackHAR repo and have redirects set up in a subfolder on `trackers.tweasel.org`.
+ * If automatic archiving fails, we have to manually create a snapshot on a public archive, likely using archive.today and add that to the CSV.
+ * We will manually take screenshots and PDFs of the pages, and upload them to a Nextcloud folder or similar. These can unfortunately not be hosted publicly.
+ * We'll create a [linting script](https://github.com/tweaselORG/TrackHAR/issues/33) that warns us on commit if some of the links have not been archived.
+ * What do we even want to document, how in-depth do we want to go? Do we always need to reference official documentation if available?
+We decided that we will only document things related to the properties in our adapters to avoid scope creep, even though there are a lot of (disturbingly) interesting admissions on tracker websites. It is fine to use "obvious" as a reasoning if the property name or value is self-explanatory. We do not need to seek out official documentation for every property, but we should update our documentation if we find it later. We also decided that we won't document properties that are listed in official documentation but that we have not observed in our requests, as we only rely on the data we find.
+ * How do we document the honey data that we use for our analysis?
+We decided to document the honey data as JSON in the `datasets` table of `data.tweasel.org` and create a nice human-readable view using a plugin.
+* To enable the adapter work, I've written a [script for debugging adapters](https://github.com/tweaselORG/TrackHAR/pull/17) that allows you to run an adapter against *all* matching requests in our request database. And as I said, that database (including its API) is public, so *anyone* can use this, not just us.
+
+ {{< img name="trackhar-debug-script-screenshot.png" alt="Screenshot of the debug script being run in a terminal. It shows properties (manfacturer, model, isRooted, carrier, screenHeight, etc.) being matched to values. For example, the values for osVersion are 11 and 13, for isEmulator: true and false, for timezone: 3600000." >}}
+
+ This is quite a powerful tool for ensuring that our adapters are correct—you can quite easily spot transmissions that don't match your initial expectations and correct the adapter accordingly.
+* The adapter work has also given rise to quite a few architecture issues and questions for TrackHAR that we'll have to consider:
+ * [How do we deal with tracker-specific "empty" values?](https://github.com/tweaselORG/TrackHAR/issues/46), e.g. if `idfa: none` is transmitted, we don't want to identify an IDFA transmission. I've proposed `onlyIf` and `notIf` regex filters in `DataPath`.
+ * [How fine-grained do we want to be with our categorisation of proprietary IDs?](https://github.com/tweaselORG/TrackHAR/issues/45). Currently, they all end up as `otherIdentifiers`, but there are various different types. In the complaints, we'll have to [argue for each one why it is personal data](https://github.com/tweaselORG/TrackHAR/issues/25#issuecomment-1735287854). Does that mean that we need a specific property and justification blurb for each possible ID? Or can we maybe get away with just having more granular ID types (session, device, user, installation, …)?
+ * [How do we represent transmitted events?](https://github.com/tweaselORG/TrackHAR/issues/37)
+ * [I don't think we should list the locale under `country` anymore.](https://github.com/tweaselORG/TrackHAR/issues/22)
+ * I proposed [renaming our current `idfa` property to `advertisingId`, and `ifdv` to `developerScopedId`](https://github.com/tweaselORG/TrackHAR/issues/21) to avoid making them sound iOS-specific.
+ * We should be more clever in recognizing endpoint URLs, by at least [trimming trailing slashes](https://github.com/tweaselORG/TrackHAR/issues/34).
+* Finally, I have started investigating Google's tracking endpoints more thoroughly. Those are mostly not publicly documented and use Protobuf as the transmission format, which doesn't contain any property names that we could rely on. I've made good progress on a [new adapter for `firebaselogging-pa.googleapis.com`](https://github.com/tweaselORG/TrackHAR/issues/52), which is actually the fourth most common endpoint in our dataset (as you can see for yourself on [`data.tweasel.org`](https://data.tweasel.org/data?sql=select+count(distinct+regex_replace(%27%40.%2B%3F%24%27%2C+coalesce(initiator%2C+%27%3Cno+app+ID%3E%27)%2C+%27%27))+appCount%2C+count(1)+requestCount%2C+endpointUrl+from+requests%0D%0Awhere+endpointUrl+is+not+null%0D%0Agroup+by+endpointUrl++order+by+appCount+desc+limit+101%3B)). I've discovered the actual Protobuf schemas for those scattered around various public Google repositories, which will allow us to definitively identify the transmitted properties.
+
+ I've also started [looking into `app-measurement.com`](https://github.com/tweaselORG/TrackHAR/issues/53), but not gotten too far yet.
+
+## Complaints
+
+* I have started doing legal research, looking into relevant complaints, court submissions, decisions, rulings, recommendations, and legal commentary regarding tracking to inform our decisions on how we establish tracker IDs as personal data in our complaints and also prepare for writing our complaint templates. I have collected a [comprehensive list of sources to go through](https://github.com/tweaselORG/meta/issues/38). I am using [Hypothes.is](https://web.hypothes.is/) to organise and annotate them as I go along. Unfortunately, we cannot share these annotations publicly as the source material is copyrighted but I have documented my [main conclusions and learnings](https://github.com/tweaselORG/meta/issues/38#issuecomment-1739101286).
+
+ Based on that research, I am also keeping lists of relevant [decisions/judgements by DPAs and courts](https://github.com/tweaselORG/meta/issues/35), [complaints by others as a reference](https://github.com/tweaselORG/meta/issues/39), and [national implementations of Art. 5(3) ePrivacy directive](https://github.com/tweaselORG/meta/issues/10).
+
+## Outreach
+
+* We gave a (German) [talk for Topio's lecture series "human rights in the digital age"](https://www.datenanfragen.de/verein/event/topio-09-2023/), aimed at a non-technical audience. Topio is a Berlin based non-profit that offers people free support on privacy topics. While the first half of the talk focused on datarequests.org, the second half was about our work into mobile tracking and what we're doing with tweasel. Unfortunately, there is no recording but I created an [annotated presentation](https://github.com/datenanfragen/website/pull/1100) (not merged yet), inspired by Simon Willison.
+* Fellow privacy NGO [noyb filed their first three complaints against illegal tracking in mobile apps](https://noyb.eu/en/how-mobile-apps-illegally-share-your-personal-data) with the French CNIL, namely MyFitnessPal, Fnac and SeLoger. We were happy to contribute some insights from our research, which is also cited in the [complaints](https://noyb.eu/sites/default/files/2023-09/Complaint%20Fnac%20EN_redacted.pdf). We are looking forward to see the results of these complaints and will be following them closely to inform our own complaints.
+
+ As we have mentioned before: If you're also working against (mobile) tracking, absolutely do [reach out](https://www.datarequests.org/contact/) so we can collaborate and share our knowledge!
+
+## Libraries
+
+* We have noticed that our tools and libraries are currently broken on Windows. We have identified at least two problems so far: [`appstraction`'s `postinstall` script is broken](https://github.com/tweaselORG/appstraction/issues/118) and [Android emulators don't work](https://github.com/tweaselORG/andromatic/issues/9). Lorenz has [started work on the former](https://github.com/tweaselORG/appstraction/pull/120), finding differences in command separators in \*nix and Windows shells as the problem.
diff --git a/content/en/devlog/tweasel-update-4/trackhar-debug-script-screenshot.png b/content/en/devlog/tweasel-update-4/trackhar-debug-script-screenshot.png
new file mode 100644
index 000000000..30f807e87
Binary files /dev/null and b/content/en/devlog/tweasel-update-4/trackhar-debug-script-screenshot.png differ
diff --git a/content/en/verein/board.md b/content/en/verein/board.md
index 5652b1690..38eded53a 100644
--- a/content/en/verein/board.md
+++ b/content/en/verein/board.md
@@ -7,6 +7,7 @@
All important business of the association is conducted by the executive board. According to our {{< link slug="verein/constitution#7-the-board" text="constitution" >}}, the board is composed of two equal chairpersons, who represent the association jointly, and an arbitrary number of assessors, who check and support the board in its work. The current board has been elected in the general assembly on July 16, 2020, and consists of:
+
* Benjamin Altpeter, Chairperson ([benni@datenanfragen.de](mailto:benni@datenanfragen.de), [PGP key](/pgp/AF1381BD.asc)
`9F99 3663 0B82 D3C7 DFC9 23F6 EB5C F074 AF13 81BD`)
* Lorenz Sieben, Chairperson ([lorenz@datenanfragen.de](mailto:lorenz@datenanfragen.de), [PGP key](/pgp/4C44A6EF.asc)
@@ -28,3 +29,4 @@ You can contact the board through several different ways:
Schreinerweg 6
38126 Braunschweig
Germany*
+
diff --git a/content/es/contact.md b/content/es/contact.md
index 80d3368e0..c9db8fe0f 100644
--- a/content/es/contact.md
+++ b/content/es/contact.md
@@ -7,6 +7,7 @@
## Información de acuerdo con § 5 de la ley alemana de telecomunicaciones (TMG)
+
**Dirección postal:**
Datenanfragen.de e. V.
Schreinerweg 6
@@ -23,6 +24,7 @@ Datenanfragen.de e. V. es una organización sin fines de lucro que figura e
**Responsable del contenido según § 18(2) Tratado Interestatal Alemán de Medios *(MStV)*:**
Benjamin Altpeter, Schreinerweg 6, 38126 Braunschweig, Alemania
+
Ten en cuenta que somos una
organización sin fines de lucro independiente y no estamos afiliados a las empresas que figuran en nuestra
base de datos de empresas.
diff --git a/content/es/donate.md b/content/es/donate.md
index 2f3699af4..0131d5636 100644
--- a/content/es/donate.md
+++ b/content/es/donate.md
@@ -43,10 +43,12 @@ Como organización sin fines de lucro de beneficio público, también podemos em
Si no deseas revelar tu identidad, puedes utilizar una moneda criptográfica anónima o enviarnos dinero en efectivo por correo a nuestra dirección:
+
*Datenanfragen.de e. V.
Schreinerweg 6
38126 Braunschweig
Alemania*
+
Para donaciones en efectivo, sugerimos utilizar el servicio postal alemán [WERT NATIONAL](https://www.deutschepost.de/de/w/wert-national.html) o un producto similar ofrecido por tu oficina de correos local. No recomendamos enviar donaciones en efectivo a nivel internacional. En cualquier caso, asegúrate de que el contenido de tu carta no sea visible desde el exterior.
diff --git a/content/es/privacy.md b/content/es/privacy.md
index 820dea36e..890d31f2c 100644
--- a/content/es/privacy.md
+++ b/content/es/privacy.md
@@ -33,6 +33,7 @@ Con nuestro sitio web solicituddedatos.es (así como sus traducciones), queremos
El responsable del tratamiento según se define en el art. 4 (7) RGPD para los servicios mencionados en el "Alcance" es:
+
Datenanfragen.de e. V.
Schreinerweg 6
38126 Braunschweig
@@ -47,6 +48,7 @@ Email: [privacy@datenanfragen.de](mailto:privacy@datenanfragen.de) ([PGP key](ht
Web: [www.datarequests.org/verein](https://www.datarequests.org/verein)
Si tienes alguna pregunta sobre nuestra política de privacidad, crees que estamos violando las leyes de protección de datos o deseas hacer valer tus derechos, no dudes en contactarnos en cualquier momento.
+
### Do Not Track (DNT)
diff --git a/content/es/verein/board.md b/content/es/verein/board.md
index fe160ed32..ce17bce0e 100644
--- a/content/es/verein/board.md
+++ b/content/es/verein/board.md
@@ -6,7 +6,7 @@
}
Todos los asuntos importantes de la asociación están a cargo de la junta directiva. Según nuestra {{< link slug="verein/constitution#7-the-board" text="constitución" >}}, la junta está compuesta por dos presidentes iguales, que representan conjuntamente a la asociación, y un número arbitrario de asesores, que controlan y apoyan a la junta en su trabajo. La junta actual ha sido elegida en la asamblea general el 16 de julio de 2020 y está formada por:
-
+
* Benjamin Altpeter, Presidente ([benni@datenanfragen.de](mailto:benni@datenanfragen.de), [PGP key](/pgp/AF1381BD.asc)
`9F99 3663 0B82 D3C7 DFC9 23F6 EB5C F074 AF13 81BD`)
* Lorenz Sieben, Presidente ([lorenz@datenanfragen.de](mailto:lorenz@datenanfragen.de), [PGP key](/pgp/4C44A6EF.asc)
@@ -28,3 +28,4 @@ Puede contactar con la junta a través de varias formas diferentes:
Schreinerweg 6
38126 Braunschweig
Alemania*
+
\ No newline at end of file
diff --git a/content/fr/blog/sample-letter-gdpr-access-request/index.md b/content/fr/blog/sample-letter-gdpr-access-request/index.md
index ff3bd6c69..ca3dc1375 100644
--- a/content/fr/blog/sample-letter-gdpr-access-request/index.md
+++ b/content/fr/blog/sample-letter-gdpr-access-request/index.md
@@ -47,7 +47,7 @@ Ci-dessous est notre lettre pour les demandes d'accès concernant l'Article 15 d
Ma demande comprend explicitement tous les autres services et sociétés dont vous êtes responsable comme défini dans l'Article 4, alinéa 7 du RGPD .
-
Conformément à l'Article 12, alinéa 3 du RGPD, vous devez me fournir les informations demandées dans les meilleurs délais et, dans tout les cas, dans un délai d'un mois après réception de la demande. Conformément à l'Article 15, alinéa 3 du RGPD, vous devez répondre à cette demande sans frais de ma part.
+
Conformément à l'Article 12, alinéa 3 du RGPD, vous devez me fournir les informations demandées dans les meilleurs délais et, en tout état de cause, dans un délai d'un mois après réception de la demande. Conformément à l'Article 15, alinéa 3 du RGPD, vous devez répondre à cette demande sans frais de ma part.
J'inclus les informations suivantes nécessaires pour m'identifier :
Insère ici tes données pour l'identification. Ce sont souvent des informations telles que ton nom, ta date de naissance, ton adresse, ton adresse e-mail, etc.
diff --git a/content/fr/contact.md b/content/fr/contact.md
index 5ec5147ab..126963e46 100644
--- a/content/fr/contact.md
+++ b/content/fr/contact.md
@@ -5,6 +5,7 @@
## Informations relatives au paragraphe 5 de la loi allemande sur les télémédias (TMG)
+
**Adresse postale** (pas d'horaires de bureau) :
Datenanfragen.de e. V.
Schreinerweg 6
@@ -21,6 +22,7 @@ Datenanfragen.de e. V. est une association à but non lucratif enregistrée
**Responsable de la publication, conformément au paragraphe 18, alinéa 2 du traité allemand «médias» (MStV) :**
Benjamin Altpeter, Schreinerweg 6, 38126 Braunschweig, Allemagne
+
Note que nous sommes une organisation
indépendante et à but non lucratif et que nous ne sommes pas affiliés aux entreprises listées dans notre
base de données d'entreprises.
diff --git a/content/fr/verein/board.md b/content/fr/verein/board.md
index 2e828a76c..befa18561 100644
--- a/content/fr/verein/board.md
+++ b/content/fr/verein/board.md
@@ -7,6 +7,7 @@
Toutes les affaires importantes de l'association sont menées par le comité directeur. Conformément à notre {{< link slug="/verein/constitution" text="constitution" fragment="7-le-comité-directeur" >}}, le comité directeur est composé de deux présidents paritaires, qui représentent conjointement l'association, et d'un nombre arbitraire de conseillers, qui contrôlent et soutiennent le comité directeur dans son travail. Le comité actuel a été élu lors de l'assemblée générale du 16 juillet 2020 et se compose de :
+
* Benjamin Altpeter, Président associé ([benni@datenanfragen.de](mailto:benni@datenanfragen.de), [Clé PGP](/pgp/AF1381BD.asc)
`9F99 3663 0B82 D3C7 DFC9 23F6 EB5C F074 AF13 81BD`)
* Lorenz Sieben, Président associé ([lorenz@datenanfragen.de](mailto:lorenz@datenanfragen.de), [Clé PGP](/pgp/4C44A6EF.asc)
@@ -28,3 +29,4 @@ Tu peux contacter le comité directeur de différentes façons :
Schreinerweg 6
38126 Braunschweig
Allemagne*
+
diff --git a/content/fr/verein/transparency.md b/content/fr/verein/transparency.md
index 7d1a975b3..81cca6dc5 100644
--- a/content/fr/verein/transparency.md
+++ b/content/fr/verein/transparency.md
@@ -14,6 +14,7 @@ Ces informations ont été mises à jour pour la dernière fois le 30 mai 2021.
Ces informations sont également disponibles sur notre page de {{< link slug="contact" text="contact" >}}.
+
- Nom : Datenanfragen.de e. V.
- Siège social : Braunschweig, Allemagne
- Registre : Registre des associations du tribunal du district de Braunschweig
@@ -25,6 +26,7 @@ Ces informations sont également disponibles sur notre page de {{< link slug="co
Allemagne
- Date de création : 14 juin 2018
- Contact pour la transparence : Benjamin Altpeter ([transparenz@datenanfragen.de](mailto:transparenz@datenanfragen.de) ou via l'adresse mentionnée plus haut)
+
## 2. Constitution et objectifs
diff --git a/content/hr/contact.md b/content/hr/contact.md
index 4bb60d5bf..7db9b342e 100644
--- a/content/hr/contact.md
+++ b/content/hr/contact.md
@@ -7,6 +7,7 @@
## Podaci na osnovi članka 5. njemačkog zakona o telekomunikaciji (TMG)
+
**Poštanska adresa**:
Datenanfragen.de e. V.
Schreinerweg 6
@@ -23,6 +24,7 @@ Datenanfragen.de e. V. je neprofitna organizacija i registrirana je udruga
**Odgovornost za sadržaj prema članku 55. stavka 2. njemačkog državnog ugovora o medijima (MStV):**
Benjamin Altpeter, Schreinerweg 6, 38126 Braunschweig, Deutschland
+
Napominjemo da smo
neovisna neprofitna organizacija i da nismo povezani s poduzećima navedenima u našoj
bazi podataka poduzeća.
diff --git a/content/hr/open-source.md b/content/hr/open-source.md
index ef238e92a..e65e68a81 100644
--- a/content/hr/open-source.md
+++ b/content/hr/open-source.md
@@ -130,5 +130,5 @@ Ponosni smo što možemo koristiti sljedeće projekte za ovu web-stranicu. Zahva
Licence svih korištenih projekata nalaze se [ovdje]({{< absURL "NOTICES.txt" >}}).
- {{< attribution "by" >}}
+ {{< attribution "od" >}}
diff --git a/content/hr/verein/board.md b/content/hr/verein/board.md
index 64a993e36..96670892e 100644
--- a/content/hr/verein/board.md
+++ b/content/hr/verein/board.md
@@ -7,6 +7,7 @@
Sve važne poslove udruge vodi izvršni odbor. Prema našem {{< link slug="verein/constitution#7-the-board" text="statutu" >}}, odbor se sastoji od dviju predsjedavajućih osoba, koje zajednički predstavljaju udrugu te proizvoljnog broja asesora, koji provjeravaju i podržavaju odbor u radu. Dosadašnji odbor izabran je na glavnoj skupštini 16. srpnja 2020. godine, a čine ga:
+
* Benjamin Altpeter, predsjednik ([benni@datenanfragen.de](mailto:benni@datenanfragen.de), [PGP key](/pgp/AF1381BD.asc)
`9F99 3663 0B82 D3C7 DFC9 23F6 EB5C F074 AF13 81BD`)
* Lorenz Sieben, predsjednik ([lorenz@datenanfragen.de](mailto:lorenz@datenanfragen.de), [PGP key](/pgp/4C44A6EF.asc)
@@ -28,3 +29,4 @@ Odbor se može kontaktirati na nekoliko načina:
Schreinerweg 6
38126 Braunschweig
Germany*
+
\ No newline at end of file
diff --git a/content/hr/verein/transparency.md b/content/hr/verein/transparency.md
index 13780920b..f6ac6dd9f 100644
--- a/content/hr/verein/transparency.md
+++ b/content/hr/verein/transparency.md
@@ -13,6 +13,7 @@ Ove su informacije zadnji put aktualizirane 30. svibnja 2021.
Ovi su podaci također dostupni na našoj stranici {{< link slug="contact" text="Kontakt" >}}.
+
- Ime: Datenanfragen.de e. V.
- Sjedište: Braunschweig, Njemačka
- Registar: Registar udruga pri Okružnom sudu u Braunschweigu
@@ -24,6 +25,7 @@ Ovi su podaci također dostupni na našoj stranici {{< link slug="contact" text=
Njemačka
- Datum osnivanja: 14. lipnja 2018.
- Kontakt osoba za transparentnost: Benjamin Altpeter ([transparenz@datenanfragen.de](mailto:transparenz@datenanfragen.de) ili putem gore navedene adrese)
+
## 2. Statut i svrha
diff --git a/cypress/e2e/old-bugs/donation-widget-nan.spec.js b/cypress/e2e/old-bugs/donation-widget-nan.spec.js
index 5d1159984..465b5b088 100644
--- a/cypress/e2e/old-bugs/donation-widget-nan.spec.js
+++ b/cypress/e2e/old-bugs/donation-widget-nan.spec.js
@@ -31,7 +31,7 @@ describe('Donation widget amount', () => {
// testMethod('Credit card');
testMethod('Crypto currency');
testMethod('PayPal');
- testMethod('Other payments');
+ //testMethod('Other payments');
});
it('Donation of negative values via bank transfer should not be allowed', () => {
diff --git a/cypress/e2e/privacy-controls/company-search-page.spec.js b/cypress/e2e/privacy-controls/company-search-page.spec.js
index 42f17494f..ee0f74ab3 100644
--- a/cypress/e2e/privacy-controls/company-search-page.spec.js
+++ b/cypress/e2e/privacy-controls/company-search-page.spec.js
@@ -4,7 +4,7 @@ describe('Search bar on company search page', () => {
cy.contains('Get access').click();
cy.get('.ais-SearchBox-input').type('twitter');
- cy.contains('Twitter International Company');
+ cy.contains('Twitter International Unlimited Company');
});
it('is not active when the privacy control is disabled', () => {
diff --git a/layouts/company/single.html b/layouts/company/single.html
index b5151a5eb..9cb885a67 100644
--- a/layouts/company/single.html
+++ b/layouts/company/single.html
@@ -21,47 +21,49 @@
-
+
+
- {{ T "cdb-intro" . }}
+ {{ T "cdb-intro" . }}
- {{ with .Params.address }}
-
- {{ T "cdb-address" }}
{{ $.Params.name }}
{{ T "cdb-attn" }}
{{ replace . "\n" "
" | safeHTML }}
-
- {{ end }}
- {{ if or .Params.phone .Params.fax .Params.email .Params.webform .Params.web }}
-
- {{ end }}
+ {{ with .Params.address }}
+
+ {{ T "cdb-address" }}
{{ $.Params.name }}
{{ T "cdb-attn" }}
{{ replace . "\n" "
" | safeHTML }}
+
+ {{ end }}
+ {{ if or .Params.phone .Params.fax .Params.email .Params.webform .Params.web }}
+
+ {{ end }}
+
{{ if and (index .Params "pgp-fingerprint") (index .Params "pgp-url") }}
@@ -116,7 +118,19 @@
{{ T "cdb-warning-unverified" (dict "editUrl" (print ("suggest" | absURL) "#!type=edit&for=cdb&slug=" .Params.slug)) | safeHTML }}
{{ end }}
- {{ partialCached "related-companies.html" . .Params.categories (.Param "relevant-countries") }}
+ {{ $related_pages := partialCached "functions/related-companies.html" . .Params.categories (.Param "relevant-countries") }}
+ {{ $related_pages := where $related_pages "page.Params.slug" "!=" $.Params.slug }}
+ {{ with $related_pages }}
+
+ {{ end }}
diff --git a/layouts/partials/functions/related-companies.html b/layouts/partials/functions/related-companies.html
new file mode 100644
index 000000000..464681383
--- /dev/null
+++ b/layouts/partials/functions/related-companies.html
@@ -0,0 +1,67 @@
+{{ $related_pages := slice }}
+
+{{ if not .Site.Params.devMode }}
+
+ {{ $num_categories := (cond (isset .Params "categories") .Params.categories slice) | len }}
+ {{ $num_countries := (.Param "relevant-countries") | len }}
+
+ {{ $lowest_score := 999999 }}
+
+ {{ range (where (where .Site.Pages "Section" "company") "Params.categories" "intersect" .Params.categories) }}
+ {{ if not .Params.nsfw }}
+ {{ $num_common_categories := intersect $.Params.categories .Params.categories | len }}
+ {{ $num_common_countries := intersect ($.Param "relevant-countries") (.Param "relevant-countries") | len }}
+ {{ $score := add (div (float $num_common_categories) $num_categories) (div $num_common_countries $num_countries) }}
+
+ {{ if (or (lt ($related_pages | len) 5) (gt $score $lowest_score)) }}
+ {{ $related_pages = $related_pages | append (dict "page" . "score" $score) }}
+
+ {{ if lt $score $lowest_score }}
+ {{ $lowest_score = $score }}
+ {{ end }}
+ {{ end }}
+ {{ end }}
+ {{ end }}
+ {{ $related_pages = sort $related_pages "score" "desc" }}
+{{ else }}
+ {{ $datenanfragenPermalink := ref . "company/datenanfragen" }}
+ {{ $related_pages = slice
+ (dict
+ "page" (dict
+ "Permalink" $datenanfragenPermalink
+ "Params" (dict "name" "Darkenanfragen AG")
+ )
+ "score" 1.0
+ )
+ (dict
+ "page" (dict
+ "Permalink" $datenanfragenPermalink
+ "Params" (dict "name" "Acme Inc.")
+ )
+ "score" 1.0
+ )
+ (dict
+ "page" (dict
+ "Permalink" $datenanfragenPermalink
+ "Params" (dict "name" "Ace Corporation")
+ )
+ "score" 1.0
+ )
+ (dict
+ "page" (dict
+ "Permalink" $datenanfragenPermalink
+ "Params" (dict "name" "Foo Bar Co.")
+ )
+ "score" 1.0
+ )
+ (dict
+ "page" (dict
+ "Permalink" $datenanfragenPermalink
+ "Params" (dict "name" "Mum and Pop Ltd.")
+ )
+ "score" 1.0
+ )
+ }}
+{{ end }}
+
+{{ return $related_pages }}
diff --git a/layouts/partials/related-companies.html b/layouts/partials/related-companies.html
deleted file mode 100644
index e809e80ed..000000000
--- a/layouts/partials/related-companies.html
+++ /dev/null
@@ -1,48 +0,0 @@
-
-{{ if not .Site.Params.devMode }}
- {{ $related_pages := slice }}
-
- {{ $num_categories := (cond (isset .Params "categories") .Params.categories slice) | len }}
- {{ $num_countries := (.Param "relevant-countries") | len }}
-
- {{ $lowest_score := 999999 }}
-
- {{ range (where (where .Site.Pages "Section" "company") "Params.categories" "intersect" .Params.categories) }}
- {{ if and (ne .Permalink $.Permalink) (not .Params.nsfw) }}
- {{ $num_common_categories := intersect $.Params.categories .Params.categories | len }}
- {{ $num_common_countries := intersect ($.Param "relevant-countries") (.Param "relevant-countries") | len }}
- {{ $score := add (div (float $num_common_categories) $num_categories) (div $num_common_countries $num_countries) }}
-
- {{ if (or (lt ($related_pages | len) 5) (gt $score $lowest_score)) }}
- {{ $related_pages = $related_pages | append (dict "page" . "score" $score) }}
-
- {{ if lt $score $lowest_score }}
- {{ $lowest_score = $score }}
- {{ end }}
- {{ end }}
- {{ end }}
- {{ end }}
- {{ $related_pages = sort $related_pages "score" "desc" }}
- {{ with $related_pages }}
-
- {{ end }}
-{{ else }}
-
-{{ end }}
diff --git a/scripts/build-sample-letters/res/i18n.json b/scripts/build-sample-letters/res/i18n.json
index f39e0c8c8..2cc9b28ef 100644
--- a/scripts/build-sample-letters/res/i18n.json
+++ b/scripts/build-sample-letters/res/i18n.json
@@ -160,7 +160,7 @@
"access-body-030": "Si vous transférez mes données à caractère personnel vers un pays tiers ou une organisation internationale, je demande à être informé des garanties appropriées concernant le transfert, conformément à l'Article 46 du RGPD.",
"access-body-040": "[data_portability>Veuillez mettre à ma disposition les données à caractère personnel me concernant que je vous ai fournies dans un format structuré, couramment utilisé et lisible par machine, conformément à l'Article 20, alinéa 1, du RGPD.]",
"access-body-050": "Ma demande comprend explicitement [runs>ce qui suit ainsi que ]tous les autres services et sociétés dont vous êtes responsable comme défini dans l'Article 4, alinéa 7 du RGPD [runs>: {runs_list}].",
- "access-body-060": "Conformément à l'Article 12, alinéa 3 du RGPD, vous devez me fournir les informations demandées dans les meilleurs délais et, dans tout les cas, dans un délai d'un mois après réception de la demande. Conformément à l'Article 15, alinéa 3 du RGPD, vous devez répondre à cette demande sans frais de ma part.",
+ "access-body-060": "Conformément à l'Article 12, alinéa 3 du RGPD, vous devez me fournir les informations demandées dans les meilleurs délais et, en tout état de cause, dans un délai d'un mois après réception de la demande. Conformément à l'Article 15, alinéa 3 du RGPD, vous devez répondre à cette demande sans frais de ma part.",
"access-filename": "modele-lettre-rdpd-acces-demandetesdonnees.fr",
"erasure-subject": "Demande de suppression des données personnelles conformément à l'Art. 17 du RGPD",
diff --git a/src/Components/CommentsWidget.tsx b/src/Components/CommentsWidget.tsx
index ad853e9f9..39c7dea6d 100644
--- a/src/Components/CommentsWidget.tsx
+++ b/src/Components/CommentsWidget.tsx
@@ -4,7 +4,7 @@ import { IntlProvider, Text, MarkupText } from 'preact-i18n';
import { FlashMessage, flash } from '../Components/FlashMessage';
import { StarWidget } from './StarWidget';
import t from '../Utility/i18n';
-import { rethrow, WarningException } from '../Utility/errors';
+import { ErrorException, rethrow, WarningException } from '../Utility/errors';
import { useAppStore } from '../store/app';
const api_url = 'https://backend.datenanfragen.de/comments';
@@ -226,8 +226,12 @@ export function CommentForm(props: CommentFormProps) {
...(props.allowRating && rating ? { additional: { rating } } : {}),
}),
})
- .then((res) => {
- if (!res.ok) throw new Error('Unexpected response from comments server.');
+ .then(async (res) => {
+ const payload = await res.json();
+
+ if (payload.message?.includes('length must be less than')) {
+ flash(
{t('send-too-long', 'comments')});
+ } else if (!res.ok) throw new ErrorException('Unexpected response from comments server.', payload);
flash(
{t('send-success', 'comments')});
setMessage('');
diff --git a/src/Components/DonationWidget.tsx b/src/Components/DonationWidget.tsx
index d043bf3e5..7313c9b3b 100644
--- a/src/Components/DonationWidget.tsx
+++ b/src/Components/DonationWidget.tsx
@@ -12,7 +12,7 @@ import { Radio } from './Radio';
const DONATIONS_API = 'https://backend.datenanfragen.de/donation';
const SUGGESTED_AMOUNTS = [5, 10, 15, 25, 50, 75, 100, 150, 200, 250];
-const PAYMENT_METHODS = ['bank-transfer', /*'creditcard',*/ 'cryptocurrency', 'paypal', 'mollie'];
+const PAYMENT_METHODS = ['bank-transfer', /*'creditcard',*/ 'cryptocurrency', 'paypal' /*, 'mollie'*/];
const amount_after_linear_fee = (fee_percent: number, fee_fixed: number, x: number) => x - fee_fixed - x * fee_percent;
diff --git a/src/Components/RequestList.tsx b/src/Components/RequestList.tsx
index 9d16b7e1e..4b23cab1d 100644
--- a/src/Components/RequestList.tsx
+++ b/src/Components/RequestList.tsx
@@ -111,6 +111,17 @@ export const RequestList = (props: RequestListProps) => {
onClick={() => setSelectionMode(!selectionMode)}>
{selectionMode ?
:
}
+
+ {!selectionMode && (
+
+ {t('new-request', 'generator')}
+
+ )}
+
{!selectionMode && (
<>
{props.importEmailsButton}
diff --git a/src/general.tsx b/src/general.tsx
index a2cf4c048..b30cf9e3c 100644
--- a/src/general.tsx
+++ b/src/general.tsx
@@ -171,14 +171,18 @@ const unsubscribeFromHydration = useProceedingsStore.persist.onFinishHydration((
});
const renderNewFootnotes = (hugoFootnotes: Element[]) => {
- hugoFootnotes.forEach((hugoFootnote, index) => {
- const footnoteContent = document.querySelector(`li[id="fn:${index + 1}"]`)?.cloneNode(true) as Element;
+ hugoFootnotes.forEach((hugoFootnote) => {
+ const index = +hugoFootnote.id.replace(/fnref\d*:/, '');
+
+ const footnoteContent = document.querySelector(`li[id="fn:${index}"]`)?.cloneNode(true) as Element | undefined;
+ if (!footnoteContent) return;
+
// Since the text content is taken from the bottom footnotes, it contains an arrow at the end that needs to be
// removed when the content is displayed within the embedded footnote.
- footnoteContent?.querySelector('.footnote-backref')?.remove();
+ for (const backrefElement of footnoteContent.querySelectorAll('.footnote-backref')) backrefElement.remove();
render(
-