-
-
Notifications
You must be signed in to change notification settings - Fork 8
legal
As with everything, there are legalities involved with this project. I've tried to cover as many bases as I can, but be aware that it is very hard and I am very lazy.
This is not legal advice, I am not a lawyer, and if if you have concerns, please consult a lawyer in your own jurisdiction.
The MERN-template and all of it's microservices are released under the zlib license (see LICENSE for details). This means you can freely use it to make whatever you like, and attribution to Kayne Ruse, KR Game Studios and other MERN-template contributors is appreciated, but not strictly required. You also can't pretend you made it, and you can't take the license out of source distributions of the template.
The website's footer links to the privacy policy and credits pages. These can be found under client/pages/static/ as react pages.
Please remember to include a privacy policy with your website, and credit everyone involved in your website's creation.
One of the features built into the auth service is the contact flag - it's a way for the user to signal to the developer that they are OK with being contacted in the future with promotional material. This flag is saved in the accounts table in the auth database, and can be freely changed by users via their account pages. Removing this feature means you won't be able to contact anyone.
If you're in America, please refer to the CAN SPAM act of 2003.
According to the European GDPR as I understand it, the right to be forgotten is required by those operating out the the European Union.
What this means practically is that user accounts must be able to be deleted, along with all identifiable user data. I've added a "Delete Account" button to the user's account page which enables this - the deletion is not immediate, they have a two day window to change their minds by logging back into the game. However after that two day window is up, the account is completely deleted.
When modifying the MERN-template, be sure that any identifiable data, such as usernames and email accounts stored elsewhere, is also deleted in this manner.
According to the COPPA act, if you accept children under the age of 13 as users, you need to conform to certain expectations within the United States.
Personally, I just find it easier to ban kids under 13 from playing my web games via my privacy policy.