# Legal, privacy, and security policies The platform publishes three public documents available from login, registration, onboarding, and other key touchpoints: - terms of use - personal data protection policy - information security policy ## How they work Each document can be maintained in two ways: - by writing the content directly in the form; - by uploading the document as a file. If a file exists, the platform will publish that file. If no file exists, it will use the inline text written in the form. ## Where to manage them ### Global In `Administration / Settings`, inside `Legal policies`. ### Tenant In `Administration / Tenants / Create` and `Edit`. ### Organization In `Administration / Organizations / Create` and `Edit`. ## Inheritance The platform applies this priority: 1. organization-specific policy 2. tenant-specific policy 3. global policy If title, content, and file are all left empty at the organization or tenant level, that level continues using the policy inherited from the level above. ## Accepted file types You can upload: - PDF - TXT - MD When the document is a PDF, the platform displays it inside the legal viewer and also allows opening it in a separate tab. When it is TXT or MD, the content is shown as readable text inside the viewer. ## How users read them Policy links are shown automatically on: - login - registration - self-service onboarding - other public screens where applicable - the admin footer When a policy is selected, it opens in a modal window within the same screen so the user does not lose the current context. ## Recommended use - define a complete global version before enabling public registration or self-service signup - use tenant- or organization-specific policies only when they truly need to differ - if you already have an approved formal document, upload it as a file to preserve its full structure - if you need a quick or temporary adjustment, use the inline text editor in the form