Re: EU and the GDPR May 15, 2018, 07:04:38 pm Well .. we have today update our Server and now ... we are ready for the ugly GDPR Exist user must now on the first login accept the GDPR .. do he this not, he can only visit his Profile (to request a removing) or logout. On all other the GDPR Screen is shown ..New User must accept the GDPR before he can register a account. Also we set the minimal age to 16 years.Currently we do not have a data export function, but that comes later.So I can say .. we are the champions .. singing
Re: Re: EU and the GDPR Reply #1 – May 15, 2018, 07:33:04 pm Hello feline,but ElkArte looks prettier - unfortunately.I need a new platform to replace a somewhat hacked SMF 1.1.6, and i would prefer to mangle an SMF database backup through a filter (or run some sed/awk/perl script on it) to obtain something that on be directly loaded into a juvenile database of th new forum. ideally on a different server or in a testing environment. Possible with Your code?
Re: Re: EU and the GDPR Reply #2 – May 15, 2018, 10:58:44 pm Well .. our Forum Software is based on smf 2.1 .. but we have changed many, many things in the code, and the tables we use are not compatible with any smf.So you have to think what you need ...Fel
Re: Re: EU and the GDPR Reply #3 – May 15, 2018, 11:00:27 pm Quote from: bea – May 15, 2018, 07:33:04 pmbut ElkArte looks prettier - unfortunately.Hmmm ..
Re: Re: EU and the GDPR Reply #4 – May 15, 2018, 11:41:24 pm What do you expect in an ElkArte support board? Especially when posting such things as "we at our board offering another forum software are the kings and you here are not"?Of course the users here love this software. That's why they are here.
Re: Re: EU and the GDPR Reply #5 – May 15, 2018, 11:59:04 pm Quote from: Jorin – May 15, 2018, 11:41:24 pmOf course the users here love this software. That's why they are here.Hmmm ... sure ?
Re: Re: EU and the GDPR Reply #7 – May 16, 2018, 01:10:58 am Did you also disable all the server logs?
Re: Re: EU and the GDPR Reply #8 – May 16, 2018, 01:38:45 am Quote from: Feline – May 15, 2018, 07:04:38 pmSo I can say .. we are the champions .. singing Sure? With IE I get a 403 server error when trying to access http://www.portamx.com
Re: Re: EU and the GDPR Reply #9 – May 16, 2018, 06:53:11 am Quote from: Feline – May 15, 2018, 10:58:44 pmWell .. our Forum Software is based on smf 2.1 .. I know.Quotebut we have changed many, many things in the code, and the tables we use are not compatible with any smf.So you have to think what you need ...But You need migration strategies. I asked because i did not find much upon a first look.Regarding log files: they are not forbidden. AFAIK users just need to be informed what happens with the data. IMHO we should be pretty safe if we require users to sign the GDPR and if we find a solution for the use of external services. Important: anti spam protection measures, i.e. use of blacklists and whitelists. And of course branching to other sites, especially by embedding players for audio or video streaming, embedding maps and the like. Back to Elkarte: is there any code available to do at least the most urgent stuff - signing the data protection policy and static hiding of embedded stuff (which is a severe topic independently of the DSGVO).
Re: Re: EU and the GDPR Reply #10 – May 16, 2018, 07:00:01 am Back to Elkarte: is there any code available to do at least the most urgent stuff - signing the data protection policy and static hiding of embedded stuff (which is a severe topic independently of the DSGVO).
Re: Re: EU and the GDPR Reply #11 – May 16, 2018, 07:29:29 am There is something planned in this way, but it will probably exceed the date of May 25th by a few days.https://www.elkarte.net/community/index.php?topic=4776.msg37037#msg37037How is it, if I have embedded videos from Youtube on my pages? Is my privacy policy then responsible for them or the privacy policy from Youtube? Can or must I write something in my privacy policy like: "When you play such videos, you do agree with Youtube's privacy policy" ?
Re: Re: EU and the GDPR Reply #12 – May 16, 2018, 12:07:26 pm Even worse: embedding youtube videos is usually done by <iframe>-Tags. As these are loaded while the forum page builds up, personal data is sent to the Youtube servers, notably your IP address. And then a bunch of strange cookies and communication channel (IDs) will be placed on Your computer, not alone regarding Youtube alone, but gooogle in general and worst of all their advertizing network (doubleclick.net). Even if you embed in "enhanced"-privacy mode, one basic communication channel (ID) is set. It is always up to YOU to inform Your users. But in case of 3rd party services this is usually not enough. to put a note into your policy or refer to the policy of the service! It looks as if a conforming solution would require providing a static link, maybe with a local thumbnail image. But even then You must inform your users, and it is completely unclear to what degree and where You need to inform them.easily forgotten are other objects loaded from external sources, notably images using the <img>-Tag. Also loaded during buildup of the page, and at least the IP address of the user will be send to the 3rd party server.
Re: Re: EU and the GDPR Reply #13 – May 16, 2018, 02:29:37 pm Quote from: bea – May 16, 2018, 06:53:11 amIMHO we should be pretty safe if we require users to sign the GDPR and if we find a solution for the use of external services. And of course branching to other sites, especially by embedding players for audio or video streaming, embedding maps and the like. For all that you will find in the net many good examples ... for Google, Youtube, Paypal ... what else.Also you can take a look to our GDPR conform document
Re: Re: EU and the GDPR Reply #14 – May 16, 2018, 02:51:09 pm Quote from: Feline – May 16, 2018, 02:29:37 pmAlso you can take a look to our GDPR conform documentYou mean the "Datenschutzerklärung" on PortaMx?I can't find there anything about Google, Youtube or others...