ElkArte Community

Well .. we have today update our Server and now ... we are ready for the ugly GDPR  ;)

Exist user must now on the first login accept the GDPR  .. do he this not, he can only visit his Profile (to request a removing) or logout. On all other the GDPR Screen is shown ..

New User must accept the GDPR before he can register a account. Also we set the minimal age to 16 years.

Currently we do not have a data export function, but that comes later.
So I can say .. we are the champions .. singing  :D

Hello feline,

but ElkArte looks prettier - unfortunately.

I need a new platform to replace a somewhat hacked SMF 1.1.6, and i would prefer to mangle an SMF database backup through a filter (or run some sed/awk/perl script on it) to obtain something that on be directly loaded into a juvenile database of th new forum. ideally on a different server or in a testing environment. Possible with Your code?

Well .. our Forum Software is based on smf 2.1 ..
but we have changed many, many things in the code, and the tables we use are not compatible with any smf.
So you have to think what you need ...

Fel

Hmmm ..  8)

What do you expect in an ElkArte support board? Especially when posting such things as "we at our board offering another forum software are the kings and you here are not"?

Of course the users here love this software. That's why they are here.

Hmmm ... sure ?  ;D

Absolutely!  :D

Did you also disable all the server logs?

Sure? With IE I get a 403 server error when trying to access http://www.portamx.com

I know.
But You need migration strategies. I asked because i did not find much upon a first look.

Regarding log files: they are not forbidden. AFAIK users just need to be informed what happens with the data.

IMHO we should be pretty safe if we require users to sign the GDPR and if we find a solution for the use of external services. Important: anti spam protection measures, i.e. use of blacklists and whitelists. And of course branching to other sites, especially by embedding players for audio or video streaming, embedding maps and the like.

Back to Elkarte: is there any code available to do at least the most urgent stuff - signing the data protection policy and static hiding of embedded stuff (which is a severe topic independently of the DSGVO).

Back to Elkarte: is there any code available to do at least the most urgent stuff - signing the data protection policy and static hiding of embedded stuff (which is a severe topic independently of the DSGVO).

There is something planned in this way, but it will probably exceed the date of May 25th by a few days.
https://www.elkarte.net/community/index.php?topic=4776.msg37037#msg37037 (https://www.elkarte.net/community/index.php?topic=4776.msg37037#msg37037)

How is it, if I have embedded videos from Youtube on my pages? Is my privacy policy then responsible for them or the privacy policy from Youtube? Can or must I write something in my privacy policy like: "When you play such videos, you do agree with Youtube's privacy policy" ?

Even worse:
embedding  youtube videos is usually done by <iframe>-Tags. As these are loaded while the forum page builds up, personal data is sent to the Youtube servers, notably your IP address.  And then a bunch of strange cookies and communication channel (IDs)  will be placed on Your computer, not alone regarding Youtube alone, but gooogle in general and worst of all their advertizing network (doubleclick.net). Even if you embed in "enhanced"-privacy mode, one basic communication channel (ID) is set.

It is always up to YOU to inform Your users.  But in case of 3rd party services this is usually not enough. to put a note into your policy or refer to the policy of the service!
It looks as if a conforming solution would require providing a static link, maybe with a local thumbnail image. But even then You must inform your users, and it is completely unclear to what degree and where You need to inform them.

easily forgotten are other objects loaded from external sources, notably images using the <img>-Tag. Also loaded during buildup of the page, and at least the IP address of the user will be send to the 3rd party server.

For all that you will find in the net many good examples ... for Google, Youtube, Paypal ... what else.
Also you can take a look to our GDPR conform document  ;)

You mean the "Datenschutzerklärung" on PortaMx?
I can't find there anything about Google, Youtube or others...

Look at this ...

[b]7. Integration of services and content of third parties[/b]
We use third-party content or service offerings within our online offering, based on legitimate user interests, to integrate their content and services.
This always assumes that the third-party providers perceive the IP address of the users, since they could not send the content to their browser without the IP address.
The IP address is therefore required for the presentation of this content.

[b]7.1. Youtube[/b]
We embed the videos on the YouTube platform of Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
Privacy Policy: [url=https://www.google.com/policies/privacy]https://www.google.com/policies/privacy[/url], Opt-Out: [url=https://adssettings.google.com/authenticated]https://adssettings.google.com/authenticated[/url].

[b]7.2. Google ReCaptcha[/b]
We use this feature to detect bots, e.g. upon registration and submission to ReCaptcha online forms provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
Privacy Policy: [url=https://www.google.com/policies/privacy]https://www.google.com/policies/privacy[/url], Opt-Out: [url=https://adssettings.google.com/authenticated]https://adssettings.google.com/authenticated[/url].

[b]7.3. PayPal[/b]
On our website, we have integrated components from PayPal, which automatically transmit data of the person concerned to PayPal. With the selection, the data subject consents to the transmission of personal data required for payment processing.
The personal data they transmitted to PayPal is usually the first name, last name, address, email address, IP address, telephone number, mobile phone number or other data required for payment processing.
For the execution of the purchase contract, also such personal data are necessary, which are in connection with the respective order. The personal data exchanged between PayPal and the controller may be transferred by PayPal to credit reporting agencies. This transmission aims at the identity and credit check.
The data subject has the possibility to revoke the consent to the handling of personal data against PayPal at any time. A revocation has no effect on personal data which must be processed, used or transmitted for (contractual) payment processing.
PayPal may disclose personal information to affiliates and service providers or subcontractors, to the extent necessary to fulfill its contractual obligations or to process the data on behalf of.
PayPal's applicable privacy policy is available at [url=https://www.paypal.com/de/webapps/mpp/ua/privacy-full]https://www.paypal.com/de/webapps/mpp/ua/privacy-full[/url].
The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

[b]7.4. Location data[/b]
Geolocation is the identification or estimation of the geographic location of a computer connected to the Internet. We do not store any of these data, but only use this data for statistical purposes, to recognize search engines and to identify which national language you normally use. To determine your computer's geographical location (continent and country), your IP address will be sent to the geoPlugin service over a secure connection (SSL).
A privacy policy is available at: http://www.geoplugin.com/privacy.

Hope this helps a little bit  ;)

Hmmm .. You have change your Browserstring ?
We make a grep on this to detect Spider ... and a lot of them are blocked (http 301 Header)

Fel

Changed my browser string? I think not, but I don't understand what you mean.

We do check the browser string to detect Spider automatically ...
And we have currently more then 100 spiders in the list.
Please can you tell me your bowser string, so I can check this ?

You can see this in the variable $_SERVER['HTTP_USER_AGENT']

Fel

By the way ...
Today we have (for first testing purpose) our GDPR activated ..

On the first test I see ... WORKS AS DESIGNED .. Yeahhh  8)

We leaf this enabled until tomorrow ...

Ahhh ... You use INTERNET EXPLORER ...
Heh, Heh .. out of order .. Try Edge

Seem like my Hosting have disabled this old thing.
On my local PC it works ...

Fel

Up from today, we are mostly full compatible with the ugly GDPR  ;)

What's new ?
We added "user anonymization" on delete a member .. so all his Post stay in, but with a "Guest" as name, IP 127.0.0.1 and without email in his posts. Also we remove the name in quotes, in the message text, in likes and mentions, and finally all Polls are updated (guest vote).
And all this works very fast .. for a member width over 2000 post ... less then 3 seconds (for all changes) on my local (slow) window Laptop  8)
So I say ... Ready for the next Release (1.4)  ;D

Now there is only missing a converter from SMF 2.0.15 to PortaMX.

Is here somebody that can program such a converter also for payment ?

Please let me know.

Many thanks.

Regards, Stefan.

I think you are on the wrong forum to ask for that. Try https://www.portamx.com

Why that?
He have wrote a legal question .. and .. it's possible that a member here have interest to do this ...

And still it's the wrong place to ask for a feature on another software.
Would you ask here for a feature on Microsoft Windows? No.
I don't care about you advertising your software here (I just split this discussion because really was in the middle of something that was not related), but ask for features on your software here it's the wrong place, simply because you are not going to track the feature requests all over the web, but you track them at your website. ;)

Instead, if your interest is in contributing to OpenImporter, there is a dedicated board for it, and a random topic in a random board is still not the place to talk about it. ;)

I pointed them towards the place I felt the question was better asked. This is forum is for Elkarte, people visiting here are generally coming here for Elkarte, people visiting your forum are generally going for PortaMx, so it makes more sense to ask on PortaMx than Elkarte imo.

Especially as the OP wants to convert from SMF 2.0.15 to PortaMX Forum https://www.simplemachines.org/community/index.php?topic=560718.0  I would agree.

http://www.donationcoder.com/forum/index.php?topic=45495 8)

 
 Idiotic this page ...