Skip to main content
Topic: EU and the GDPR (Read 2015 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

Re: EU and the GDPR

Reply #30
Export information meaning all your posts? I can't really think of what other info there is that's not readily available in your profile. :)

Re: EU and the GDPR

Reply #31
@vbgamer45 cool!
BTW I've almost finished implementing logging of acceptance of both the agreement and a "privacy policy" (with a way to force accepting them any time they are changed).
For 1.1.4 I plan to only add on top of what I have already added a page to show the privacy policy (if enabled, since it will not be mandatory). If not too messy I'll try also to have an "accept privacy policy" for the contact form as well, but I still have to look at what is required.
For 1.1.5 (or later) I'd like also to work on showing the history of agreements/policies accepted to each member (that would just be a page with a list and an overlay showing the text I think).

Regarding the anonymization, though, I'm not sure I want to go down the "hammer-path" of deleting everything when the account is deleted. There are consequences like not being able to identify any more the author of the post that should be weighted as well. I think the correct path is a mixed solution: the data should be kept for (flexible) a period of time and there should be a way to remove them if explicitly requested.
Oh well, something I've not yet given too much thoughts.
Bugs creator.
Features destroyer.
Template killer.

Re: EU and the GDPR

Reply #32
Sounds good enough for me, @emanuele.

BTW I've almost finished implementing logging of acceptance of both the agreement and a "privacy policy" (with a way to force accepting them any time they are changed).

Will this be an addon soon?  O:-)

Can you offer a description of the cookie(s) used by ElkArte, what it contains exactly and what it is needed for?

Re: EU and the GDPR

Reply #33
It will not be an addon, I'm adding it to the core starting from 1.1.4 (provided my computer start working again :'( ).
Bugs creator.
Features destroyer.
Template killer.


Re: EU and the GDPR

Reply #35
Will 1.1.4 be released before May 25?
https://www.elkarte.net/community/index.php?topic=5203.msg36950#msg36950

Great news saves me some time I would like it but can't see like posts? No option.
I think I just addressed that issue, please check again when you get a chance.
Squish squish. squish, squish, squish.
Find a bug,
Make a wish.



Re: EU and the GDPR

Reply #38
Can you offer a description of the cookie(s) used by ElkArte, what it contains exactly and what it is needed for?

I would like to know that too.
ElkArte version: 1.1.5 / Theme: BeSocial / PHP 7.2.7

Re: EU and the GDPR

Reply #39
Regarding the anonymization, though, I'm not sure I want to go down the "hammer-path" of deleting everything when the account is deleted. There are consequences like not being able to identify any more the author of the post that should be weighted as well. I think the correct path is a mixed solution: the data should be kept for (flexible) a period of time and there should be a way to remove them if explicitly requested.
Oh well, something I've not yet given too much thoughts.

I do not even think the "hammer path" would be appropriate at all. Imagine a contribution with criminal content. Advertizing for abuse of children or "simply" stalking.
The You even need to have the IP address (es) available in order to be able to give them to the police!

In addition blocking trolls requires permanent availability of their data to the admins.

 

Re: EU and the GDPR

Reply #40
Indeed.
And BTW, article 7.4:
Quote
The data subject shall have the right to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, the data subject shall be informed thereof. It shall be as easy to withdraw as to give consent.
i.e. okay to delete, but when the policy is accepted, you accept your data will be kept for the time specified by the policy.

So, I repeat, technical solution are nice, but the most important thing is actually a correctly written policy.

At the moment I'm a bit in troubles, I'll try to draft something...
If anyone is interested in putting something together (at least the general terms) I can jump with the details where needed. ;)
Bugs creator.
Features destroyer.
Template killer.

Re: EU and the GDPR

Reply #41
Sorry i am a lame person, does this EU and GDPR apply to all countries and to anyone running forums? I am from India and this should be added in my community too?

Re: EU and the GDPR

Reply #42
Sorry i am a lame person, does this EU and GDPR apply to all countries and to anyone running forums? I am from India and this should be added in my community too?
It does if you do business with EU customers, but otherwise I wouldn't expect it to be terribly relevant to people from India.

Re: EU and the GDPR

Reply #43
Sorry i am a lame person, does this EU and GDPR apply to all countries and to anyone running forums? I am from India and this should be added in my community too?
It does if you do business with EU customers, but otherwise I wouldn't expect it to be terribly relevant to people from India.
Nope ... must be:
If you bussines (website) is IN the EU then you MUST have implement the GDPR  :o
Many are stubborn in relation to the path, a few in relation to the target.
Visit our new Forum Project on https://www.portamx.com

Re: EU and the GDPR

Reply #44
I don't expect Indians to have servers in EU to target people in India... that would be... slightly dumb.
Bugs creator.
Features destroyer.
Template killer.