GDPR support

Started by Arantor, a year ago

previous topic - next topic

0 Members and 1 Guest are viewing this topic.

Arantor

*
a year ago
What plans are there for supporting the functionality required by GDPR after May 2018?

Feline

*
#1
a year ago
Well .. currently we have no concrete informations what comes in the EU.
But .. I think it's not a big problem for Forumsystem, because nobody MUST make a registration on a Forum.

Currently we store his IP and email and this information we give the user before he accept the cookies and register a accout. Without ECL consens NOTHING is saved, and we do not create a SESSION.
All other Member informations are free to give us .. nothing is a MUST do.

So I think, that it's not a big problem for us to Implement that was comes in the EU and we can calm down  ;)
But ... I see a problem for Admins they use a systems (Like SMF) where the location is inside the EU ...

Fel
Many are stubborn in relation to the way, but less in relation to the target.

Arantor

*
#2
a year ago
If only it were that simple.

Firstly, the average forum administrator is a data controller. Sucks, but it's true. So they have responsibilities simply by running a forum and collecting email addresses.

The registration agreement probably needs a rewrite, but whether it does or it doesn't... you need to track when people agreed to the terms. You also need to check when the terms change that people are still happy with the terms, and track every subsequent acceptance.

There's also the fact that users can request a copy of all the data you hold on them, electronically in a open format. (Ideally, provide this in a self-service format.)

And permission to delete account pretty much needs to be given to everyone, it must be actioned inside a month, and all data that is personally identifiable needs to be able to be removed. As a minimum this would imply users that chose to use their name as their username would have to be scrubbed before deletion was approved. This would also need to scrub the database of all email addresses stored in the messages table against a user's posts.

I'm also not clear on how this would work for guest posting, or whether this would be mandatory to be disabled for the sake of being able to prove consent to data collection.

* Shouts

Feline
5 months ago
Today we update our Forum to the Version 1.45
Feline
8 months ago
Today we update our Forum to Version 1.4
This release is full compatible with the EU GDPR
Feline
10 months ago
Update for PortaMx 1.54 ecl released.
With this updates the Portal works with PHP 7.x and SMF 2.0.15
Feline
10 months ago
PortaMx Forum 1.3
released !

*
Feline
a year ago
Today we switched to PHP 7.2 and activate Opcode caching.
Fast .. Very fast *
Feline
a year ago
Today we upgrade our old SMF 2.0 Forum to PortaMx Forum *

* Calendar

Su
Mo
Tu
We
Th
Fr
Sa
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28