SMF & GDPR Personally Identifiable Information

Started by kitz, April 11, 2018, 01:35:54 PM

Previous topic - Next topic

vbgamer45

I am concerned if would be ok for them to still modify there profile/account information while not agreeing to the agreements
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

@rjen

Quote from: vbgamer45 on May 02, 2018, 08:14:17 AM
I am concerned if would be ok for them to still modify there profile/account information while not agreeing to the agreements

I agree. Changing profile is debatable. Allowing them to SEE their actual profile (apart from downloading the data) would be best.

For new users it is fine: they do not comply, so they cannot register and they have nothing to check.

The problem is that we have an existing user base that have been using the forum and have (sometimes extensive) profiles. Now the Law changes and they can decide to no longer agree with us holding the data. With the new Law we should still allow they to at least SEE what data we have (many users are not that familiar with .csv downloaded files).

Of course the admin can delete the account later on (and all data) so then we'll have to include in the privacy statement that they will need to request data to be deleted if they want so...


Running SMF 2.1 with latest TinyPortal at www.fjr-club.nl

vbgamer45

I could do txt files for both. I was going by what twitter was doing. But they use pdf for most of their data which I think is even less open
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

LiroyvH

PDF, I'm not even sure if you can make a machine interpret the content normally?
In which case, I wonder if PDF is even an acceptable interchangeable format and would be more inclined to say it'd have to be something like CSV.

Quote from: wiebke on May 02, 2018, 07:43:10 AM
Yes, I saw that and it's great work. But if the member wans to stay active, I would like to be able deleting the IP on older topics. Especially on those, where the member already have been deleted.

Maybe I understand wrong, but if a member wants to stay active, that means they keep giving you their consent.
In which case, I don't think they have the right to selectively ask you to "forget" things. You can't demand to only selectively give consent for an agreement. It's an all or nothing scenario, either you give consent or you retract consent; they can't demand "I give you consent for section A to E but not for sections F to K" - that's not how it works. That means everyone could potentially get a tailored agreement, that'd be disastrous.

Moreover, collecting IP's of active users is a genuine processing case to keep track of spam and account changes...
((U + C + I)x(10 − S)) / 20xAx1 / (1 − sin(F / 10))
President/CEO of Simple Machines - Server Manager
Please do not PM for support - anything else is usually OK.

wiebke


Shambles

Seems to work pretty well - congrats.

If I may, can I suggest changing all internal "GPDR" strings to "GDPR"?

Also, in the settings screen, even if "Enable the privacy policy" is unchecked, any other checked option seems to enable the whole feature.

Thanks again.

vbgamer45

Quote from: Shambles on May 03, 2018, 12:56:49 PM
Seems to work pretty well - congrats.

If I may, can I suggest changing all internal "GPDR" strings to "GDPR"?
Thanks again.
Bah, yeah that is a big one
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

vbgamer45

Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Shambles

Lol, nice :D

I guess we can live with the package name as it is :P

vbgamer45

Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Bigguy

I know this is not supported for 2.1 and I may not get any help with it if I install it. I'm probably going to try though. I found 3 errors when trying to install in 2.1 I can alter the code to make it work that way. My only question before I do try to install it is: Is it going to play nice with the database. I think it would but I just wanted to get your opinion if I could before I go ahead.

vbgamer45

Yes it will play nice with the database. I do plan to port it to 2.1 one day.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Bigguy

I figured you were going to but I also knew it was not going to be right away or anything. I didn't want it to seem like I was bein pushy or anything. Thanks, I'll give it a try then. :)

petb

Quote from: CoreISP on May 02, 2018, 09:44:35 AM
Maybe I understand wrong, but if a member wants to stay active, that means they keep giving you their consent.
In which case, I don't think they have the right to selectively ask you to "forget" things. You can't demand to only selectively give consent for an agreement. It's an all or nothing scenario, either you give consent or you retract consent; they can't demand "I give you consent for section A to E but not for sections F to K" - that's not how it works. That means everyone could potentially get a tailored agreement, that'd be disastrous.
Sure?

I think they are allowed to say, for example "email = yes" and "date of birth = no" and similar things.
But i also think the forum owner must not accept that.

He has the right to deny the usage of the forum and can say:
Usage only allowed if the forum got the right to store all data,
which finally ends in deleting the account if the user only want a partial deleting of his data.
???

a10

PM \ personal messages, what is their status ?
2.0.19, php 8.0.23, MariaDB 10.5.15. Mods: Contact Page, Like Posts, Responsive Curve, Search Focus Dropdown, Add Join Date to Post.

vbgamer45

Status? I do not export those currently but could be done.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro


lurkalot

Quote from: vbgamer45 on May 03, 2018, 01:40:14 PM
1.0.3
!Spelling fixes for GDPR

Thanks, nice mod, and will no doubt take a lot hassle away from SMF admins.

I did notice something though regarding the renaming process, the actions are still showing the incorrect spelling

action=gpdr;sa=privacypolicy
action=gpdr;sa=privacypolicy;reagree=1
action=gpdr;sa=registeragreement;reagree=1
etc.

That caused me a slight head scratching moment when trying to hide my blocks and panels in Tinyportal.

vbgamer45

Yeah I have to redo those at some point. I flipped the letters in a bunch of spots.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

lurkalot

Quote from: vbgamer45 on May 05, 2018, 08:50:04 AM
Yeah I have to redo those at some point. I flipped the letters in a bunch of spots.
Thanks.  I sent you a pm.  ;)

Advertisement: