General Data Protection Regulation

  • nunom
    31st May 2018 Member 0 Permalink

    Don't forget to update the website's Privacy Policy, add HTTPS support, etc to comply with the GDPR!

  • jacob2
    31st May 2018 Member 3 Permalink
    Yes, we have this on our minds. We think we already comply with how we are collecting data, we just need to fix our privacy policy to explain this properly. (For example, we collect IP address to prevent multi-account voting)

    I'll enable https later and see what happens. We have a cert, I don't know why the admin hasn't enabled it everywhere.
  • jombo23
    31st May 2018 Member 0 Permalink

    When it really comes down to it, why should the europeans control the internet.

     

    Sure https and all that jazz would be nice, but why does it matter if it complies with gdpr and whatnot?

     

    What else even needs to be added to the privacy policy?

  • jacob1
    1st Jun 2018 Developer 0 Permalink
    @jombo23 (View Post)
    Violations of GDPR are punishable with fines, I'd rather be safe here. The law is designed to ensure all companies and websites take a good look at how they are using personal data and whether they really need it.

    Not much needs to be added to the privacy policy, but if you look at it you'll see it's literally a copy paste from the internet with a few changes. There's some talk of 3rd parties, we don't send any data to any 3rd parties, so that's not even relevant. There's also a line that says we'll update the privacy policy occasionally to "reflect company policy and customer feedback", lol.

    The main (and pretty much only) thing we collect is IP address, anyway. It's very effective in preventing ban evasion and multi-account voting. We just need to clarify the things we use it for, there's a few other additional things we use it for. Other personal information like profile info is way less of an issue because it's all optional for users to submit it and can be removed at any time.
    Edited once by jacob1. Last: 1st Jun 2018
  • jombo23
    1st Jun 2018 Member 0 Permalink

    @jacob1 (View Post)

     I see. 

     

    On one hand, its aight, on the other hand, i hate the idea of europe thinking it can have the world by the balls like this. Its a huge power grab that i greatly disapprove of.

     

    Id prefer myself to block all gdpr users myself.

  • jacob1
    1st Jun 2018 Developer 0 Permalink
    @jombo23 (View Post)
    I'd rather not get into politics (besides saying I disagree with that, i'm sure you already knew that though :P)

    But, I'm sure you can understand that I'd rather not block all European users from this website, like some other sites have done. We are like an inch away from complying anyway.

    At one point I considered a system which would ban all users that don't agree to let us use their "personal data", but apparently GDPR prevents you from making agreeing to our policies a condition to keeping an account. But anyway, our use of ip address falls under the provision that says you're allowed to collect info to prevent abuse. We literally could not prevent multi-account voting if we weren't keeping ip address. So, we won't need users to opt-in. We may need a "delete account" option, but people have been asking for that option for years anyway.
  • jombo23
    1st Jun 2018 Member 0 Permalink

    jacob1:

    @jombo23 (View Post)

    ~snip~
    But, I'm sure you can understand that I'd rather not block all European users from this website, like some other sites have done. We are like an inch away from complying anyway.

    At one point I considered a system which would ban all users that don't agree to let us use their "personal data", but apparently GDPR prevents you from making agreeing to our policies a condition to keeping an account.
    ~snip~
    So, we won't need users to opt-in. We may need a "delete account" option, but people have been asking for that option for years anyway.

     

     

    Yeah i understand

     

    Wow thats actually BS, youre providing a service to them, not the other way around. Its a privelege, not a right, to use tpt

     

    Woo more features