Opened 5 years ago
Last modified 4 years ago
#5308 new defect
Privacy Policy and GDPR compliance for webservices
Reported by: | elexis | Owned by: | |
---|---|---|---|
Priority: | Must Have | Milestone: | Website / Forum |
Component: | Website / Forum | Keywords: | legal |
Cc: | Patch: |
Description
Forums, trac, Phabricator, Jenkins, play0ad.com website, irclogs, mailserver and whatever else we host are affected by GDPR since May 2018, i.e. by EU law required to be transparent with regards to all data processed, explain and provide user rights in a privacy policy at the time the data is obtained (article 13).
The data processing must be audited to identify and remove data processing that is not lawful ("data minimization" and "purpose limitation" article 5, statement about legal basis of processing, article 6) or not protected properly (pseudonymisation, encryption, article 32).
refs #5257 refs https://wildfiregames.com/forum/index.php?/topic/24325-gdpr/ (in particular the posts about these online platforms)