XF 2.3 Export User data limitation (gdpr question)

[QuackieMackie]

I’ve just given the export user function a try and I noticed it only exports a very limited set of data specifically the profile information.

If a gdpr request is made, you are expected to provide all the information you have stored, logs, posts, etc?

So that falls on the site owner to the majority of that data from the database themselves yes?

 

[chillibear]

There have been a few threads in the past discussing this (for instance) which I don't recall came to a definitive conclusion. So the short answer is that if you don't consider the exported data to be sufficient then yes you'll need to supplement it with data you extract yourself and feel is covered. Don't put yourself though more hardship than you need however, GDPR always seems to be a bit of a rabbit hole if you read too much into all the rules.

 

[QuackieMackie]

There have been a few threads in the past discussing this (for instance) which I don't recall came to a definitive conclusion. So the short answer is that if you don't consider the exported data to be sufficient then yes you'll need to supplement it with data you extract yourself and feel is covered. Don't put yourself though more hardship than you need however, GDPR always seems to be a bit of a rabbit hole if you read too much into all the rules.

Yeah I’ve noticed there’s no absolute answer. It seems to be very case by case.

Personally that just fills me with unease.