trapped_soul
Well-known member
I'm not so sure but I know we are totally unaffected by Brexit and still have to fall in line with the GDPR legislations.
I should imagine, it applies across everything.
https://www.eugdpr.org/gdpr-faqs.html
GDPR discussion thread
- Thread starter 7ore
- Start date
I should imagine, it applies across everything.
https://www.eugdpr.org/gdpr-faqs.html
They can request it, but you dont have to comply except under very specific circumstances.
A public post is not personal data (unless the post is of personal data) and therefore not covered under the right to be forgotten.
Martok
Well-known member
Reading information from the ICO on forums seems contrary to what you are suggesting.
https://ico.org.uk/media/for-organi...networking-and-online-forums-dpa-guidance.pdf
I'd be interested to know exactly where your lawyers are saying 'it's not enough' and 'yes they can (request post deletions) from - they will need to point to the precise bit of law if anyone is taken to court over this, so it would be useful to have the exact information rather than some supposed say so of a lawyer.
I don't think this very rigid interpretation of the new law will succeed.
But you are right. There may be people who may think so and request all posts to be deleted (especially in Germany
). There will be law suits and in the end we will know how to interpret the new regulations. But I still doubt that this interpretation will succeed because this will be the end of the internet. Every content of the internet was written by someone and if this person can request it's deletion we won't have any content any more. No forums, no newspapers, no social media. I really think the focus will be on "personal" data and this is already backed by many law decisions in the past.
SneakyDave
Well-known member
Davyc
Well-known member
I've just had a report on my XF2 site from a company that deals with GDPR compliance with regards to cookies.
Out of the box XF2 is not GDPR compliant in terms of Cookies - even the cookie notice is not sufficient: here's the gist of the report I received, I've also emailed them to see if they are interested in developing plugins for the major forum softwares including, of course, Xenforo:
This makes for interesting reading - if you want to check you own sites go to: https://www.cookiebot.com/en/
Cookie scan report
Summary
Scan date: 06/04/2018
Domain name: thegreatspirit.co.uk
Server location: Germany
Cookies, in total: 3
Scan result
3 cookies was identified.
3 cookies are unclassified and needs manual classification and a purpose description.
Category: Unclassified (3)
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
COOKIE NAME PROVIDER TYPE EXPIRY
xf___crossTab thegreatspirit.co.uk HTML Persistent
First found URL: https://thegreatspirit.co.uk/
Cookie purpose description: Unclassified
Initiator: Script tag, page source line number 1402
Source: https://thegreatspirit.co.uk/js/xf/core-compiled.js?_v=03123130
Data is sent to: Germany (adequate)
Prior consent enabled: No
xf_csrf thegreatspirit.co.uk HTTP Session
First found URL: https://thegreatspirit.co.uk/
Cookie purpose description: Unclassified
Initiator: Webserver
Source: thegreatspirit.co.uk
Data is sent to: Germany (adequate)
Prior consent enabled: No
xf_session thegreatspirit.co.uk HTTP Session
First found URL: https://thegreatspirit.co.uk/
Cookie purpose description: Unclassified
Initiator: Webserver
Source: thegreatspirit.co.uk
Data is sent to: Germany (adequate)
Prior consent enabled: No
©2018 Cybot
Cookie scan report - 1/1
Anyone from XF like to comment please?
Out of the box XF2 is not GDPR compliant in terms of Cookies - even the cookie notice is not sufficient: here's the gist of the report I received, I've also emailed them to see if they are interested in developing plugins for the major forum softwares including, of course, Xenforo:
This makes for interesting reading - if you want to check you own sites go to: https://www.cookiebot.com/en/
Cookie scan report
Summary
Scan date: 06/04/2018
Domain name: thegreatspirit.co.uk
Server location: Germany
Cookies, in total: 3
Scan result
3 cookies was identified.
3 cookies are unclassified and needs manual classification and a purpose description.
Category: Unclassified (3)
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
COOKIE NAME PROVIDER TYPE EXPIRY
xf___crossTab thegreatspirit.co.uk HTML Persistent
First found URL: https://thegreatspirit.co.uk/
Cookie purpose description: Unclassified
Initiator: Script tag, page source line number 1402
Source: https://thegreatspirit.co.uk/js/xf/core-compiled.js?_v=03123130
Data is sent to: Germany (adequate)
Prior consent enabled: No
xf_csrf thegreatspirit.co.uk HTTP Session
First found URL: https://thegreatspirit.co.uk/
Cookie purpose description: Unclassified
Initiator: Webserver
Source: thegreatspirit.co.uk
Data is sent to: Germany (adequate)
Prior consent enabled: No
xf_session thegreatspirit.co.uk HTTP Session
First found URL: https://thegreatspirit.co.uk/
Cookie purpose description: Unclassified
Initiator: Webserver
Source: thegreatspirit.co.uk
Data is sent to: Germany (adequate)
Prior consent enabled: No
©2018 Cybot
Cookie scan report - 1/1
Anyone from XF like to comment please?
trapped_soul
Well-known member
Would this include 1.5.x too you think?
BassMan
Well-known member
It doesn't matter what I think here, but I guess since it's still officially supported.
Mr Lucky
Well-known member
I would not expect the developers to adapt older versions to comply with new laws. I would expect any ongoing support to be for helping customers with technical issues, and any upgrades to deal with any security issues. EDIT: If they do upgrade for compliance then that would be nice for people continuing with xf1, but not anything you should expect as any kind of obligation.
Last edited:
BassMan
Well-known member
Agree, this is much more likely.
Interesting their own site doesn't follow the same rules they are stating need to be followed.
Stuart Wright
Well-known member
100% since most forums will be using XF1.
Robust
Well-known member
Automatic services like that are really not the best way to assess GDPR compliance.
If you are concerned, consult a consultancy firm with experience with the GDPR. The big ones all offer these services. There are also individuals that are relatively well versed with the GDPR. Depending on the size of your website and forum, some options may be more reasonable than others.
Ozzy47
Well-known member
There is a service and addon for that, XF1 https://xenforo.com/community/threads/gdpr-for-xenforo-1-paid.145165/ and XF2 https://xenforo.com/community/threads/gdpr-for-xenforo-2-paid.145164/
trapped_soul
Well-known member
Yes, 150 USD and qualified by whom?
Could be a total scam couldn't it?....
After all, there's no actual certification behind it, is there?
Ozzy47
Well-known member
trapped_soul
Well-known member
It means nothing tbh. No disrespect to Slavik of course. But that could be anyone, anything.
Unless there's some sort of guarantee or promise, then I'd not touch it. There has to be some sort of endorsement to justify that. If anyone parts with their hard earned cash on a "take a gamble - opportunist" add-on, then so be it. Without any sort of promise or guarantee of what it will do, I see that as someone cashing in.
Again no offence Slavik but it does look like you're cashing in on something here - as the only offer of guarantee is your word, that - you know.
