hibiskus
Active member
1.
I want to alarm the community, because i got a mail where one guy wanted to receive all his saved data, because now it is his right.
And he tried that for simple reason to see if he can sue me, because he literally said in the 2nd mail that he gives me another 48 the response or he will sue me.
I had before phpBB and the last 14 years it is lead by germans, and updated before few days before the law would come into effect, to be law compliant in front.
One of the changes was, that every user can Download all his saved Data all his Posts he ever did with a simple click from the profile panel.
So now I switched to Xenforo2 and i have to do it manually? and every time i fly to holidays i have to fear now that i can't answer a data request soon enough and get sued?
Please you have to implement that too, Facebook has also a Button for that, in phpBB it is Out-Of-The-Box because they are very strict when it is about laws, there are many trolls who will wait for it.
This is the Article 15 of GDPR - Right of access by the data subject - https://gdpr-info.eu/art-15-gdpr/
2.
Opt-In for cookies, where you have to accept cookies and analytics should be also out of the box, technically you are selling EU law non compliant software.
As specially when you have google analytics integrated, still everybody free to use, but out of the box i can't use it with EU law compliant.
And is very very simple i guess to implement that, you are using it on your Page to? Am I missing the Settings for that, or is this custom?
Also one where you can accept and not accepting doesn't have a effect is also not compliant with the law, but better then nothing.
But one example how it should be done and is more then 100% GDPR compliant can be find at - https://forums.macrumors.com
When you press on "Show Purpose" you get a full selection where you can tick off everything normal cookie, tracking cookies, analytic ..
This is the Recital No 32 of GDPR - https://gdpr-info.eu/recitals/no-32/
Those 2 things are essential because out of the box XenForo2 is not GDPR compliant, not anymore at least, as specially in strict Germany&Austria.
Since XenForo wants money for debranding which i understand but it makes it easy for troll lawyer or hacker to find a sue able or exploitable target.
I want to alarm the community, because i got a mail where one guy wanted to receive all his saved data, because now it is his right.
And he tried that for simple reason to see if he can sue me, because he literally said in the 2nd mail that he gives me another 48 the response or he will sue me.
I had before phpBB and the last 14 years it is lead by germans, and updated before few days before the law would come into effect, to be law compliant in front.
One of the changes was, that every user can Download all his saved Data all his Posts he ever did with a simple click from the profile panel.
So now I switched to Xenforo2 and i have to do it manually? and every time i fly to holidays i have to fear now that i can't answer a data request soon enough and get sued?
Please you have to implement that too, Facebook has also a Button for that, in phpBB it is Out-Of-The-Box because they are very strict when it is about laws, there are many trolls who will wait for it.
This is the Article 15 of GDPR - Right of access by the data subject - https://gdpr-info.eu/art-15-gdpr/
2.
Opt-In for cookies, where you have to accept cookies and analytics should be also out of the box, technically you are selling EU law non compliant software.
As specially when you have google analytics integrated, still everybody free to use, but out of the box i can't use it with EU law compliant.
And is very very simple i guess to implement that, you are using it on your Page to? Am I missing the Settings for that, or is this custom?
Also one where you can accept and not accepting doesn't have a effect is also not compliant with the law, but better then nothing.
But one example how it should be done and is more then 100% GDPR compliant can be find at - https://forums.macrumors.com
When you press on "Show Purpose" you get a full selection where you can tick off everything normal cookie, tracking cookies, analytic ..
This is the Recital No 32 of GDPR - https://gdpr-info.eu/recitals/no-32/
Those 2 things are essential because out of the box XenForo2 is not GDPR compliant, not anymore at least, as specially in strict Germany&Austria.
Since XenForo wants money for debranding which i understand but it makes it easy for troll lawyer or hacker to find a sue able or exploitable target.
Upvote
2