Growstuff
are we GDPR compilant?
I don't do much international work, so I don't know - should we be adding those annoying messages about do you really want a cookie... ?
Issue-Label Bot is automatically applying the label question to this issue, with a confidence of 0.94. Please mark this comment with :thumbsup: or :thumbsdown: to give our bot feedback!
Links: app homepage, dashboard and code for this bot.
![issue-label-bot[bot] avatar](https://avatars.githubusercontent.com/in/27079?v=4 "Published by a pub.dev verified publisher"){kind=small}
I'm going through the advice here https://www.lawsociety.org.nz/practice-resources/practice-areas/privacy/gdpr-compliance-in-four-steps
I think we need to look into what web analytics info ends up in new relic and scout, and recieve consent from the user
Yeah, we should also work out what personal data we store and make sure that someone can request it all, as well as deleting it when they delete their account.
On Wed, 3 Jul 2019, 20:34 Brenda Wallace, [email protected] wrote:
I'm going through the advice here
https://www.lawsociety.org.nz/practice-resources/practice-areas/privacy/gdpr-compliance-in-four-steps
I think we need to look into what web analytics info ends up in new relic and scout, and recieve consent from the user
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/Growstuff/growstuff/issues/2023?email_source=notifications&email_token=AAELM5ZGJYHJ5LPUPSAAWDDP5T5NTA5CNFSM4H5B4JC2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODZFPCZQ#issuecomment-508227942, or mute the thread https://github.com/notifications/unsubscribe-auth/AAELM5ZECLN3CWJVEQWEMTDP5T5NTANCNFSM4H5B4JCQ .
right now we only mark a user as deleted . We keep their data, which they released as Creative Commons when they recorded it.
So, GDPR would trump copyright law, when they released their data?
We'll need clarity on how much of their data we must delete, given they published it publicly under an open license. We can make that clearer to a user that they are licensing their data under cc.
There is a gem for data export. https://rubygems.org/gems/rails-gdpr-export
And about three good candidates for the cookie/tracking acceptance
Stuff they released under CC is fine, it's just the rest of anything personal.
On Thu, 4 Jul 2019, 00:54 Brenda Wallace, [email protected] wrote:
We'll need clarity on how much of their data we must delete, given they published it publicly under an open license. We can make that clearer to a user that they are licensing their data under cc.
There is a gem for data export. https://rubygems.org/gems/rails-gdpr-export
And about three good candidates for the cookie/tracking acceptance
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/Growstuff/growstuff/issues/2023?email_source=notifications&email_token=AAELM534DXDE57FXTBBN3M3P5U34HA5CNFSM4H5B4JC2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODZF6Q4A#issuecomment-508291184, or mute the thread https://github.com/notifications/unsubscribe-auth/AAELM52IXJCF7FM5F3ZT7C3P5U34HANCNFSM4H5B4JCQ .
Probably want to adjust the footer links; all lead to dead ends: https://www.growstuff.org/about/contact for example.
