Jump to content

GDPR


Recommended Posts

I have an RP hosting account here and I was wondering what disclaimers I should write concerning privacy.  If someone registers an account on my board that's hosted on the Initiative, what's the default treatment of their cookies, personal data, etc? I don't collect anyone's data (besides personally asking your Discord if you agree) so I have no idea how such things work concretely and what I should worry about.

UNMASQUED

Vampires are real. Now the world knows about them.

Link to comment
Share on other sites

Alright, so, basically GDPR breaks down into a level of transparency, as far as what data is collected, what for, how it's used, if it's sold to where, and certain things need to be able to be opted out of. Further, a user needs to be able to be "forgotten," essentially having all identifying information removed (this can be characters, apps, posts, profile information, it's kind of vague but I'd just wipe everything).

 

Essentially, just be upfront about things like cookies: that's been required in the EU for a while, but just mention cookies are stored in browser to keep a user logged in, and if cookies are used to keep categories collapsed, they may very well be. Secondly, there's information in the database that is collected, in order to remember a user's preferences, settings, and which threads/posts they've read, you may want to mention that. IP addresses is a thing of concern, they are not identifying and can be spoofed, but just mentioning that they are logged on the board may be a good call. Enact some sort of process for users to remove their content from your site, and then be clear about how it works, walk them through it, or, if possible, give them the option to remove their account(s) themselves. If you use Google Analytics, or any kind of advertisement system that may track users' browsing habits (re: targetted advertising), that'd be a thing to mention, too. Google Analytics DOES honour do not track signals, I'd mention that if it's relevant. Stating your users' information is never sold to a third party, nor used for anything but the site's function, may be a good idea, as well. Mention PM policies (not going through them, for instance, but that their contents may be exposed to non-PM'd users if reported, I don't know if MyBB has a PM report function, but maybe).

 

It's kind of messy, and loosey-goosey what it really means, but it basically boils down to: what do you track, what do you collect and log, and what for. Be upfront about it. Give the users opt-out options for things like email newsletters, and make sure it is opted out of by default, if possible. Also give them the ability to completely scrub their existence from your site, full stop. You should be okay.

  • Agree 1

nusignature.png nusignature.png

I am the darkness, always watching, always listening, ALWAYS THERE.
(If you're interested in Plain of Ice, message me, it's private. Bleach site, non-canon.)

Link to comment
Share on other sites

Ok, I don't intentionally "use" anything, so I'd need a help figuring out what are the data that MyBB collects by default.

 

As for deleting one's content, I believe one could ask me to do it when they leave, but cannot do it themselves? 

 

As for the way I must provide such info, is it enough if I have it, say, in the rules, or must there be a splash page that one must approve to subscribe? I know there's an initial message on MyBB, but I'm not sure how much I can tweak it.

 

UNMASQUED

Vampires are real. Now the world knows about them.

Link to comment
Share on other sites

  • Admin

Hey @featherstone as @Arceus has said GDPR is a little vague still on some stuff however we're here to help. I'm actually currently working with the staff of the Intitiave to come up with the most appropriate plan of action for anyone hosted on the Initiative. This includes a basic privacy policy notice that will be able to be uploaded and viewed by members as well as we are finding a Cookie notice that you can install to allow users to know what cookies are set and why (we think we already found one for MyBB).

 

Deleting content and what is included is still under "debate" however if you can delete user accounts/posts then you are safe in that department. We plan to have a guide for GDPR for the primary softwares used on the Initiative here in the coming 1-2 weeks. As soon as we have them posted we will be announcing them to keep you, your members and the Initiative GDPR compliant.

  • Agree 1

0_mainsignature.jpg

image.png

Profile set made by myself and original Artwork by Fae Merriman, my daughter.

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use, Guidelines and Privacy Policy. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.