featherstone 69 Share Posted June 2, 2018 I have an RP hosting account here and I was wondering what disclaimers I should write concerning privacy. If someone registers an account on my board that's hosted on the Initiative, what's the default treatment of their cookies, personal data, etc? I don't collect anyone's data (besides personally asking your Discord if you agree) so I have no idea how such things work concretely and what I should worry about. UNMASQUED Vampires are real. Now the world knows about them. Link to comment Share on other sites More sharing options...
Arceus 1,081 Share Posted June 2, 2018 Alright, so, basically GDPR breaks down into a level of transparency, as far as what data is collected, what for, how it's used, if it's sold to where, and certain things need to be able to be opted out of. Further, a user needs to be able to be "forgotten," essentially having all identifying information removed (this can be characters, apps, posts, profile information, it's kind of vague but I'd just wipe everything). Essentially, just be upfront about things like cookies: that's been required in the EU for a while, but just mention cookies are stored in browser to keep a user logged in, and if cookies are used to keep categories collapsed, they may very well be. Secondly, there's information in the database that is collected, in order to remember a user's preferences, settings, and which threads/posts they've read, you may want to mention that. IP addresses is a thing of concern, they are not identifying and can be spoofed, but just mentioning that they are logged on the board may be a good call. Enact some sort of process for users to remove their content from your site, and then be clear about how it works, walk them through it, or, if possible, give them the option to remove their account(s) themselves. If you use Google Analytics, or any kind of advertisement system that may track users' browsing habits (re: targetted advertising), that'd be a thing to mention, too. Google Analytics DOES honour do not track signals, I'd mention that if it's relevant. Stating your users' information is never sold to a third party, nor used for anything but the site's function, may be a good idea, as well. Mention PM policies (not going through them, for instance, but that their contents may be exposed to non-PM'd users if reported, I don't know if MyBB has a PM report function, but maybe). It's kind of messy, and loosey-goosey what it really means, but it basically boils down to: what do you track, what do you collect and log, and what for. Be upfront about it. Give the users opt-out options for things like email newsletters, and make sure it is opted out of by default, if possible. Also give them the ability to completely scrub their existence from your site, full stop. You should be okay. 1 I am the darkness, always watching, always listening, ALWAYS THERE. (If you're interested in Plain of Ice, message me, it's private. Bleach site, non-canon.) Link to comment Share on other sites More sharing options...
featherstone 69 Author Share Posted June 2, 2018 Ok, I don't intentionally "use" anything, so I'd need a help figuring out what are the data that MyBB collects by default. As for deleting one's content, I believe one could ask me to do it when they leave, but cannot do it themselves? As for the way I must provide such info, is it enough if I have it, say, in the rules, or must there be a splash page that one must approve to subscribe? I know there's an initial message on MyBB, but I'm not sure how much I can tweak it. UNMASQUED Vampires are real. Now the world knows about them. Link to comment Share on other sites More sharing options...
Admin Morrigan 1,825 Admin Share Posted June 3, 2018 Hey @featherstone as @Arceus has said GDPR is a little vague still on some stuff however we're here to help. I'm actually currently working with the staff of the Intitiave to come up with the most appropriate plan of action for anyone hosted on the Initiative. This includes a basic privacy policy notice that will be able to be uploaded and viewed by members as well as we are finding a Cookie notice that you can install to allow users to know what cookies are set and why (we think we already found one for MyBB). Deleting content and what is included is still under "debate" however if you can delete user accounts/posts then you are safe in that department. We plan to have a guide for GDPR for the primary softwares used on the Initiative here in the coming 1-2 weeks. As soon as we have them posted we will be announcing them to keep you, your members and the Initiative GDPR compliant. 1 Profile set made by myself and original Artwork by Fae Merriman, my daughter. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now