Version: 1.0.0, by DragonByte Tech
Developer Last Online: Mar 2023
Category: Mini Mods -
Version: 4.x.x
Rating:
Released: 06-12-2018
Last Update: Never
Installs: 36
DB Changes Uses Plugins
Additional Files Translations
No support by the author.
GDPR Compliance is a mod designed to aid you in becoming compliant with GDPR, with features such as logged consent for privacy policy / terms of service and downloading user data.
Uses
GDPR Compliance is a mod designed to aid you in becoming compliant with GDPR, by allowing admins to force agreement to the Privacy Policy / Terms of Service and recording this consent. Furthermore, admins can download user data in machine readable format via the AdminCP.
Documentation
N/A
Extended Product Information
Force Privacy Policy acceptance: Admins can force all users to accept the privacy policy, and users will see a date stamp of when it was last updated.
Force Terms of Service acceptance: Admins can force all users to accept the Terms of Service, and users will see a date stamp of when it was last updated.
Logged consent: A machine readable database table logs the time stamp of the last time a user ID consented to the privacy policy and/or terms of service.
User data download: Administrators with the "Can Administer Users" permission can download user data via a new page in the AdminCP.
Copyright Information
This mod does not display any copyright information.
I don't promote this particular add-on but my feeling is that implementing something similar to GDPR is to be recommended for all forums, whether or not you have members from the EU. If it does nothing else, it delivers a clear message to your members that you take their privacy seriously and that you have taken all available measures to secure that information. Additionally, it tells them what they need to do to remove their information and accounts if that is their wish.
It's only a matter of time before this sort of thing is legislated in non-EU countries in the west as well. Think oif GDPR as a wake-up call for forum owners. It's already woken up consumers (your members) to their rights and to the issue of how you are safeguarding their data.
And by the way that includes converting your site to HTTPS (SSL), if you haven't already done so. Asking your members to enter passwords on nonencrypted connections is basically saying, "Yeah. We don't really care if your password is intercepted or stolen".
Haven't tested it because prima facie it fails the litmus test of allowing a "data subject" to request their data be forgotten without first agreeing to terms with which they may not agree. If they have to agree to terms or policies to even access the contact link it violates the spirit of the GDPR, if not the letter of the GDPR.
Quote:
Originally Posted by In Omnibus
The correct answer is:
If you sell, market, or conduct research in the EU / EEU then you must have GDPR compliance.
Otherwise, it's not required.
In view of these comments I deem I don't technically need this. For user peace of mind I'd still like to offer this but as the current state of the mod is insufficient for the quoted reason I'll hold off for now and keep an eye out for an update that fixes said situation.
[DBTech] GDPR Compliance Details »»
About Developer
Visit Web Site
DB Changes 
No support by the author.
08-02-2018, 08:06 AM
