Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GDPR Compliance #345

Open
5 tasks
raamdev opened this issue Mar 27, 2018 · 7 comments
Open
5 tasks

GDPR Compliance #345

raamdev opened this issue Mar 27, 2018 · 7 comments
Labels
compatibility
Milestone
Next Release

Comments

@raamdev
Copy link
Contributor

raamdev commented Mar 27, 2018
edited
Loading

There are a few things that need to be done to make Comment Mail GDPR-compliant. This GitHub issue exists to track the requirements and any associated discussion.

Here's a quick summary of items that likely affect Comment Mail:

Three elements of this: Right to Access, Right to Be Forgotten and Data Portability.

  • The right to access provides users with complete transparency in data processing and storage – what data points are being collected, where are these data points being processed and stored, and the reason behind the collection, processing and storage of the data. Users will also have to be provided a copy of their data free of cost within 40 days.
  • The right to be forgotten gives users an option to erase personal data, and stop further collection and processing of the data. This process involves the user withdrawing consent for their personal data to be used.
  • The data portability clause of the GDPR provides users a right to download their personal data, for which they have previously given consent, and further transmit that data to a different controller.
  • An option that allows a site owner to enable GDPR-compliant settings in the plugin
  • GDPR Enabled: All subscriptions should be opt-in only and it should not be possible to opt visitors into subscriptions by default (visitors should be required to click a checkbox to indicate they want to opt-in to the subscription when GDPR is enabled).
  • GDPR Enabled: Comment Mail-related emails should have a link that allows subscribers to erase all data related to their email address.
  • GDPR Enabled: Comment Mail-related emails should have a link that allows subscribers to view/download all subscription data related to their email address.
  • GDPR Enabled: Checkbox on comment form that asks commenters to agree to a privacy policy (see this comment)
@mundschenk-at
Copy link

There should be admin involvement in total deletions (or at least there has to be a log of the deletion) so that you can prove a user had previously opted in before deleting all their data. Otherewise you'd have a problem that you didn't send unsolicited mails to those users.

@mundschenk-at
Copy link

@raamdev Any news on this?

@wyse92
Copy link

wyse92 commented May 24, 2018

Well, no news about update, GDPR is starting tomorrow, and less one day for testing, this is a problem...

@raamdev raamdev added this to the Next Release milestone Jun 3, 2018
@mundschenk-at
Copy link

@clavaque Will you be working on Comment Mail (Pro) again or is this plugin officially dead?

@mundschenk-at
Copy link

@raamdev @clavaque Is anyone still working on this project?

@raamdev
Copy link
Contributor Author

raamdev commented Jun 24, 2020

@mundschenk-at I'm no longer working on this project, but @clavaque has taken it over so I'll leave it up to him to share his plans for it / current status.

@mundschenk-at
Copy link

@mundschenk-at I'm no longer working on this project, but @clavaque has taken it over so I'll leave it up to him to share his plans for it / current status.

Unfortunately @clavaque does not seem to care and does not answer support emails either.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
compatibility
Projects
None yet
Milestone
Next Release
Development

No branches or pull requests
3 participants
@raamdev @mundschenk-at @wyse92