Is this forum GDPR compliant or not?
I may want someday to leave from the forum, but I know that my messages and profile will be still there.
So I am asking, is there any function to delete them or will we have to contact personally Admin?
P.S
I don’t want to leave the forum, I am just asking because I didn’t want to continue this to the old topic.
(And if you are asking why did I need to have a P.S, it is because I wanted to avoid some messages of the type: “Why would you want to leave?”)
Right now, there is no way to delete a forum account from your end. InfinityFree in general is not GDPR compliant yet. An important blocker for that is that iFastNet has not yet published their data processor agreement. And since they process more data from you than InfinityFree does, their policy affects our policy as well.
As soon as iFastNet has communicated their new policies, I’ll make sure InfinityFree’s systems and policies line up with theirs and follow the GDPR.
@Friendifie-Inc said:
In which country are you located in @ChrisPAR?
Both iFastNet and InfinityFree are European organizations, so we are legally required to apply GDPR compliant policies to all
@Admin said:
Right now, there is no way to delete a forum account from your end. InfinityFree in general is not GDPR compliant yet. An important blocker for that is that iFastNet has not yet published their data processor agreement. And since they process more data from you than InfinityFree does, their policy affects our policy as well.As soon as iFastNet has communicated their new policies, I’ll make sure InfinityFree’s systems and policies line up with theirs and follow the GDPR.
@Friendifie-Inc said:
In which country are you located in @ChrisPAR?Both iFastNet and InfinityFree are European organizations, so we are legally required to apply GDPR compliant policies to all
That’s a very unsettling situation my friend @Admin. Just make sure you stay on top of that because it might cause some “problems”. I love InfinityFree, please don’t leave.
how much better and safer is the world since EU websites have to print that opulent message to accompany you to “cookies” ? (cookiebar)
Now, those GDPR messages go absurd, you see them more than the content you’ve come across on a web page
GDPR gives you the rights
but once you have to realize these rights it is possible that the story will be completely different
the right to forget - do you know the number of regulations that determine that some data is kept? Do you know the time limits for statutory limitations in criminal and other proceedings?
theory and good intentions are one thing, and practice is something completely different.
GDPR is complex, unclear, and difficult to enforceable and enforceable regulation
without clear interpretations and guideline…
@OxyDac said:
how much better and safer is the world since EU websites have to print that opulent message to accompany you to “cookies” ? (cookiebar)Now, those GDPR messages go absurd, you see them more than the content you’ve come across on a web page
GDPR gives you the rights
but once you have to realize these rights it is possible that the story will be completely differentthe right to forget - do you know the number of regulations that determine that some data is kept? Do you know the time limits for statutory limitations in criminal and other proceedings?
theory and good intentions are one thing, and practice is something completely different.GDPR is complex, unclear, and difficult to enforceable and enforceable regulation
without clear interpretations and guideline…
People optionally make them annoying pop-ups, it can be however you wish to display the cookie notices within your own design really. But, the main factor is so that people have a clean understanding that their data is being tracked, stored and used for “other purposes”. Which also means that we as people with “privacy” also have the upmost right to request a deletion of such data.
Like, if you clicked to visit a website from a Google search result thus the website completely raids your devices activities for all personal information (browsing history, cookies, IPs, Locations, etc.) then going on about other means of spying and invasions of the user’s privacy. That’s why they believe we deserve the right to request permanent deletion of any and all data that we feel is too invasive.
They may be confusing and annoying but the golden rules are always let them know when they’re being tracked or investigated and understand when they say “delete my data” if it’s not bound by a legal contract (Terms of Service, Policies, etc.) then it’s illegal data. Same factor with the COPPA Act, but there’s no exceptions for acceptance of illegal data of anyone under the age of thirteen (13) even with parental consent (but people been collecting kids data anyways - maybe the parental consent regulations have been updated).
Just like Super Markets, the customer is always right.
@Friendifie-Inc said:
In which country are you located in @ChrisPAR?
Greece, but as Admin said it doesn’t matter, because both iFastnet and InfinityFree are in Europe.
That also means that my own free hosting is not GDPR compliant, oh God, I don’t want to get sued…
@ChrisPAR said:
@Friendifie-Inc said:
In which country are you located in @ChrisPAR?Greece, but as Admin said it doesn’t matter, because both iFastnet and InfinityFree are in Europe.
That also means that my own free hosting is not GDPR compliant, oh God, I don’t want to get sued…
It doesnt necessarily mean youre not compliant. Depends on what kind of service you run like, I design my own websites and apps from a blank notepad so I design the entire system even the Encryption. If you can handle the data you retain and issue a contract (Terms of Service) as their acknowledgement then youll be okay.
For example, I own a Social Network and right now my server is based in Europe with InfinityFree too but that doesnt really bother me too much because my service was designed to be in the specifications of all legal regulations.
Once my Social Network is doing really good Im going to host my own dedicated servers in India away the United States Government and Laws but my service will abide by their laws too. My servers are going to be put in a Mansion in India surrounded by body guards and K9s.
Its not going to be in the United States so they dont have no rights to detain my equipment for any reason. All servers will be designed with unique Security algorithms so no one can get in them or out if theyve tampered with the service.
Which means Id still be GDPR Compliant because I can delete any, all data whenever the user wants without regulations and Im not going to withhold their data unless need be for legal obligations.
See, so it all depends on how you go about your business modal.
Ive designed my own Terms of Service, Policies, etc. Ive even ran these ideas through multiple Paralegals, Programmers, Company owners, Government employees and Lawyers they all tell me Im golden.
The 25th of May was the day GDPR became official, but it’s not exactly an all or nothing date. Most national privacy organizations are going to hunt the big fish first anyways. Facebook, Google and other data hoarders should brace themselves. Most small companies tend to skirt some laws anyways for pragmatic reasons or simply because they were not aware. As long as it’s clear you are acting in the best interest of the law, you should be OK.
Besides, the new rules privacy rules are not that revolutionary compared to what we had before, and nobody cared about them then either. The right to see and delete your data was in the previous Dutch privacy laws as well, but most organizations (including many parts of the government!) didn’t follow them.
Privacy watch dogs have their hands full for now. I don’t think anyone is likely to sue you yet.
And then there are certain parts of the law which are hard to apply. For example, do you need to get user consent to capture access logs on your server? They contain IP addresses, which is personal data. So do you need to get explicit opt-in for that? And don’t log requests until consent has been given? But a hacker isn’t going to consent to IP address collection when they plan to do a brute force attack, which would make it a lot harder to identify and stop such attacks.
All the permission screens are probably going to become Cookie Consent 2.0. Nobody understands them, nobody reads them and everyone just clicks “Opt-in & Continue” so they can continue to your website.
@Admin said:
The 25th of May was the day GDPR became official, but it’s not exactly an all or nothing date. Most national privacy organizations are going to hunt the big fish first anyways. Facebook, Google and other data hoarders should brace themselves. Most small companies tend to skirt some laws anyways for pragmatic reasons or simply because they were not aware. As long as it’s clear you are acting in the best interest of the law, you should be OK.Besides, the new rules privacy rules are not that revolutionary compared to what we had before, and nobody cared about them then either. The right to see and delete your data was in the previous Dutch privacy laws as well, but most organizations (including many parts of the government!) didn’t follow them.
Privacy watch dogs have their hands full for now. I don’t think anyone is likely to sue you yet.
And then there are certain parts of the law which are hard to apply. For example, do you need to get user consent to capture access logs on your server? They contain IP addresses, which is personal data. So do you need to get explicit opt-in for that? And don’t log requests until consent has been given? But a hacker isn’t going to consent to IP address collection when they plan to do a brute force attack, which would make it a lot harder to identify and stop such attacks.
All the permission screens are probably going to become Cookie Consent 2.0. Nobody understands them, nobody reads them and everyone just clicks “Opt-in & Continue” so they can continue to your website.
Agreed whatever is terms after reading/without reading we just click Ok let me in!
Agreed, I’d hate to admit it but in today’s world people aren’t worried about Terms of Services, Policies or anything until after they’ve accepted it just to see your site then once they’re in too deep they panic not understanding how to escape the contract(s).
@Friendifie-Inc said:
Agreed, I’d hate to admit it but in today’s world people aren’t worried about Terms of Services, Policies or anything until after they’ve accepted it just to see your site then once they’re in too deep they panic not understanding how to escape the contract(s).
Absolutely agreed!
I honestly do this sometimes, but when I’m bored I will actually read the terms of I have time.
@UnknownLolz said:
Absolutely agreed!
I honestly do this sometimes, but when I’m bored I will actually read the terms of I have time.
I strongly encourage you start reading them all. I always read the Terms and Policies before I use sites anymore because then I understand what kind of situation I’m getting myself into. This lesson has been shown with increasing results of how ignorant users can be to their legally binding contracts such as: people offering up their first born child.
I’ve also learned through Social Media sites in my own experiences (including dating apps); that we allow them to legally investigate every fiber of our personal lives. Such as Plenty of Fish is/was allowed to have P.I.s go around investigating you, your friends, family, their friends, their family, your trash, online activity, background screenings, criminal activity logging, social media “reputations”, etc.
Basically when signing up you’re telling them: I’ll use your service(s) only if you have the FBI investigate my entire life activity on a daily basis.
Once I’ve understood these basic Terms of Services and Policies abuse practices I removed myself from all “legal” contracts (all online services/Social Media) and further increased my public image of my Social Media Platform I’ve been designing for 12 years.
Users need honest, true, loyal and respectable Privacy within oneself… Not trust in a criminal platforms designed by crooks, Mr. Zuckerberg.
@Friendifie-Inc said:
Agreed, I’d hate to admit it but in today’s world people aren’t worried about Terms of Services, Policies or anything until after they’ve accepted it just to see your site then once they’re in too deep they panic not understanding how to escape the contract(s).
GDPR is different, although someone may accept without reading, they always have the right to ask for their complete data wipe and deletion from a company servers.
@ChrisPAR said:
GDPR is different, although someone may accept without reading, they always have the right to ask for their complete data wipe and deletion from a company servers.
Agreed.
@Friendifie-Inc said:
Agreed, I’d hate to admit it but in today’s world people aren’t worried about Terms of Services, Policies or anything until after they’ve accepted it just to see your site then once they’re in too deep they panic not understanding how to escape the contract(s).
And even if people are worried, only lawyers who get paid by the hour will bother reading these tough legal documents. Very few companies actually provide a simplified TL;DR version of their terms.
Still, the GDPR specifically requires “free, unambiguous and informed consent”. So complicated legal documents which you MUST accept to access a website don’t exactly comply with that.
@Admin said:
And even if people are worried, only lawyers who get paid by the hour will bother reading these tough legal documents. Very few companies actually provide a simplified TL;DR version of their terms.
Still, the GDPR specifically requires “free, unambiguous and informed consent”. So complicated legal documents which you MUST accept to access a website don’t exactly comply with that.
Exactly, nicely said.