Advertisement:

Author Topic: GDPR Compliance and Osclass script  (Read 14054 times)

marius-ciclistu

  • issues
  • Hero Member
  • *
  • Posts: 1619
  • "BE GRATEFUL TO THOSE THAT SUPPORTED YOU"
Re: GDPR Compliance and Osclass script
« Reply #165 on: May 08, 2018, 12:43:46 am »
Aficionado, your questions are legit.
(I did not test if deleting the account deletes all the user's ads, but I gues it does).
Now if the account is deleted and the ads remain in the webpage, they remain also with contact posibility (email and maybe phone nr). If you anonymise the email and phone, how can a buyer contact the seller?

This rises another issue of dealing with the users that posted ads without an account....

Aficionado

  • Guest
Re: GDPR Compliance and Osclass script
« Reply #166 on: May 08, 2018, 12:54:39 am »


I have a plugin that give you a start in this, but that plugin need to be implement on your site. If you have no basic knowledge about php how you will implement?  And i am refering on all users not to you in particular.

To make yous site GDPR compliance, you have to make some changes and new options for your users, to export the stored data. If you do not know how, the only option is to hire a developer.

Yes i have seen the plugin AND THANK YOU !!!!

Always greatful to people that contribute.

We could hire someone of cource, still not the issue here. If a script can't follow GDPR (again GDPR is not a feature but it is the LAW) then it is dead and burried. Today it is GDPR, tomorrow something else.


patrickFromCroatia

  • Hero Member
  • *****
  • Posts: 771
Re: GDPR Compliance and Osclass script
« Reply #167 on: May 08, 2018, 12:57:23 am »


I have a plugin that give you a start in this, but that plugin need to be implement on your site. If you have no basic knowledge about php how you will implement?  And i am refering on all users not to you in particular.

To make yous site GDPR compliance, you have to make some changes and new options for your users, to export the stored data. If you do not know how, the only option is to hire a developer.

Yes i have seen the plugin AND THANK YOU !!!!

Always greatful to people that contribute.

We could hire someone of cource, still not the issue here. If a script can't follow GDPR (again GDPR is not a feature but it is the LAW) then it is dead and burried. Today it is GDPR, tomorrow something else.

Could you give me a link to that plugin? Thanks.

Regards.

Aficionado

  • Guest
Re: GDPR Compliance and Osclass script
« Reply #168 on: May 08, 2018, 01:01:05 am »
Aficionado, your questions are legit.
(I did not test if deleting the account deletes all the user's ads, but I gues it does).
Now if the account is deleted and the ads remain in the webpage, they remain also with contact posibility (email and maybe phone nr). If you anonymise the email and phone, how can a buyer contact the seller?

This rises another issue of dealing with the users that posted ads without an account....

Also keep in mind (you and me and all) that GDPR applies to INDIVIDUALS Personal Data and not to any kind o business accounts.


marius-ciclistu

  • issues
  • Hero Member
  • *
  • Posts: 1619
  • "BE GRATEFUL TO THOSE THAT SUPPORTED YOU"
Re: GDPR Compliance and Osclass script
« Reply #169 on: May 08, 2018, 01:04:57 am »
Aficionado, your questions are legit.
(I did not test if deleting the account deletes all the user's ads, but I gues it does).
Now if the account is deleted and the ads remain in the webpage, they remain also with contact posibility (email and maybe phone nr). If you anonymise the email and phone, how can a buyer contact the seller?

This rises another issue of dealing with the users that posted ads without an account....

Also keep in mind (you and me and all) that GDPR applies to INDIVIDUALS Personal Data and not to any kind o business accounts.

Before we start talking about code solutions, the algorithm must be clear... This anonymisation is not so clear in this classifields area if the ads remain on site without the main purpose of a classifield website.

fog

  • Hero Member
  • *****
  • Posts: 1062
Re: GDPR Compliance and Osclass script
« Reply #170 on: May 08, 2018, 07:55:49 pm »
I understood (by information from my country), any website need be very expicit with privacy policy. How the website intend to do with that data information of users, and that need be very, but very explicit, and very, very simple (short as possible with good visibility), to users understand. Indeed, the admin of website, need to inform all users if something happened with that data information, and if admin not did that in some period of time will be punished with heavy fines. And the priority is really inform the entities regulators of the same problem as soon as possible, or can be a much more huge problem.

Why exists other rules beyond these? On my country I don't see any other revelant new rules.

If admin need export user information data to other companies, or other situation, before any registrations of users, need contain that information to users agree. Of course, you as admin cannot use that information data, if before your users are already registered without that previous information on register form. On my opinion, old users need edit your user profile and agree with new rules, or they cannot post ads. A simple function can do that, to redirect to profile settings page and display a flash message, Just a example. User will decide, and he have a button to remove own account too, it make part of the rules.

For non register users, to publish new ads he need agree with a checkbox, and just that.

A simple plugin can do that using hooks, is not need change any theme.

Edit:

Another priority things:

On user profile need existing options to user choose, if will be public or not on public profile, like: real names, real location, fiscal number, and others to reveal a entity of a real person.

The rules want protect user information data, and what admin and companies intent to do with that content, the need be explicit in public. The responsability is totally of companies to keep safe the content data of users.

Regards
« Last Edit: May 08, 2018, 08:13:09 pm by fog »

cartagena68

  • issues
  • Hero Member
  • *
  • Posts: 1190
Re: GDPR Compliance and Osclass script
« Reply #171 on: May 08, 2018, 08:18:32 pm »
Is not just the consent, you must give tools to users to access the data, to download the data etc...
https://www.eugdpr.org/the-regulation.html

marius-ciclistu

  • issues
  • Hero Member
  • *
  • Posts: 1619
  • "BE GRATEFUL TO THOSE THAT SUPPORTED YOU"
Re: GDPR Compliance and Osclass script
« Reply #172 on: May 08, 2018, 08:26:05 pm »
I propose that who has a solution for at least a point in the gdpr and wants to share it, should do it here. To much talk and no solutions....

For example lets resolve the anonymisation of data. Is it usefull for osclass or not. If yes how to solve it. If not, is the deletion of account enough?

Aficionado

  • Guest
Re: GDPR Compliance and Osclass script
« Reply #173 on: May 08, 2018, 08:38:13 pm »

For example lets resolve the anonymisation of data. Is it usefull for osclass or not. If yes how to solve it. If not, is the deletion of account enough?

Of cource deleting the account is enough. Ads are also gone.

As for the rest:

https://gdpr.report/news/2017/11/07/data-masking-anonymisation-pseudonymisation/
« Last Edit: May 08, 2018, 08:41:32 pm by Aficionado »

Aficionado

  • Guest
Re: GDPR Compliance and Osclass script
« Reply #174 on: May 08, 2018, 08:40:40 pm »
I propose that who has a solution for at least a point in the gdpr and wants to share it, should do it here. To much talk and no solutions....


But solutions require to be a programmer. So the rest of us can only talk.


fog

  • Hero Member
  • *****
  • Posts: 1062
Re: GDPR Compliance and Osclass script
« Reply #175 on: May 08, 2018, 08:45:22 pm »
Why a user need download from your own data information? He can see what he did on registration account, and on your profile settings, inclusive delete your own account.

Right to access:

He have access to your own info. He can copy all information in an electronic format. He can: erase, edit, Copy/paste and save is not enought to him? He have a computer, so the minimal he can do is save the file on notpad.

To right to be forgotten:

Another option in profile settings to user choose. Admin need be alerted when the options was edited by user.

I don't see anything special to do on user side to follow the rules, just simple things to do. Just my opinion.

A simple free plugin can do that, by hooks, no need change current theme.

So in your opinion what missing? Because I see a lot of information here, but I don't see anything like a list job to do a plugin.

Regards

marius-ciclistu

  • issues
  • Hero Member
  • *
  • Posts: 1619
  • "BE GRATEFUL TO THOSE THAT SUPPORTED YOU"
Re: GDPR Compliance and Osclass script
« Reply #176 on: May 08, 2018, 08:49:19 pm »
I propose that who has a solution for at least a point in the gdpr and wants to share it, should do it here. To much talk and no solutions....


But solutions require to be a programmer. So the rest of us can only talk.

You are right. I came with some solutions. Others can do the same.

calinbehtuk

  • Sr. Member
  • ****
  • Posts: 445
Re: GDPR Compliance and Osclass script
« Reply #177 on: May 08, 2018, 08:52:58 pm »
A simple free plugin can do that, by hooks, no need change current theme.
Regards
Here i agree with you. You can do this with some hooks, but this it not impossible to do. And in my opinion this is not so big deal only some transparency about the data you collect about your users.

The issue remain with the option to export the data stored. You have to provide this on your users. And here is the issue. All the ads and images and the stored data which is related with the user.
« Last Edit: May 08, 2018, 08:55:01 pm by calinbehtuk »

marius-ciclistu

  • issues
  • Hero Member
  • *
  • Posts: 1619
  • "BE GRATEFUL TO THOSE THAT SUPPORTED YOU"
Re: GDPR Compliance and Osclass script
« Reply #178 on: May 08, 2018, 08:53:07 pm »
Why a user need download from your own data information? He can see what he did on registration account, and on your profile settings, inclusive delete your own account.

Right to access:

He have access to your own info. He can copy all information in an electronic format. He can: erase, edit, Copy/paste and save is not enought to him? He have a computer, so the minimal he can do is save the file on notpad.

To right to be forgotten:

Another option in profile settings to user choose. Admin need be alerted when the options was edited by user.

I don't see anything special to do on user side to follow the rules, just simple things to do. Just my opinion.

A simple free plugin can do that, by hooks, no need change current theme.

So in your opinion what missing? Because I see a lot of information here, but I don't see anything like a list job to do a plugin.

Regards
Read the topic from the begining. You will find some replies from me with basic solutions, except the data stored by plugins.


Regarding forgoting the user, I gues deletion of it's account resolves that, among anonymisation. What do you think?

marius-ciclistu

  • issues
  • Hero Member
  • *
  • Posts: 1619
  • "BE GRATEFUL TO THOSE THAT SUPPORTED YOU"
Re: GDPR Compliance and Osclass script
« Reply #179 on: May 08, 2018, 08:56:48 pm »
A simple free plugin can do that, by hooks, no need change current theme.
Regards
Here i agree with you. You can do this with some hooks, but this it not impossible to do. And in my opinion this is not so big dal only some transparency about the data you collect about your users.

The issue remain with the option to export the data stored. You have to provide this on your users. And here is the issue. All the ads and images and the stored data which is related with the user.

Calin, can the export of pictures and item info be considered to be 'done' if you put a button on item's page with save html page?   What do you think.


Edit:
Or make a new page on wich you dump all items with their infos and pictures, and then use the save html page button.
« Last Edit: May 08, 2018, 09:05:05 pm by marius-ciclistu »