GDPR deadline is approaching

Category: Post-Sales Support one year ago

Hello,

I have been waiting for any annoncement in the blog news, forum or other communication means but you did not provide any information about your work updating your extensions to be GDPR complient.

Can you please inform us where do you stand?

Thank you

Like it on Facebook, Tweet it or share this topic on other bookmarking websites.
  • Re: GDPR deadline is approaching

    by » one year ago


    There is very minimal personally identifiable data captured by corejoomla components. For example, most of the components capture no data except IP address of the user. The only exception is CjForum & CjBlog which has profile information captured.

    Much of the compliance will be done via com_privacy component which will be part of Joomla 3.9.

    https://www.joomla.org/announcements/release-news/5731-joomla-3-9-and-joomla-3-10.html

    CjForum and CjBlog will be made compliant through this plugin.


    Follow me on twitter: https://twitter.com/corejoomla
    If you use our extensions, please post a rating and a review at the Joomla! Extensions Directory.
    CjFitCjForum | Polls | Answers | Quizzes | Quotes | Surveys | GPS Tools | CjBlog


  • Re: GDPR deadline is approaching

    by » one year ago


    It is not only about personal identification (user profile).

    If you believe only CjForum and CjBlog are concerned you are totally wrong !

    Community Quizz/Answer/Polls/Surveys/ ...  are also concerned.

    All inputs and activity need logs (created, deleted, answered, replied, shared, ... )

    User should be able to download all his corejoomla components activities in a easilly readable format, etc.

    Stackideas have made EasyBlog complient and their other components should be complient by the due date.

    Their customers will not have to put their site offline.

    For now corejoomla customers will have to put our site offline or block any access to corejoomla components until there is complience - but untill when ? It is said Joomla will not be ready for the due date of GDPR.

    We have to wait for the joomla development team to release the said com_privacy then wait for another period for third party developpers to integrated their own ... then the debug period... by the time some might possibly loose the majority of users or go out of business in some cases.

    GDPR is a "big" thing that many underestimated.

     

    Edit:

    PS: This is means corejoomla.com will not be GDPR complient for the due date...?


  • Re: GDPR deadline is approaching

    by » one year ago


    Not exactly the case. 

    Today, I released a new version of CjForum which allows 

    - Users to download their data in a single xml format including all their activity, topics and replies
    - Allows to delete entire data of users including topics, replies, activity, likes, dislikes, thankyou, subscriptions and tracking data
    - Takes consent before submitting profile form.

    I hope this is more or less what is required to be GDPR compliant. Other components can follow the same path although not so extensive data available with them.


    Follow me on twitter: https://twitter.com/corejoomla
    If you use our extensions, please post a rating and a review at the Joomla! Extensions Directory.
    CjFitCjForum | Polls | Answers | Quizzes | Quotes | Surveys | GPS Tools | CjBlog


  • Re: GDPR deadline is approaching

    by » one year ago


    The deadline is now over...

    I tested the .xml this is not what we can call an easily readable/portable format, what program should we use to open the file?

    <about />
            <handle>Reivilo</handle>
            <auth_provider_name />
            <auth_provider_uid />
            <avatar />
            <banner />
            <signature />
            <hits>7</hits>
            <gender>0</gender>
            <location />
            <rank>1</rank>
            <points>20</points>
            <topics>8</topics>
            <replies>8</replies>
            <fans>0</fans>
            <thankyou>0</thankyou>
            <birthday>0001-01-01</birthday>
            <last_post_time>2018-05-19 09:41:45</last_post_time>
            <banned>0000-00-00 00:00:00</banned>
            <checked_out_time>0000-00-00 00:00:00</checked_out_time>
            <current_access_date>2018-05-24 22:07:16</current_access_date>
            <last_access_date>2018-05-24 22:07:12</last_access_date>
            <checked_out>0</checked_out>
            <twitter />
            <facebook />
            <gplus />
            <linkedin />
            <flickr />
            <bebo />
            <skype />
            <metakey />
            <metadesc />
            <metadata />
            <attribs />
        </profile>

    That is not really what the RGPD is "asking"...

    Where are the media?

    The conversations are not rendered but only our own input is listed.

     Revealing component urls is not what we are expecting whe we do our best to have all SEF urls...

    e.g.: /a&gt; replied to the topic &lt;a href=&quot;index.php?option=com_cjforum&amp;view=topic&amp;id=15313:annoying-link-on-discover&amp;catid=106:post-sales-support&amp;Itemid=1464&quot;&gt;Annoying Link on &quot;Discover&quot;&lt;/a&gt;.</title>

    Have a look here maverick this is the output on the user computer screen (it opens with a browser): https://stackideas.com/blog/easysocial-2-2-1-released

    Photo GDPR

    Feeds GDPR

     

    Nothing comparable to your actual attempt.

    I hope you can come to something close with all corejoomla components ... starting with community Quizzes,  Polls and Surveys

    You've done a very good job untill now, please don't stop here !

    We all need each other moving in the right direction... or some users or developers will be lost along the way.


  • Re: GDPR deadline is approaching

    by » one year ago


    I am checking out them and will be releasing updates by today.

    Question: where did you find the nonsef url? The download will not attempt to create any urls. I guess it must be in some of your activity. If yes, we should correct that activity stream first.

    btw.. XML is the standard format provided by many websites and is one of the valid format for GDPR. I am not sure where in the guidelines it is mentioned that it must be human readable. As far as I can see it should be machine readable and can be exported to other systems. XML can do that.


    Follow me on twitter: https://twitter.com/corejoomla
    If you use our extensions, please post a rating and a review at the Joomla! Extensions Directory.
    CjFitCjForum | Polls | Answers | Quizzes | Quotes | Surveys | GPS Tools | CjBlog


  • Re: GDPR deadline is approaching

    by » one year ago


    Please see the related article: https://gdpr-info.eu/art-20-gdpr/

    The data should be machine-readable.

    I am adding support for exporting media. I will add similar screens for other components as well.


    Follow me on twitter: https://twitter.com/corejoomla
    If you use our extensions, please post a rating and a review at the Joomla! Extensions Directory.
    CjFitCjForum | Polls | Answers | Quizzes | Quotes | Surveys | GPS Tools | CjBlog


  • Re: GDPR deadline is approaching

    by » one year ago


    Question: where did you find the nonsef url?

    There are many non-sef urls in the downloaded xml file.

     

    Absolutely, .xml is commonly used format, one of the point is also the reuse of the data.

    The following is a translation form a french publication:

    The data must be provided in a format with a high level of abstraction. In addition, the metadata must be as accurate as possible. The transmission of data relating to e-mails for example, must be done in a format preserving all the metadata and allowing an effective reuse of the data. Thus, when the controller chooses the transmission format, it must take into account the impact that this format may have on the right of the concerned person to reuse the data, or the fact that this format may hinder the exercise of this right.

    All this is very complex, not just about the portability but in its whole.

    "it must take into account the impact that this format may have on the right of the concerned person to reuse the data, or the fact that this format may hinder the exercise of this right"

    This sentence is very vague and corresponds quite to a desire for the widest possible legal interpretation. If the concerned user can not "reuse" (what does reuse mean? exploit the data between programs, display all data in a human visually readable format, ...?)

    For example on my computer the downloaded xml file from corejoomla.com was automatically opened with TextWrangler. This format is unreadable for humans (yes it is for coders and some fewx others persons) therefore the concerned person looses his right to reuse the data on his computer... When you open the file in Excel all the html codes are still visible and makes it very hard to read.

    Again, yes all this is very complicated and can be very frustrating.

     

    Actually Facebook is giving the user some options for the download:

    1.  Period:

    a) All my data

    b) from DATE to DATE

     

    2. -  Format:

    a) HTML

    b) JSON

     

    3. -  Media quality:

    a) High

    b) Medium

    c) Low

     

    ALL corejoomla extensions are concerned: What personal data and information can an individual access on request?

    This apply to all your extensions maverick because even if no media are share therer are communications/messages...

     

     

    What personal data and information can an individual access on request?

    Answer

    When someone requests access to their personal data, your company/organisation must:

    • confirm whether or not it is processing personal data concerning them;
    • provide a copy of the personal data it holds about them;
    • provide information about the processing (such as purposes, categories of personal data, recipients, etc.)

    Your company/organisation  must provide the individual with a copy of their personal data  free of charge.  However, a reasonable fee can be charged for further copies.

    The exercise of the right of access is closely linked to the exercise of the right to data portability – to allow the individual to transmit their data to another organisation.

    It is important that, in your company/organisation's Privacy Notice, there is a clear distinction between the two rights.  Therefore,  both rights need to be briefly mentioned separately.

    Example

    Your company/organisation provides an online social networking service whereby individuals can exchange messages and pictures. A user requests to access their personal data and to verify what personal data which concerns them is processed by your company/organisation. Your company/organisation  must confirm that it is processing personal data which concerns them and provide a copy (such as  name, contact details, messages and pictures exchanged). Your company/organisation must also provide them with information about the processing – usually that would be in the privacy notice of your service.

    References

    • Article 15 and Recitals (63) and (64) of the GDPR

  • Re: GDPR deadline is approaching

    by » one year ago


    So from this, what I can understand is if the same data presented in the html format, that would be sufficient. I am sorry but I am no experienced in decoding all this legal language.


    Follow me on twitter: https://twitter.com/corejoomla
    If you use our extensions, please post a rating and a review at the Joomla! Extensions Directory.
    CjFitCjForum | Polls | Answers | Quizzes | Quotes | Surveys | GPS Tools | CjBlog


  • Re: GDPR deadline is approaching

    by » one year ago


    Released a new version with support for media download and user friendly HTML page to view

    • My Profile Summary
    • My Topics
    • My Replies
    • My Subscriptions
    • Activities
    • Attachments

    Follow me on twitter: https://twitter.com/corejoomla
    If you use our extensions, please post a rating and a review at the Joomla! Extensions Directory.
    CjFitCjForum | Polls | Answers | Quizzes | Quotes | Surveys | GPS Tools | CjBlog


  • Re: GDPR deadline is approaching

    by » one year ago


    It seems that the My Stuff menu in CjForum doesn't have all the items you have mentioned? I saw the translation strings, but I don't see it happening on the frontend?

    Plus the data download is empty (for which I have opened a new topic)?


    Webmaster Psoriasispatienten Nederland


You do not have permissions to reply to this topic.

Powered by CjForum

Site Search

Trending Topics

GPX Tracks Module
  • 1 reply
- Add cluster to  GPX Tracks Module - When a category is...

Default marker for all categories
  • 1 reply
Hi, In GPS tools / Category / GPS Options I can select the default...

Translation of "Topic-Date
  • 2 replies
Hi Maverick I found another translation issue and that is the...

plg cbcjforum
  • 4 replies
Hi How can I translate the plugin cbcjforum in to my language?

Upload Track button not working
  • 5 replies
Hallo, I have a problem uploading new gps tracks. Clicking on the...

Subscribe Newsletter