1. Sign-Up →Hey there! Welcome to UK of Equestria!
    Getting involved is easy and free! Hit the sign-up button and fill in a quick form to get active on the site.

Privacy Updates and GDPR

Discussion in 'Official News' started by Alteran, 20 May 2018.

  1. Alteran

    Alteran Scissors + Running = Ouch

    Joined:
    18 December 2011
    Messages:
    2,814
    Likes Received:
    2,517
    Howdy y'all!

    You've probably been getting emails from a lot of different people lately - some of them may be talking about "Privacy Policies", some might be trying to discuss "Personal Data" and some might be directly referring to "GDPR".

    What is this GDPR stuff?
    Just in case you've been living under a rock: after the 25th of May, new European data protection laws will come into effect. These laws are known as GDPR, or the "General Data Protection Regulations".

    In short, these new laws are a good thing for you and every other private citizen.

    Because of the nature of how our community functions, we ask for certain information like:
    • Username - so members of the community know who you are,
    • Email - so we can update you with regards to your account and to help secure your account, and
    • Date of Birth - so we can prevent users who are underage from participating without parental consent.
    • Your IP Address - the internet cannot function without these, and we also use them to help prevent abuse of our service.

    Information such as that can be considered PII, or "Personally Identification Information". The four examples above are also examples of data that we need from you in order for our community to function correctly. We also give you the option to share other information with us such as your other social network profiles. This is stuff that we don't need, but you can optionally share to make it easier for your friends to find you.

    A lot of different companies are panicking at this point because everyone's interpretation of these new laws is different. As an online community that does not exist as a business and does not sell or share data with anyone outside of our forum, we've actually had to make very little in the way of changes.

    What have we done?
    Here's what we've done and are doing to stay ahead of GDPR:
    • We've updated the forum software to a new version that makes it easier for us to:
      • Exercise your Right to Retrieve (get a copy of your data)
      • Exercise your Right to Erasure (your right to be forgotten)
    • We've made sure that our web server's access logs will be wiped after a short timeframe.
      • This allows us enough time to detect any abuse or fix any problems.
    • We've updated our Privacy Policy.
      • We've made it simpler to understand and tells you what data we need to store from you and how we'll use it.
    • We've posted this announcement reminding you of the upcoming legislation and what we're doing to make sure we stay compliant.
    Remember, if you're not sure about something, we can help. If you'd like help removing personal data from our website, message one of our moderators and we'll do what we can to help you! If you wish to exercise your Right to Retrieve or your Right to Erasure, let us know.
     
  2. nerdowl

    nerdowl Dr Who & MLP Fangirl

    Joined:
    28 June 2012
    Messages:
    1,862
    Likes Received:
    606
    I dunno whether this applies to hear but according to this you still say 13 years or older to join: https://ukofequestria.co.uk/pages/rules/

    But according to part of the GDPR in certain EU countries you cannot agree for your personal data to be processed (edit: I put the word stored here originally but I don't think that is the right word) until you are 16 without parental consent:- https://en.wikipedia.org/wiki/General_Data_Protection_Regulation#Lawful_basis_for_processing

    (Wikipedia referenced under the attribution licence: https://en.wikipedia.org/wiki/Wikip...s_Attribution-ShareAlike_3.0_Unported_License )

    It may well be fine as as you say this isn't a business, and depends on the definition of processing to I guess, but just thought I'd point this out :)
     
  3. Alteran

    Alteran Scissors + Running = Ouch

    Joined:
    18 December 2011
    Messages:
    2,814
    Likes Received:
    2,517
    The rules haven't been updated in quite a while, but until now, they haven't needed to be. In this new era of data protection and GDPR legislation, there is still a lot of interpretation to be done. People sent emails when they didn't need to (and potentially broke DPA) because they wanted to continue marketing to people who either already opted-in or never asked to be opted-in.

    I'll do some digging. We may have to raise our registration age to 16, but because people can submit whatever they want, we have no way of being able to verify this information. As a "public" online community where people share content out in the open that is not run as a business, there are some things we don't need to worry about - so long as we're respecting people's right to remove their personal information on request, we should be in the clear.
     
    nerdowl likes this.

Share This Page