Is NodeBB compliant with the GDPR (the newest legislative spam by the EU)?
-
I think NodeBB as of now is not compliant. One important caveat is that it includes resources from external websites such as Twitter (for bootstrap). As already posted somewhere else, it should be possible to host that stuff locally.
I would also disable external logins to be sure.
Another problem would be if a user want's to have her data. That's not possible with NodeBB yet (afaik) but could be done with database tools.
One more thing: the EU considers a site to be addressing EU citizens if it provides content in one of the 27 EU languages. While this is nonsense they enforce this nevertheless.
best,
Tom -
@azeus ... almost
-- NodeBB v1.9.0 should contain the code necessary to comply with GDPR.Individual hosts of NodeBB will need to do the last-mile items, such as getting a Data Processing Agreement in place, and such, but otherwise, yes.
We'll be launching v1.9.0 today
-
@azeus said in Is NodeBB compliant with the GDPR (the newest legislative spam by the EU)?:
Hi @Julian, we just upgraded to v1.9.0. Where could we find the GDPR related settings? We don't find anything in the Admin Panel
TksHi @azeus , register an new user an you will see it. And look into your profil.
sry, text in german
-
GitHub - NodeBB/nodebb-plugin-gdpr: GDPR Compliance Tools and Administrative Overview Pages
GDPR Compliance Tools and Administrative Overview Pages - NodeBB/nodebb-plugin-gdpr
GitHub (github.com)
-
Do we need this GDPR plugin or is it good enough to upgrade to 1.9.1 to get the consent popup?
-
Cool, thanks
