GDPR: Re, Privacy Policy

There are 20 replies in this Thread which has previously been viewed 8,038 times. The latest Post () was by EJLarson.

1st Official Post

    There is an interesting debate (and heated discussion at times) going on over at the Woltlab Support Forums; it is related to the subject of Privacy.

    But more specifically, to what (apparently) will be required of all individuals who operate websites and forums; and it isn't just for those in persons living in Germany or who have forums / websites with a direct connection to Germany.


    Most of the posts seem to be concentrated on what two individuals have thus far said on this issue.

    There is some "merit" on both sides of the isle; but I for one believe it is yet another "slippery slope" that all us are going to caught up in.


    Here is the link for those interested: https://community.woltlab.com/thread/268092-gdpr-policy/?pageNo=1

    I am not sure if one has to be logged in order to view this - I always log in as I am a Registered Member.

    I believe the "effective date" of this new legislation is 25 May 2018 - but check it out in the Thread to make sure.


    • Official Post

    There has been some turmoil on GDPR also in the translation world. It affects EU-based companies, mostly.

    On a translators' mailing list (yes, we still use those!!! On Yahoo! ! And I can't get my head around them...) someone suggested this page to understand what it entails in plain words:


    Quote from https://blogs.constantcontact.com/gdpr-how-to-comply/

    What is GDPR?


    GDPR is short for the General Data Protection Regulation that goes into effect on May 25, 2018. It was passed by the European lawmakers to create a harmonized data privacy law across all the EU member states. Its purpose is to:

    • support privacy as a fundamental human right;
    • require companies that handle personal data to be accountable for managing that data appropriately; and
    • give individuals rights over how their personal data is processed or otherwise used.
    Quote from EJLarson

    The link isn’t accessible. If there are a couple of concise points to share, maybe a quick copy/paste?

    Sorry the link doesn't work.


    In order to explain or define the 'concise points" two of the members have discussed - one from a strictly legal point, and the other person replying from the personal view he does not want to give out his personal information in the Privacy Policy - I would have to copy and paste the Thread's contents, and that may

    not be legal - (and at the very least could possibly get me into hot water with Woltlab).


    serafina in Post #4 has posted two links concerning this issue (thank you!).


    It is a lot of reading but worth it if one wants to truly study the implications this new ruling will bring into play (action) upon ANYONE (whether personal or public)

    and to whom has a website or forum.

    A report from Chartered Institute of Marketing found that 57% people has serious mistrust in brands data collection and usage processes. All this led to this concrete legislation in the form of GDPR, which will add new rights and strengthen existing data protection laws.

    GDPR will serve as the beacon in safeguarding information of individuals by introducing tighter controls within European Union (EU). The new law will come in to effect from May 25, 2018, binding all businesses operating within European Union (EU) to have visible privacy settings and permissions to use individual’s data.


    Source: Online Privacy Tips

    • Official Post
    Quote from davidmichaels

    A report from Chartered Institute of Marketing found that 57% people has serious mistrust in brands data [URL:https://www.cim.co.uk/newsroom…t-the-value-of-marketing/] collection and usage processes. All this led to this concrete legislation in the form of GDPR, which will add new rights and strengthen existing data protection laws.
    GDPR will serve as the beacon in safeguarding information of individuals by introducing tighter controls within European Union (EU). The new law will come in to effect from May 25, 2018, binding all businesses operating within European Union (EU) to have visible privacy settings and permissions to use individual’s data.


    Source: Online Privacy Tips [URL:https://www.onlineprivacytips.…viduals-privacy-security/]


    It is my understanding that you are subject to the GDPR even if you are an abroad entity dealing with a resident of the European Union (EU citizens residing abroad are not covered). In the U.K., you have to register with the ICO and pay a registration fee (I think £35).
    However, it is not clear where foreign entities should register.
    For example, if I get work for a customers based in the EU, I.e. A document stating their personal data, I should be GDPR compliant but I still haven't figured out HOW.


    In Italy there is no ICO and no registration fee, you should just get consent before exchanging personal data.



    Sent from my iPhone using Tapatalk

    • Official Post

    I have been reading posts about this GDPR thing all over the internet. I can draw up a document saying how long I will keep your data (likely, forever as I never throw away past jobs - I build on them!) and my digital storage security measures (my computer also serves for private purposes, I don't think I am using normal email exchange such as gmail, I do back up on Dropbox when working on a project).

    Now, if just stating these things black on white is enough, I'll get my pen... But if these things are not enough, I do not have the technical knowledge 'to comply'. Should I simply get a secured connection? How? Should I switch email provider? How do I backup in the cloud when working on a project? I am not installing videocameras in my home in case somebody steal my backup hard disk, FYI!


    It is not clear whether the burden is on the freelancer even when the work is through an agency (as it happens a lot with translations). In which case it will be the agency to inform the end client that the work will be subcontracted and hence their sensitive data disclosed to the subcontractor.


    I did a translation about GDPR and it was like taking a peak in a crazy world.

    Namely, you have to inform users/clients when they use your online website (cookies are major factor), you have to inform job applicants, you have to inform even your own employees.

    I guessing that, like most regulations, once you figure out what to say for a given case, you can cut-and-paste for all similar cases?

    • Official Post

    The burden is on any entity that runs an online portal that is capable of holding the personal data of others. This forum and others for example holds members' email addresses, which is personal data.

    The privacy policy which is usually shown at the foot of most pages therefore needs to show the name, address and telephone number of who runs the website and I'll be amending the Argentina Expats' privacy policy accordingly.

    Quote from Splinter

    The burden is on any entity that runs an online portal that is capable of holding the personal data of others. This forum and others for example holds members' email addresses, which is personal data.

    The privacy policy which is usually shown at the foot of most pages therefore needs to show the name, address and telephone number of who runs the website and I'll be amending the Argentina Expats' privacy policy accordingly.

    ... and about time, too! I suspect that your flagrant disregard for data security is the reason that the IRS called the other day demanding immediate payment of a tax fine. Luckily I was able to find the exact $500 gift card they demanded. So tighten up those portals, all right?

    Quote from EJLarson

    ... and about time, too! I suspect that your flagrant disregard for data security is the reason that the IRS called the other day demanding immediate payment of a tax fine. Luckily I was able to find the exact $500 gift card they demanded. So tighten up those portals, all right?

    I'm so glad you didn't have to borrow against the princely sum in your Nigerian beneficiary account that will be hitting your bank account any minute now. The IRS was so thoughtful to let you pay in cash or gift cards. Did you have to mail it to Bangalore?

    Quote from Rice

    I'm so glad you didn't have to borrow against the princely sum in your Nigerian beneficiary account that will be hitting your bank account any minute now. The IRS was so thoughtful to let you pay in cash or gift cards. Did you have to mail it to Bangalore?

    That's just silly. Everyone knows that IRS headquarters are in Dubrovnik.

    Quote from Splinter

    The burden is on any entity that runs an online portal that is capable of holding the personal data of others. This forum and others for example holds members' email addresses, which is personal data.

    The privacy policy which is usually shown at the foot of most pages therefore needs to show the name, address and telephone number of who runs the website and I'll be amending the Argentina Expats' privacy policy accordingly.


    "The privacy policy ..... needs to show the name, address and telephone number of who runs the website ....... "

    And you continued to say: " .... I'll be amending Argentina Expats' privacy policy accordingly."


    I hope you are not really serious, Splinter! Please say you are joking about that.

    [Reading several of the posts above yours I assume you are not really serious about giving out your personal info on line!]


    My friend and partner (who is involved with me on the latest Forum / website project) told me he would never comply with such a "demand" of GDPR; and if I even think about doing so he will " ....paddle my [arse] so hard [you] won't be able to sit for a week."


    Of course, he won't get the chance because I am also of the opinion GDPR (and ALL whom are behind the creation of that regulation)

    can go [censored] itself!


    DJ

    P.S. After I am 'accused, tried, and sentenced' to "life without possibility of parole" for the "willful and criminal failure to comply .... "

    anyone who cares to stay in touch with me can write to me at:


    U.S. Department of Corrections and Incarceration, 88 Lonely Road, Rt. Shit, Pelican Bay, California.

    Attention Prisoner Code: GDF 69 LPI


    • Official Post
    Quote from CruiseJunki

    "The privacy policy ..... needs to show the name, address and telephone number of who runs the website ....... "

    And you continued to say: " .... I'll be amending Argentina Expats' privacy policy accordingly."


    I'll be amending the Privacy Policy statement yes, but only with details that I'll be comfortable with. As you point out, I certainly don't want every weirdo out there coming to my door either.

    The best part is all the Internet of Things (IoT for short) (PoS or 💩 for really short) stuff that just either did stupid stuff (a fridge serving a GDPR notice? really?) or just stopped working altogether.

    I do airline tickets, car rental, hotels, cruises, insurance, and all-inclusive packages.

    If you want great service and low prices, look no further.
    I also sell local SIM cards for several countries.
    ben@kanfeinesharim.com