The privacy policy & Terms should always be available

https://www.phpbb.com/ideas/
Post Reply
Author:
Tastenplayer
Posted:
Fri Feb 07, 2020 2:08 pm
Rating:
Status:
New
User avatar
Tastenplayer
Registered User
Posts: 495
Joined: Thu Jul 03, 2014 9:20 pm
Location: Switzerland
Name: Jutta Koliofotis
Contact:

The privacy policy & Terms should always be available

Post by Tastenplayer »

What should be standard in phpBB:
That the privacy policy and terms can be displayed and read even when a board is inactive. Unfortunately only the contact form works then, so you have to summarize all this in it (Now you have to change this yourself and insert it into the contact form, which will only be displayed in the default language of the board).
Because all these things are important for a website and must always be available.
It may be that it does not seem so important for forum operators e.g. in the USA. But there are many forums in the EU area and this should definitely be the case. At least the privacy policy.
Last edited by Tastenplayer on Fri Feb 07, 2020 2:48 pm, edited 1 time in total.
My phpBB Style Board & More
Be the best version of yourself rather than a bad copy of someone else!
Excuse me for my English, but I learned the language by speaking to people and not at school.

User avatar
Lumpy Burgertushie
Registered User
Posts: 67236
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: The privacy policy & Terms should always be available

Post by Lumpy Burgertushie »

this is all your opinion, there is no way for phpbb to know what type of privacy policy/terms etc. any given board owner would need.

there is no universal privacy policy etc.

therefore, using a generic one that the individual board owner can change to suit their requirements is the only thing phpbb can or should do.

I do agree that it could be made a little easier to edit. creating a system to be able to edit it from the admin panel would be the ideal thing in my opinion.


robert
I'm baaaaaccckkkk. still doing work on donation basis. PM your needs.

Premium phpBB 3.3 Styles by PlanetStyles.net

If nobody is in the forest, does a tree really fall?

User avatar
Tastenplayer
Registered User
Posts: 495
Joined: Thu Jul 03, 2014 9:20 pm
Location: Switzerland
Name: Jutta Koliofotis
Contact:

Re: The privacy policy & Terms should always be available

Post by Tastenplayer »

It is not about the content of the privacy policy but about the fact that it can always be viewed.
Unfortunately, this is not possible when a board is inactive. But even if my board is inactive, it is still on the Internet.
My phpBB Style Board & More
Be the best version of yourself rather than a bad copy of someone else!
Excuse me for my English, but I learned the language by speaking to people and not at school.

User avatar
david63
Registered User
Posts: 17247
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Name: David Wood
Contact:

Re: The privacy policy & Terms should always be available

Post by david63 »

What do you mean by inactive?

Are you saying when it is disabled in the ACP? Or just not being used?
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored

User avatar
3Di
Former Team Member
Posts: 14823
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: The privacy policy & Terms should always be available

Post by 3Di »

If the board is not active (disabled via ACP) automatically there is no reason to see these terms as they are not really active at the same time.
Please PM me only to request paid works. Thx.
Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user
Extensions, Scripts, MOD porting, Update/Upgrades
:studio_microphone: Premium extensions @ The Studio

User avatar
Tastenplayer
Registered User
Posts: 495
Joined: Thu Jul 03, 2014 9:20 pm
Location: Switzerland
Name: Jutta Koliofotis
Contact:

Re: The privacy policy & Terms should always be available

Post by Tastenplayer »

Yes innactive in the acp and yes even then one must be able to gain insight into the policy.
My phpBB Style Board & More
Be the best version of yourself rather than a bad copy of someone else!
Excuse me for my English, but I learned the language by speaking to people and not at school.

User avatar
david63
Registered User
Posts: 17247
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Name: David Wood
Contact:

Re: The privacy policy & Terms should always be available

Post by david63 »

Tastenplayer wrote:
Fri Feb 07, 2020 3:04 pm
Yes innactive in the acp and yes even then one must be able to gain insight into the policy.
With a vanilla install of phpBB then the links are still showing when the board is disabled however they do no go anywhere. The problem here is that if the board is disabled then nobody can access it so the links are irrelevant anyway but the bigger problem is that if the board is being updated/upgraded then clicking on those links would give errors which would not be good for the search bots.

I can see your point but in this situation I don't think that there is much that can be done - if the data is not there then it cannot be accessed.
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored

User avatar
Tastenplayer
Registered User
Posts: 495
Joined: Thu Jul 03, 2014 9:20 pm
Location: Switzerland
Name: Jutta Koliofotis
Contact:

Re: The privacy policy & Terms should always be available

Post by Tastenplayer »

Somehow I'd rather have problems with the search bots than with Data protection authority :lol:

Seriously: The contact form can be viewed and used even when the board is deactivated, does not comply with the data protection regulation at all and may not be used in the EU area and if so, then it must be noted in the policy, which is then not accessible.
If the board is deactivated, don't forget that you still have an inserted link in your navbar, for example to YouTube or Paypal or any commercial site. Because then the policy must be displayed.

Since it seems to be possible to keep the contact form working when the board is disabled, but not the policy, you have no choice but to continue copying the content of the policy into the contact form.
I do agree that it could be made a little easier to edit. creating a system to be able to edit it from the admin panel would be the ideal thing in my opinion.
That would be the absolute hit. But probably impossible, because then you will only have the policy in the standard board language and not in the other installed languages. Would it?
My phpBB Style Board & More
Be the best version of yourself rather than a bad copy of someone else!
Excuse me for my English, but I learned the language by speaking to people and not at school.

User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 4433
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James
Contact:

Re: The privacy policy & Terms should always be available

Post by HiFiKabin »

If someone is contacting you via the 'Contact Us' form they are doing so to ask a question and require a reply. As long as you use the details supplied for that purpose and that purpose only you do not need to display a GDPR policy. (UK interpretation of the regulation)

You still naturally have to comply to the regulation (eg security of information given, not passing it on without explicit extent and so on)

User avatar
david63
Registered User
Posts: 17247
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Name: David Wood
Contact:

Re: The privacy policy & Terms should always be available

Post by david63 »

Tastenplayer wrote:
Fri Feb 07, 2020 6:28 pm
The contact form can be viewed and used even when the board is deactivated,
Depending on what state the board is in at the time (upgrading, deleting files) then the contact form will not be available.

You could always file a bug report about the Privacy/Terms not being accessible when the board is disabled.
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored

User avatar
Tastenplayer
Registered User
Posts: 495
Joined: Thu Jul 03, 2014 9:20 pm
Location: Switzerland
Name: Jutta Koliofotis
Contact:

Re: The privacy policy & Terms should always be available

Post by Tastenplayer »

HiFiKabin wrote:
Fri Feb 07, 2020 6:46 pm
If someone is contacting you via the 'Contact Us' form they are doing so to ask a question and require a reply. As long as you use the details supplied for that purpose and that purpose only you do not need to display a GDPR policy. (UK interpretation of the regulation)

You still naturally have to comply to the regulation (eg security of information given, not passing it on without explicit extent and so on)
Are you really sure this is?
For example, a button for accepting the policy is missing in the contact form. You have to insert it yourself or install an extension. But before I click on Accept, I must have the possibility to read the policy.
On the safe side: eliminate the contact form and insert a mailto: link, which I have done (with a note regarding mail transfer).
My phpBB Style Board & More
Be the best version of yourself rather than a bad copy of someone else!
Excuse me for my English, but I learned the language by speaking to people and not at school.

User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 4433
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James
Contact:

Re: The privacy policy & Terms should always be available

Post by HiFiKabin »

I am no lawyer, but that is how I read the English translation of the GDPR.

If you are contacting me about a product or service you expect me to reply. If you provide me your email and/or your phone number you are giving me your explicit consent to contact you by either method.

eg, My Small Green Widget isn't working, how do I fix it?"

I reply "Poke it with a yellow stick"

If that is the end of the communication I have complied with the GDPR (assuming I keep any and all data safe, do not sell it on, etc etc)

I would also be able to send a follow up contact to let you know that the Small Green Widget's firmware has been updated to V2 as that is also relevant to the original contact.

What I can not do is send sales emails, surveys etc as that is not relevant to the original contact. That would require your explicit consent and thus acceptance of my GDPR.

User avatar
AmigoJack
Registered User
Posts: 5697
Joined: Tue Jun 15, 2010 11:33 am
Location: グリーン ヒル ゾーン
Contact:

Re: The privacy policy & Terms should always be available

Post by AmigoJack »

HiFiKabin wrote:
Sat Feb 08, 2020 11:13 am
(assuming I keep any and all data safe
No, the data has to be deleted as soon as it isn't needed anymore without a good reason. Sooner or later you will see yourself in a situation where you want others to delete collected data about you, and then you want a law and not their goodwill alone.
The worst thing about censorship is ███████████
Affin wrote:
Tue Nov 20, 2018 9:51 am
The problem is probably not my English but you do not want to understand correctly.
...
We will not come anybody anyway, nevertheless, it's best to shit this.

User avatar
warmweer
Jr. Extension Validator
Posts: 3912
Joined: Fri Jul 04, 2003 6:34 am
Location: Van Allen Bel ... gium

Re: The privacy policy & Terms should always be available

Post by warmweer »

AmigoJack wrote:
Mon Feb 10, 2020 11:10 am
No, the data has to be deleted as soon as it isn't needed anymore without a good reason. Sooner or later you will see yourself in a situation where you want others to delete collected data about you, and then you want a law and not their goodwill alone.
"as soon as" implies a timeframe but doesn't give specifications
"it isn´t needed anymore" implies work has to be done to establish whether a required result can be achieved without that data, and what if it can't?
"without a good reason" opens up the discussion about what is "good"
"data about you" is ambiguous e.g. browser fingerprinting - is that data about you?
We should embrace problems, without which there wouldn't be any solutions.

User avatar
AmigoJack
Registered User
Posts: 5697
Joined: Tue Jun 15, 2010 11:33 am
Location: グリーン ヒル ゾーン
Contact:

Re: The privacy policy & Terms should always be available

Post by AmigoJack »

  1. See (65) of the GDPR. An example is an e-mail exchange: when the topics have been discussed to an end the "as soon as" kicks in. Another example is a contract that is no longer in effect, hence data associated with it shall be deleted.
  2. That's the whole idea of Article 25: only processing data when it is necessary.
  3. That was simple English for the people. If I would have quoted Article 5, 1. (b) nobody would have even understood that.
  4. Many address types (i.e. postal and IP) and references to ownership deal with the same imprecision: strictly speaking one web browser can be used by multiple persons (sharing the "fingerprint"); multiple persons can use the same address; owning something doesn't mean only you have control over it. But being able to identify a person is not needed to apply for data protection - being able to trace down a person (hence single out others) makes data protection (read: privacy) applicable, too.
The worst thing about censorship is ███████████
Affin wrote:
Tue Nov 20, 2018 9:51 am
The problem is probably not my English but you do not want to understand correctly.
...
We will not come anybody anyway, nevertheless, it's best to shit this.

Post Reply

Return to “phpBB Ideas”