Re: Is this forum prepared for the GDPR?
- Posted by ghaberek (admin) May 01, 2018
- 2209 views
Just because someone in the EU comes to our site, doesn't automatically mean we fall under the jurisdiction of EU legislation.
If an EU citizen simply visits the site then no, all we have is their IP address in our logs and no other personal information. As far as I can tell, this does not require compliance.
And, it seems we do not engage in behavior that would make us fall under their jurisdiction.
As soon as they sign up, we engage with them by collecting (at the very least) a user name and password, which is considered personally identifiable, and so now we're required to be GDPR compliant.
I think it's reasonable that we encrypt all the data we collect, simply to keep it safe in the case of a breach. But, beyond that, it's just red-tape that doesn't apply to us.
We have EU citizens already using the site, so we are obligated to comply immediately due to their presence here. Doing a quick search, I can find about 50 registered members who list their location somewhere in the EU.
However, if you want to spend the resources to get compliant, go for it!
I'm not saying, "Don't do it." I'm saying, "We don't have to."
I appreciate that, but at this point I'm confident we have to. Jimcbrown and ABC certainly seem to agree, given we're having this conversation.
-Greg