GDPR checklist?

Hello guys,

the GDPR is going into action very soon and even though you answered a few questions they contradict some of the points made in our german support forum.
You can follow the discussion here: http://hilfe.forumieren.com/t43399p100-12444-dsgvo-datenschutz-grundverordnung

The main problem seems to be that our hoster isn't communicating what the admins of the forums have to do now. When I read this support forum it sounds like I don't have to do any actions on my own and everything will be provided by you. But in the german support forum it sounds a lot different. Even the Moderators don't seem to know any details which is why I am asking you guys.

Is it possible to provide some sort of checklist for admins of actions they have to do before the 25th? We are willing to do our part but we are not sure what excacly we have to do now. Especially because we don't own the databases and the hoster is the only one with direct access. We would need to have some sort of contract in which you guys list all the actions you perform on user-data.

And what about the SSL-Certificate? It seems absolutly necessary to provide this to be ensure GDPR complianced. But the free version of your service doesn't provide this one which makes the free version of your product not legal in the EU. Will all forums be provided with a certificate for free or do we have to upgrade to a premium package?

Thanks in advance!

Hello @Akeem,

Forum administrators won't have to do anything as Forumotion only is able to deal with the GDPR compliance. The main changes made necessary by the GDPR are: obtaining users' consent for the use of their personal data (which, according to the GDPR , covers relatively little information collected by the forums), and for the emails they are likely to receive. This will be done by Forumotion, with a proper privacy policy.

SSL is not an obligation of the GDPR, the data controller must simply implement the appropriate technical and organizational measures to ensure that, by default, only personal data which are necessary for each specific purpose of the processing are processed.

The publishing company of Forumotion is a company under French law. However, French law already had its own personal data protection legislation, built in 1978 and which has evolved regularly since. Consequently, on many points, French law already imposed what the GDPR provides, which means that Forumotion is already in compliance on several obligations arising from the GDPR.

In case of non-compliance, the sanctions affect the data controller, i.e. the publishing company of the Forumotion service. Forum administrators are not directly targeted. Moreover, the verification organism will not sanction all sites that do not comply by 26 May... and even less small structures such as your forums. It is estimated that most web actors will be compliant with the DSMP within 2 years on average. So take it easy, the sky isn't falling.

Regards,
Walt

Thank you for clearing that up.
Then I will take it easy and let you guys do all the hard work. Thanks

@Akeem can I take it that Walt has helped you on your question and it is now solved ?

If yes please press the mark solved button that can be found at the top of your thread.

we will then close this topic.

Regards APE