Open bcardarella opened 1 year ago
https://datatracker.ietf.org/meeting/113/materials/slides-113-pearg-gdpr-and-network-privacy-00
https://www.linkedin.com/pulse/gdpr-those-who-do-agree-ip-address-should-personal-data-bernaerts
So, logging IP addresses is GDPR compliant. In this case, what we are doing further with those is not illegal. But to be on the safe side we could do the following:
FYI @bcardarella ND @adam-phillips
This is not complete
Currently Plausible doesn't have an out of the box way to determine if an IP address is from a corporate range, this is important for marketing to determine where inbound traffic is coming from.
This is a simple lookup. First step is to download, crawl, and parse all of the ranges and associated company info from: https://www.cidr-report.org/as2.0/autnums.html
However, what we need to determine is if this violates GDPR.