Libbum
commented
6 years ago Additionally, we need to have the DB encrypted, or the user data encrypted. That may be more effort.
Open Libbum opened 6 years ago
Libbum
commented
6 years ago Additionally, we need to have the DB encrypted, or the user data encrypted. That may be more effort.
People are worried about GPDR compliance. For us here it's not too bad, since at a minimum we hash the user's IP and that is effectively all the data we keep on the server side - all other personal info is client side. If a user wishes to give us their email address or website details, then perhaps we can set up a simple trigger to purge that info on the Admin panel with little effect to everything else.
Additionally, a CDPR compliance template could be written up for sites who want to explicitly use it.
https://blog.varonis.com/gdpr-requirements-list-in-plain-english/