Closed josemi-ca closed 6 years ago
Well... I'm neither a lawyer, nor an EU-citizen, so I can be wrong. But I don't believe that this is really a big deal.
Mibew Messenger doesn't store any 'personal data' by default. It can ask a visitor to enter email at the pre-chat stage, but it's an option. So, one could just inform a visitor that by clicking on button 'start chat' he confirms the submission of his email for further usage. And, btw, there are no validation of the email.
Bulk erasement and export of logs by visitor's name is indeed missed. But that name is optional and non-unique. And that matters, because it is impossible to identify a person with it. Multiple visitors could make use of the same name. Maybe one could identify a person with a combination of email, ip and a name, but it's hard to tell.
Moreover, it is possible to make use of the appropriate plugin to not store logs at all (erase it immediately). As a kind of a temporary solution for people who scared of this initiative of the EU.
Maybe someday I'll create a plugin of two that will implement export / erasement of logs, but at the moment it's definitely not a primary goal for me. Though, one could send a pull request. ;)
Mibew Messenger doesn't store any 'personal data' by default. It can ask a visitor to enter email at the pre-chat stage, but it's an option. So, one could just inform a visitor that by clicking on button 'start chat' he confirms the submission of his email for further usage.
Even if is not a checkbox, a setting should be added so that a custom text/link to privacy policy can be included in the survey page. So that it's not necessary to edit the code, which would lose the changes on updates.
Thanks
But at the moment there is no need to edit the code to inform a visitor. One just have to alter the localization constant "Thank you for contacting us. Please fill out the form below and click the Start Chat button.
". It can be done using standard localization management interface. (Actually, any string constant in Mibew can be changed that way.)
And if one want to change the look and feel of the pre-chat survey (i.e. use a link there), it can be done by creation of a custom theme. Without any code changes too.
Don't get me wrong, I realize a potential legal risk related to possible misinterpretation of GDPR. But I believe that Mibew Messenger is just a tool for a site, not a stand alone product. So it should not have its own policy that is somehow different from the policy of the site which a visitor of the site should explicitly accept...
I've created the plugin for bulk export and deletion of chats. It will be officially released along with the next release of Mibew Messenger itself in the near future.
Thank you very much. Really appreciated 👍
The General Data Protection Regulation (GDPR) came into effect on 25 May 2018, affecting all busineses handling europeans data (even if based outside EU).
I've noticed Mibew seems to be lacking some basic features for GDPR:
The ability to export chat logs from an user (to comply with right of data portability/access requests). Right now it's possible to search by email or name, but the list of chat conversations cant be exported.
It should also be possible to bulk delete all conversations by an user (to comply with right to erasure)
It should be possible from settings to include a link to privacy policy to accept with a checkbox to accept it, in the pre-chat creen (to comply with right to be informed)