search

htl-anichstrasse / sokka

:credit_card::calling: A modern ordering system for restaurants to mitigate food waste
https://sokka.me
GNU General Public License v3.0
4 stars 0 forks source link

DSGVO compliance #8

Closed bemoty closed 3 years ago

bemoty commented 4 years ago

Throughout the entire development of the application, we need to be DSGVO compliant.

https://www.hubspot.de/data-privacy/gdpr-checklist

Which personal data do we store?

Data collection process

We need to inform users about the data we collect, about the purpose of this process, ask them for their approval and educate them on their right to revoke this approval

Personal data must be effective

Data must not be stored longer than needed and stored data must always be the latest available

Where is our data stored?

Sensible data?

Do we collect biometrical or genetic data? No Do we collect data of children? What's the minimum age for signup?

Do we transfer data outside of the EU?

Generally, no. The (current) backend server is located in DE Saxony. --> do we allow users outside of the EU to signup?

Deletion and Retrieval

Users must ALWAYS have the ability to request deletion of their data and request their personal data we have stored.

bemoty commented 3 years ago

data collection process -> #48, fixed in 15a84435f296f0532357cc23d0bf6ddd57e2e2b9