Closed mc0e closed 2 years ago
It's a very long time since I created this ticket, and also a long time since you first added a privacy policy (I looked at archived versions of your site). Still, I looked over your privacy policy statement.
It's a very long time since I created this ticket, and also a long time since you first added a privacy policy (I looked at archived versions of your site). Still, I looked over your privacy policy statement.
Well done…
I suggest you look at adding something about requests for deletion of data, especially since people will be submitting personal details about other event participants who have likely not provided consent for you storing that data.
It's not really the case in the new version. There's no option to put in participants' email addresses. At least for now, but I thought the policy covered this by offering a contact email address. If you're aware of a template that would be a better fit I'd be open to changing it.
An expiry period is probably appropriate, after which all personal data is deleted for old events and inactive participants.
Do you know of any specific time frames that should be adhered to from a legal perspective? There's nothing set up at the moment that would do this but happy to add it in.
A privacy statement is needed.
You're asking people to submit email addresses, for themselves and other people, and holding info about meetings that may potentially have privacy issues.