arodier
commented
2 years ago Not relevant, please, do not post on this repository and do not interfere in any way. Comment reported.
Closed privacy-lawyer closed 2 years ago
arodier
commented
2 years ago Not relevant, please, do not post on this repository and do not interfere in any way. Comment reported.
This piece of code collects users' IP address which is qualified as personal data under EU GDPR:
https://github.com/progmaticltd/homebox/blob/66f41d48a0fc6049f648dd57089fdf9cd278e06e/install/roles/remote-access/tasks/ufw-public-access.yml#L25
Users must explicitly give consent for collection of this personal data and the data processor shall be able to demonstrate that the data subject has consented to processing of his or her personal data.
Please note that the maximum penalty for GDPR violation can be up to 20 million euros:
https://gdpr-info.eu/issues/fines-penalties/