GDPR compliance

[lcmen]

@qoobaa any experience with that?

I believe we need to modify a few things here and there (i.e. additional info on the page, explicit confirmation, etc.) to make the app compliant with new regulations.

[qoobaa]

Yeah, it'd be nice to handle it somehow, but I haven't had a chance to dig into the topic yet. As far as I know, most of the data stored in Firebase is publicly available (like company details, tax numbers, addresses, etc.), unless someone issues invoices for a non-company buyer.

I'll try to find someone who's more informed in this topic and ask, rather than figuring it out on our own, since it may be quite time consuming and boring.

[lcmen]

I'll try to find someone who's more informed in this topic and ask, rather than figuring it out on our own, since it may be quite time consuming and boring.

That would be great.

[qoobaa]

I'm pretty sure we're mostly GDPR compliant. Fakturama allows to "be forgotten" since the beginning (there's a red "delete all data" button"). We'd need to add a page informing users that all data we collect is used ONLY to issue invoices, and we do not process it anyhow. There's also a need to have a "data administrator" that people can contact. I'd just create an email address like administrator@fakturama.pl, so people can contact us when they e.g. loose credentials and want to delete the data.

[qoobaa]

The address set up.

[lcmen]

Sounds good. @qoobaa have you seen any good templates for data processing which we can use?

[qoobaa]

Not yet, I'm swamped with work recently. I'll try to do some research when I have more time.