GDPR

[wisesm0]

https://www.eugdpr.org/ May be possible we have to subscribe to new European data privacy laws due to our data collection

It may not effect us as we don't operate out of EU but we will have EU users.

Worth researching

[ryant26]

Based on my research we are going to need 3 things to be compliant:

1. A checkbox for people in the EU region to consent to us accessing and storing information about their Overwatch account
2. A button (or some way) for users to delete the data we have collected on them. This being their overwatch data (hero stats, etc)
3. A mechanism for moving server logs older than a few days into encrypted long term storage

Things we don't need to worry about:

• Turning on and off Google Analytics, Sentry and HotJar. These services do not collect any data that could directly or indirectly identify a user (ie. it's anonymous data).

[ryant26]

Thoughts on the future: Ad platforms like AdSense will require opt-in consent

[wisesm0]

March 25 is when this goes into place. I've added to ready since initial research has been done.

Some legal definitions: Controller – “means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data” Processor – “means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller”