Closed skull-squadron closed 5 years ago
Wevah
commented
5 years ago I don't believe IP address is collected by Sparkle itself, although the developer's server will of course see it when Sparkle checks for updates.
As far as I'm aware, none of the other stuff is collected, either, unless some sneaky developer adds it to their custom options.
(Obviously I could be mistaken as I've not written the stats-collecting stuff.)
kornelski
commented
5 years ago Sparkle is compliant with GDPR.
By default, Sparkle doesn't send any of this data at all. The system profile functionality is an optional feature.
The standard system profile collected by Sparkle doesn't contain any personal information.
If the developer enables the system profile feature, Sparkle prompts the user to agree to send the system profile, so there is a consent anyway.
IANAL.
Does any of the data collected in the anonymous (Is it, according it to the EU?) system profile fall under GDPR? Looking at the system profiling page, I would suspect "no" unless a developer includes custom facts such an anonymous system ID, serial number, legal name, username, home directory, postal address, physical location, process ID, disk volume name, email, MAC address, IP address, SSID or IMEI/MEID/ICCID/SEID. It's best to avoid GDPR items unless absolutely necessary, or experience the fun of the GDPR checklist 🤕
If 1. is yes, does compliance require asking the user on first launch with a modal
Are you running this in an EU country subject to General Data Protection Regulation (GDPR)?in order to automatically deselect anonymous system profile collection (opt-in) rather than opt-out? Does this sound like A Good Idea™️?