[scottkoz20]

I am not sure if there is a thread that already exists, if so, I apologize for the duplication.

With GDPR set to start for the EU on 25 May 2018, I am curious to know what other admins are doing to comply (if they need to).

For my site, less than 5% of my traffic is from the EU (94% is US and Canada), but I am thinking about trying to put in the same compliance for future growth with reaching a soccer audience.

I know there is the cookie consent mod that will help

https://www.vbulletin.org/forum/showthread.php?t=325880

but are there other items that people should be concerned with?

[In Omnibus]

There's a JIRA for vBulletin 5 with a relevant discussion. It should give you a good understanding of to how few customers to whom it applies and what is required.

http://tracker.vbulletin.com/browse/VBV-18175

[scottkoz20]

thanks for the link

[gsk8]

We have a lot of trolls. Some are downright cyber-bullies. As a result, using IP mods and cookies, we are able to prevent them from re-registering.

I'm trying to figure out how to work this so that folks who don't agree to using cookies and having their IPs logged can no longer be apart of the forum.

I'm currently using the latest VB 4. Still trying to wrap my head around the GDPR and get everything into compliance. Very confusing.

[I.G.O.T.A.]

What is the best way to make this work on vB 4?

[Brandon Sheley]

lol... jira
That whole system has been a giant mess, I didn't even know it was still used at vb.
Maybe vBulletin itself doesn't think it's something to worry about because so many have dropped it?
I suggest all site owners check out official info on gdpr

[In Omnibus]

Originally Posted by I.G.O.T.A.

What is the best way to make this work on vB 4?

Do you actually sell goods or services and collect VAT or do you actually conduct marketing or research in the EU? If the answers to both questions are "No" then you don't need to do anything.

If the answer to either of the above is "Yes" then add the GDPR disclaimer to your existing TOS and reset it so everyone has to agree to the new TOS.

You're not required to delete anything, even if they request it, because the GDPR allows for the collection of data for statistical or historical purposes.

[jagtpf]

Originally Posted by In Omnibus

If the answer to either of the above is "Yes" then add the GDPR disclaimer to your existing TOS and reset it so everyone has to agree to the new TOS.
.

Forgive the ignorance, but how can you get that bit to work?

[Sicilian]

Any chance of the MOD that this Forum has used being released to the public?

[jagtpf]

Originally Posted by Sicilian

Any chance of the MOD that this Forum has used being released to the public?

I've added a Profile Field to what Members have to complete before access to my Forum, it's mandatory, so existing members also have to check it.
I've set it with three button options - no default.
"Yes", "No", "Out the EU".

Those who click No will be asked once and then account deleted.

[nw-fotografie]

Link is not working?

[z3r0]

Chris, does your script allow for the easy removal of consent as required by GDPR?

[In Omnibus]

Originally Posted by z3r0

Chris, does your script allow for the easy removal of consent as required by GDPR?

The GDPR does not require the ability to remove your own content.

[paradoxG(r)eek]

Originally Posted by In Omnibus

The GDPR does not require the ability to remove your own content.

Kris, there are long discussions over Internet about this, and till now nobody can say for sure what's the real meaning of this term.

A user can ask for removal of his content. This is for sure. The problem is what is the meaning of "my own content". eg for sure can be a photo that I post in Facebook. But can be an article? Nobody can say. Also (as I've read somewhere), there is difference betweein posting some thoughts (blog post) than commenting in someone's else post.

In short words.... very complicated terms. On the same way, nobody can be 100% sure, if it talks for EU Citizens, or EU Residents, or that "Data Subject" covers even eg Americans being in holidays in EU.

[In Omnibus]

Originally Posted by paradoxG(r)eek

Kris, there are long discussions over Internet about this, and till now nobody can say for sure what's the real meaning of this term.

A user can ask for removal of his content. This is for sure. The problem is what is the meaning of "my own content". eg for sure can be a photo that I post in Facebook. But can be an article? Nobody can say. Also (as I've read somewhere), there is difference betweein posting some thoughts (blog post) than commenting in someone's else post.

In short words.... very complicated terms. On the same way, nobody can be 100% sure, if it talks for EU Citizens, or EU Residents, or that "Data Subject" covers even eg Americans being in holidays in EU.

All the GDPR is concerned with is personal data. In reality, how many people are going to spend their time requesting that every site that has their personal data remove it? Probably not many. The sites that would need to be most concerned are those that have credit card or banking data from a one-time transaction because the odds they see the customer again to agree with the GDPR are slim and none in many cases. For the site that only collects e-mail addresses and IP addresses for the purposes of spam prevention there is nothing about which to be concerned.

Personally I've decided the EU can bugger off. I don't deal with anywhere near the number of EU members it would take to justify jumping through hoops. I run a clean and respectable service where members are anonymous (personal identifying information is strictly prohibited) and I do not solicit or sell data or do any of the other things the GDPR is designed to prevent.

Unfortunately for some their primary customer / membership base is EU or EEU and they are therefore required to at least meet the minimum GDPR requirements, which include a method of requesting the deletion of all personal data. Again, I submit very few will actually go to the trouble of requesting this. It's the "informed consent" from existing one-time customers issue that is going to be far more difficult to resolve. If you e-mail them to ask them if they want to consent to the GDPR on your site is that spam? I can't answer that.