GDPR (niche thread)


By the way, looks like December is when the guidance will now be published:


Fuck’s SAKE.

Also proper lol at that ‘myth-busting’ section.



Or rather our customers and thus we have to try and work out how to enact this in our software for them.


Myth: Your family will be burned to death in a fire

Fact: There is a lot of misinformation out there regarding fires and your family’s safety, but the truth of the matter is that your family won’t be burned to death; instead they will die of smoke inhalation.


Ironically it stands for Googling Does Produce Results.


More like

Myth: The fire brigade are there to stop your house being destroyed in a fire

Fact: Whilst the fire brigade are very important, every household already has the tools at their disposal to prevent their home being destroyed by fire.


Anyway, my favourite bit from this was this part of the document about it:


Well that will be enlightening.


I’m deadly serious.


I’m supposed to be delivering a seminar on this to a ftse listred plc client looks at diary, yup, two weeks today, Still not awfully sure what it’s all about and suspect I ought to do some reading soon. Looks so boring.


DiS really does have a thread for everything. I am working on the firm’s GDPR project now. 184 days to go team!

Has anyone checked with sean how DiS is working towards compliance :crazy_face:


Say nothing! Sean might explode from the stress!


Haha. Don’t know what the relationship/T&C’s/Privacy Notices are like between DiS and Discourse Forums Ltd. or whatever but can’t imagine DiS itself needs to do too much to be compliant that existing DP law doesn’t cover tbh. Discourse on the other hand will have to make sure they bloody well are.


doesn’t really address the issue of the old site though surely? don’t know who the data processor or controller is. without knowing anything about how the data is being stored (and what sort of data there is) it’s kinda hard to tell…


Working on a project related to this!


Both old and new forums sites contain sensitive personal data since you require an email address to sign up, hence you can use this to tie the sensitive data to an individual. I agree with Geoff that the contract with Discourse might need to be looked at and updated… Presumbaly DiS is the data owner and Discourse the processor?


Good. Point. I didn’t think of the old site at all.

I mean who ‘owns’ that data. sean I guess?


neither of them ‘own’ the data


honestly a bit mind boggling how little most public bodies, small businesses, charities, schools, etc. know about this. like not even basic principles.


I’m far from an expert but I’d guess that sean is the data controller and Discourse are a data processor.


Yeah should’ve said Data Controller I think