New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

GDPR Compliance #227

Closed
JMCA2 opened this Issue May 28, 2018 · 5 comments

Comments

Projects
None yet
2 participants
@JMCA2

JMCA2 commented May 28, 2018

The General Data Protection Regulation (GDPR) came into effect on 25 May 2018, affecting all busineses handling europeans data (even if based outside EU).

I've noticed Mibew seems to be lacking some basic features for GDPR:

  • The ability to export chat logs from an user (to comply with right of data portability/access requests). Right now it's possible to search by email or name, but the list of chat conversations cant be exported.

  • It should also be possible to bulk delete all conversations by an user (to comply with right to erasure)

  • It should be possible from settings to include a link to privacy policy to accept with a checkbox to accept it, in the pre-chat creen (to comply with right to be informed)

@faf

This comment has been minimized.

Member

faf commented May 28, 2018

Well... I'm neither a lawyer, nor an EU-citizen, so I can be wrong. But I don't believe that this is really a big deal.

Mibew Messenger doesn't store any 'personal data' by default. It can ask a visitor to enter email at the pre-chat stage, but it's an option. So, one could just inform a visitor that by clicking on button 'start chat' he confirms the submission of his email for further usage. And, btw, there are no validation of the email.

Bulk erasement and export of logs by visitor's name is indeed missed. But that name is optional and non-unique. And that matters, because it is impossible to identify a person with it. Multiple visitors could make use of the same name. Maybe one could identify a person with a combination of email, ip and a name, but it's hard to tell.

Moreover, it is possible to make use of the appropriate plugin to not store logs at all (erase it immediately). As a kind of a temporary solution for people who scared of this initiative of the EU.

Maybe someday I'll create a plugin of two that will implement export / erasement of logs, but at the moment it's definitely not a primary goal for me. Though, one could send a pull request. ;)

@faf faf added the pending label May 28, 2018

@JMCA2

This comment has been minimized.

JMCA2 commented Jun 6, 2018

Mibew Messenger doesn't store any 'personal data' by default. It can ask a visitor to enter email at the pre-chat stage, but it's an option. So, one could just inform a visitor that by clicking on button 'start chat' he confirms the submission of his email for further usage.

Even if is not a checkbox, a setting should be added so that a custom text/link to privacy policy can be included in the survey page. So that it's not necessary to edit the code, which would lose the changes on updates.

Thanks

@faf

This comment has been minimized.

Member

faf commented Jun 6, 2018

But at the moment there is no need to edit the code to inform a visitor. One just have to alter the localization constant "Thank you for contacting us. Please fill out the form below and click the Start Chat button.". It can be done using standard localization management interface. (Actually, any string constant in Mibew can be changed that way.)

And if one want to change the look and feel of the pre-chat survey (i.e. use a link there), it can be done by creation of a custom theme. Without any code changes too.

Don't get me wrong, I realize a potential legal risk related to possible misinterpretation of GDPR. But I believe that Mibew Messenger is just a tool for a site, not a stand alone product. So it should not have its own policy that is somehow different from the policy of the site which a visitor of the site should explicitly accept...

@faf faf added question feature request and removed pending labels Aug 2, 2018

faf added a commit that referenced this issue Aug 16, 2018

@faf faf added need a plugin and removed need a plugin labels Aug 16, 2018

@faf

This comment has been minimized.

Member

faf commented Aug 17, 2018

I've created the plugin for bulk export and deletion of chats. It will be officially released along with the next release of Mibew Messenger itself in the near future.

@JMCA2

This comment has been minimized.

JMCA2 commented Aug 26, 2018

Thank you very much. Really appreciated 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment