New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GDPR compliance #273
GDPR compliance #273
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@k-nut Thank you for moving forward and your time investment. Here is my thoughts about the implementation.
- I personally do not see a reason for dropping Piwik. It is both uses by the okfn.de and the bundesregierung.de - why shouldn't we?
- With regards to the agreement of the user I think we should follow the common pattern which is used by bundesregierung.de (see my comment).
- I think we can also check if the Datenschutzerklärung texts by okfn.de and bundesregierung.de differ by large.
@johnjohndoe I think the most important thing here is to bring the website back online. We can add Piwik back in a next PR but for now I think that it is not critical to do so whereas we gain quite a lot by putting the website back out there. |
@k-nut I would very much like to bring the website online back again. But since my name is in the imprint I would love to see this happening in alignment with the law. The basic question for me is whether users need to actively opt-in before using the website or if an opt-out is fine. By "copying" what bundesregierung.de does I believe we are on the legal side. |
I agree with k-nut, we should bring the webside online first and add piwik second. As long as we don't track, there is no problem with GDPR. Every day we wait will cost us users that won't come back after three or four tries. EDIT: deleted misunderstanding about the name in the imprint |
I just talked to okf and they are fine with them being listed in the imprint. So maybe we simply change it to that first?
… Am 03.12.2018 um 08:54 schrieb Tobias Preuss ***@***.***>:
@k-nut I would very much like to bring the website online back again. But since my name is in the imprint I would love to see this happening in alignment with the law. The basic question for me is whether users need to actively opt-in before using the website or if an opt-out is fine. By "copying" what bundesregierung.de does I believe we are on the legal side.
Another option is to replace my name by the OKF in the imprint.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
daa6b65
to
6163bc8
Compare
I just force pushed a version that removes the commit which removed Piwik and adds a section describing Matomo to the data privacy policy. The policy also includes a link where users can opt out of the tracking. I checked three more 'official' pages and they also do not show any popups regarding cookies, Matomo or other trackers and just mention it in their data privacy statement: |
Thanks @k-nut 👍 I will take a look. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for your work! I identified a few issues and prepared three commits for you to take a look and rebase two of them if you agree with my changes.
Further, is there any reason why you did not take the info.html
page back online?
Feel free to rewrite my commits and force push your branch.
BTW: There is a typo in the branch name which is okay to leave like it is. Otherwise GitHub will create an new pull request because it does not recognize the branch renaming.
@johnjohndoe looks good to me. Thanks for fixing the mistakes in there. |
5597296
to
da63e83
Compare
slightly changed the order of the commits and squashed all Datenschutz related ones into one commit. |
This should make the website GDPR compliant by
Fixes #270