- Elsmar does not "process" any data.
- People have to option to be totally anonymous when they register.
- The only required "information" when a person registers is an email address and "field of expertise".
- Registration email addresses are not shared, sold or otherwise revealed unless a person manually puts it in their profile.
- Every person has direct control over information in their User Profile, and can change that information, and can delete any information in it at any time.
- Information a person puts in their profile is public, but every person can leave all the fields blank.
- What a person posts is their own responsibility and it is understood that this is a public forum, so...
- Any person who wants their registration deleted can use the Contact Us link to make the request.
GDPR - EU Directive 2016/679 and the Elsmar Cove Discussion Forum
- Thread starter Marc
- Start date
Perhaps its good to note that this has (probably) been superseded by Regulation (EU) 2016/679 General Data Protection Regulation.
http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679
I think the one remaining point for clarification would probably be (temporary) back-ups of the forum membership data, and when they would be cleared.
Elsmar, being high-quality as ever.
http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679
I think the one remaining point for clarification would probably be (temporary) back-ups of the forum membership data, and when they would be cleared.
Elsmar, being high-quality as ever.
Daily backups which are rolled over are made by the servicer hosting Elsmar.com, however as far as I can tell data protection isn't an issue here because the only "data" which Elsmar has is email addresses. Nor does Elsmar share, sell or otherwise communicate any use email addresses in any way. Nor does Elsmar send promotional or other related types of emails. Nor is any "data" on any registered visitor "processed" since there is no personal data unless a person makes entries in their profile.
I made the post as a general "statement", however from what I have read data protection here is sufficient since only email addresses are involved. Were the sever to be breached, and someone got a list of email addresses, it wouldn't have much value.
I made the post as a general "statement", however from what I have read data protection here is sufficient since only email addresses are involved. Were the sever to be breached, and someone got a list of email addresses, it wouldn't have much value.
Similar threads
-
HIPAA and GDPR applies? Medical therapy device
- Started by dore_m
- Replies: 0
-
GDPR - Purposes and duration of data collection- Started by MrTetris
- Replies: 8
-
Privacy Policy - EU GDPR Compliance - 1 December 2018- Started by Marc
- Replies: 0
-
Implementation of ISO 27001 as part of the GDPR compliance journey
- Started by lzanini
- Replies: 2