Vakarian96 Posted November 12, 2022 Posted November 12, 2022 Hello, would it be possible to provide some improvements in the future for the purpose of GDPR? Unfortunately, some of the awesome features of Invision are not usable or limited in European countries. 😞 The following points would be especially interesting: Disable saving of IP addresses completely. Load external embeddings only after the user has agreed. The possibility to run services like twemoji or if feasible the spam defense service locally on the own server. Best regards, Vakarian Richard Arch, Ibai, Markus Jung and 4 others 5 2
Luciann Posted November 12, 2022 Posted November 12, 2022 That would be very useful, hopefully it will be added at some point. We'd like to keep it legal without having to change the code ourselves.
PatrickRQ Posted November 13, 2022 Posted November 13, 2022 European Union really s****. Unfortunately, I am living inside it. 😛 Ibai and teraßyte 1 1
Management Matt Posted November 14, 2022 Management Posted November 14, 2022 Why would you want to disable storing the IP address completely? We need to store it for a short time for authentication purposes and to track abuse. We do have a feature that removes IP addresses from the database after a set period of days/weeks (ACP > Members > Profiles > Profile Settings) You could set this to a low number, say 7 days. The internet is based upon recognising IP addresses, for complex applications to work and be trusted, we do need to store them for at least a short amount of time. I am not a lawyer, but we work with many GDPR/privacy focused EU brands that accept IP addresses to be stored for the purpose of the application. SeNioR- 1
opentype Posted November 14, 2022 Posted November 14, 2022 Quote Load external embeddings only after the user has agreed. That’s a valid issue though. It even got worse recently now that website owners are getting sued for loading Google fonts without “need”. And YouTube videos automatically loaded as iFrame contain them too – not to mention all the other calls to Google, Twitter, Facebook and so on for their embedded content. ptprog, Claudia999 and Vakarian96 3
Vakarian96 Posted November 14, 2022 Author Posted November 14, 2022 1 hour ago, Matt said: Why would you want to disable storing the IP address completely? We need to store it for a short time for authentication purposes and to track abuse. We do have a feature that removes IP addresses from the database after a set period of days/weeks (ACP > Members > Profiles > Profile Settings) You could set this to a low number, say 7 days. The internet is based upon recognising IP addresses, for complex applications to work and be trusted, we do need to store them for at least a short amount of time. I am not a lawyer, but we work with many GDPR/privacy focused EU brands that accept IP addresses to be stored for the purpose of the application. The IP addresses are not a big problem now, but it would be nice if you could. But the other two points are indeed a big problem and quasi these features not usable.
Claudia999 Posted November 14, 2022 Posted November 14, 2022 We would need consent banners or preloaded consent message for each embedded content, for YouTube, Facebook, Instagram and so on. One example: And as another example a solution for WordPress: https://www.altmann.de/en/blog-en/code-snippet-gdpr-compliant-youtube-videos/ Vakarian96 1
PatrickRQ Posted November 14, 2022 Posted November 14, 2022 (edited) 1 hour ago, opentype said: That’s a valid issue though. It even got worse recently now that website owners are getting sued for loading Google fonts without “need”. And YouTube videos automatically loaded as iFrame contain them too – not to mention all the other calls to Google, Twitter, Facebook and so on for their embedded content. To be honest. When I see such nonsense "law" I want to put a welcome message like "Do not want to accept our policy? We do not want to work with you". -> redirected. Sad to say but things are getting extremely insane. That seems the only valid solution for privacy crazy people, who believe the law protects their privacy. It is just fooling population. Edited November 14, 2022 by PatrickRQ
Management Matt Posted November 14, 2022 Management Posted November 14, 2022 26 minutes ago, PatrickRQ said: To be honest. When I see such nonsense "law" I want to put a welcome message like "Do not want to accept our policy? We do not want to work with you". -> redirected. Sad to say but things are getting extremely insane. That seems the only valid solution for privacy crazy people, who believe the law protects their privacy. It is just fooling population. I think most agree that the bureaucracy surrounding GDPR is silly (cookie pop-ups, accept T&S, etc, etc) although the core message of protecting personal information is good. The embed notice is something we already have on our list but we don't have a release date for it at this time. Claudia999, Vakarian96 and SeNioR- 1 2
PatrickRQ Posted November 14, 2022 Posted November 14, 2022 (edited) 19 minutes ago, Matt said: I think most agree that the bureaucracy surrounding GDPR is silly (cookie pop-ups, accept T&S, etc, etc) although the core message of protecting personal information is good. The embed notice is something we already have on our list but we don't have a release date for it at this time. Idea is OK but result is as always poor. I simply do not believe in anything European Union does, as all it does works against people / human at the end. Just a personal opinion. EU bases its functionality on needs of poor people, people who were "forgotten" by the past unjust system giving them social payments and many more benefits. At the same time it tells to the same people that all this is because of entrepreneurs who work. Law constructed by EU and the way it is implemented is to favorize large corporations with use of not rich people, to work against the middle-class that is most problematic aspect to spread other idiotic ideas European Union would like to introduce. Sorry a political feel of the post 😉 Edited November 14, 2022 by PatrickRQ
Recommended Posts