Jump to content

GDPR improvements

Vakarian96

By Vakarian96
in Feedback

 Share

Recommended Posts

Vakarian96 Collaborator

Vakarian96

Posted
Posted

Hello,
would it be possible to provide some improvements in the future for the purpose of GDPR? Unfortunately, some of the awesome features of Invision are not usable or limited in European countries. 😞

The following points would be especially interesting:

  • Disable saving of IP addresses completely.
  • Load external embeddings only after the user has agreed.
  • The possibility to run services like twemoji or if feasible the spam defense service locally on the own server.

Best regards,
Vakarian

  • Management
Matt Grand Master

Matt

Posted
  • Management
Posted

Why would you want to disable storing the IP address completely? We need to store it for a short time for authentication purposes and to track abuse.

We do have a feature that removes IP addresses from the database after a set period of days/weeks (ACP > Members > Profiles > Profile Settings)

Could contain: Page, Text, File

You could set this to a low number, say 7 days.

The internet is based upon recognising IP addresses, for complex applications to work and be trusted, we do need to store them for at least a short amount of time.

I am not a lawyer, but we work with many GDPR/privacy focused EU brands that accept IP addresses to be stored for the purpose of the application.

opentype Grand Master

opentype

Posted
Posted
Quote

Load external embeddings only after the user has agreed.

That’s a valid issue though. It even got worse recently now that website owners are getting sued for loading Google fonts without “need”. And YouTube videos automatically loaded as iFrame contain them too – not to mention all the other calls to Google, Twitter, Facebook and so on for their embedded content. 

Vakarian96 Collaborator

Vakarian96

Posted
  • Author
Posted
1 hour ago, Matt said:

Why would you want to disable storing the IP address completely? We need to store it for a short time for authentication purposes and to track abuse.

We do have a feature that removes IP addresses from the database after a set period of days/weeks (ACP > Members > Profiles > Profile Settings)

Could contain: Page, Text, File

You could set this to a low number, say 7 days.

The internet is based upon recognising IP addresses, for complex applications to work and be trusted, we do need to store them for at least a short amount of time.

I am not a lawyer, but we work with many GDPR/privacy focused EU brands that accept IP addresses to be stored for the purpose of the application.

The IP addresses are not a big problem now, but it would be nice if you could. But the other two points are indeed a big problem and quasi these features not usable.

PatrickRQ Mentor

PatrickRQ

Posted
Posted (edited)
1 hour ago, opentype said:

That’s a valid issue though. It even got worse recently now that website owners are getting sued for loading Google fonts without “need”. And YouTube videos automatically loaded as iFrame contain them too – not to mention all the other calls to Google, Twitter, Facebook and so on for their embedded content. 

To be honest. When I see such nonsense "law" I want to put a welcome message like "Do not want to accept our policy? We do not want to work with you". -> redirected. Sad to say but things are getting extremely insane. That seems the only valid solution for privacy crazy people, who believe the law protects their privacy. It is just fooling population.

Edited by PatrickRQ
  • Management
Matt Grand Master

Matt

Posted
  • Management
Posted
26 minutes ago, PatrickRQ said:

To be honest. When I see such nonsense "law" I want to put a welcome message like "Do not want to accept our policy? We do not want to work with you". -> redirected. Sad to say but things are getting extremely insane. That seems the only valid solution for privacy crazy people, who believe the law protects their privacy. It is just fooling population.

I think most agree that the bureaucracy surrounding GDPR is silly (cookie pop-ups, accept T&S, etc, etc) although the core message of protecting personal information is good.

The embed notice is something we already have on our list but we don't have a release date for it at this time.

PatrickRQ Mentor

PatrickRQ

Posted
Posted (edited)
19 minutes ago, Matt said:

I think most agree that the bureaucracy surrounding GDPR is silly (cookie pop-ups, accept T&S, etc, etc) although the core message of protecting personal information is good.

The embed notice is something we already have on our list but we don't have a release date for it at this time.

Idea is OK but result is as always poor. I simply do not believe in anything European Union does, as all it does works against people / human at the end. Just a personal opinion.

EU bases its functionality on needs of poor people, people who were "forgotten" by the past unjust system giving them social payments and many more benefits. At the same time it tells to the same people that all this is because of entrepreneurs who work. Law constructed by EU and the way it is implemented is to favorize large corporations with use of not rich people, to work against the middle-class that is most problematic aspect to spread other idiotic ideas European Union would like to introduce.

Sorry a political feel of the post 😉

Edited by PatrickRQ
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...