Cyboman

Still waiting for proper EU support of Commerce (i.e. taxation based on B2B/B2C clients with live VAT ID checks). Until then, no filters, widgets or other details will make a substantial difference. 

Go to the AdminCP > Support > Tickets, click "My Preferences", and you have several of those options already:

Is it at all possible to expand the commerce notifications?  One of the biggest suggestions from my community (and others that I've seen posted here) is to receive website notifications for support ticket related things, such as:
When you're assigned to a ticket When a member has responded to a ticket you're working/assigned to When tickets are marked a certain status automatically using the auto-resolve feature When new tickets come in  (The commerce overview widget is ok, but it's easily overlooked.)

For GDPR compliance the user has to actively confirm that the mail address can be saved and confirm that he read the privacy policy. 

My score is 4,9 / 5
I only forgot about the image alignments (that they don't stick to their own rows/lines and are positioned as fluid beside text) and I just wanted to code an own editor button for this as I've done during BBcode times before 👍
Now I can remember. 💥

Couldn't care less about the GIFs, but this one is exciting:
Edit: OK, let me express my emotions about this post with gif as requested:

 
 
 

Support Requests !!!
Notifications about open/new/unopened/due requests should be displayed in the ACP notifications AND in the frontend notifications please.
Maybe itt would make sense to make ACP notifications configurable, what ACP notifications can also be displayed on the frontend. And have a secondary notification icon in the frontend header showing the counter 😉 

Activity streams, activity streams and activity streams...
This feature will keep forums alive... all communities must make best use of this feature to cope up with social networks.   

Pages for me too. Very easy and cool to use pages in my community. I have do a Movies & Tv Shows database :
Listing tv show (with 2 blocks "top 3" and "just add") :

 
record display :

 
And block forum (carousel with 10 items)

 
Pages is very powerful with infinite possibility, the only limit is your imagination. 

Support Requests !!!
Notifications about open/new/unopened/due requests should be displayed in the ACP notifications AND in the frontend notifications please.
Maybe itt would make sense to make ACP notifications configurable, what ACP notifications can also be displayed on the frontend. And have a secondary notification icon in the frontend header showing the counter 😉 

Great news!
I'm hoping this eventually leads to receiving notifications for support requests as they come in, based on the currently selected ticket filter!

they released a formula so we will know when the releases are:

I think Language (and the language strings) are one of the easiest, fastest, yet most powerful ways for you to cultivate a unique culture for your community.  It's also using a default feature of IPS so you're not customizing with a third party app.  I used to think that langstrings were only for non-english communities but they should be used by any admin to cultivate a unique culture and lingo for your board.  
If you have a themed community, you can be extremely creative in your language customization.  Even if you don't have a themed community, it's an opportunity to think very deeply about your organization's goals and to couch those goals within a set of unique terms.  For example:
- if I were running a Harry Potter website, my reactions could be 'spells'
- if I were running a gaming clan, my leaderboard could be a 'scoreboard' or 'hit list'
- if I were running a mental health nonprofit, my clubs could be called 'support circles'. 
As a personal example, I changed my langstring for Subscription to Pledge.  Subscription sounded very commercial and monetary.  I wanted a word that connected better with supporting my websites mission and values, and to have less of $$ edge.  

I hope that in a future version medals/thophies/achievement badges will become a core feature of IPS (some competitors already decided to add this), in combination with an excessive rules system that allowes for any situation to be a reason for awarding someone. I found that in many forums where people get rewards for whatever they are doing, they are more active. It also makes a site more interactive, if you post, vote or whatever and something personalized happens (such as getting a message, that tells you about a shiny new badge you have earned).

Gamification is seriously lacking. While the described feature are nice, they are far from being ideal.
Winning most likes for the day does not make you the most valuable, more often it makes you the guy that posted the funniest meme in the humor section. We need a serious, customizable rating system that can be tuned up to objectively rate the members and their contributions. 
 
@Matt - I know you are lurking in TAZ, this is a nice thread with some ideas: https://theadminzone.com/threads/determining-your-best-members-with-data.143807/#post-1120746  

@Matt
You know I love IPS but as powerful as Pages is, your article templates are still so few, so limited and I'm sorry, but so outdated! Back in IP Content v2.whateveritwas, I was told you'd be releasing more article templates, but years later and there are still no new templates for rapid deployment. The problem is that almost all Pages websites seem to either look pretty much the same, or just awful. 
Thank God for the Supergrid templates by @opentype and his very fair pricing policy, they offer a quick and attractive second option to the default template.
Please release some more varied designs or perhaps consider partnering up with a good design company to get some more created.
Many thanks!

Said someone who clearly never had an Abmahnung ? Take Facebook for example: all bad press aside, FB reacted accordingly. Even a Lithuanian hosting company I do business with has responded with preemptive solutions. As well as every other company I do business with. All but one: IPS. The law is known since 2016 - we're in 2018 and theres not even a data processing agreement.
I do realize "lets see and react" is very american, but that does not help me or even pays my legal fees.
Using your resources right is very much appreciated. But don't you feel that you should assist your EU customers and provide solutions instead of a legal uncertainty? I do not expect that the check-box thingy for contact forms will emerge as the way to do things in the long run - but after this has been decided by the highest courts over here YEARS will pass. And hundreds of thousands of euros will be spent in order to reach this. I do not have 100k lying around nor the time. All while you are in risk of getting those cease and desist letters on a daily basis.
And since even government-run websites implement checkboxes these days - i'd like to be better safe than sorry.
?

eRecht24 (among many other established services) explicitly advises webmasters to implement checkboxes for forms. eRecht is a premier service for data privacy issues. The contact form in IPS does not require a user to be registered first, nor does the comment function for articles.
https://www.e-recht24.de/news/abmahnung/10651-abwarnung-kontaktformulare-einwilligung.html

Indeed it is. Matt, you've stated in another blog that the GDPR is very vague at times.  You ask three lawyers and get four answers. None of them are legally binding.
I've seen dozens of lawsuits years ago about the cookie notice thingy. It was a HUGE hassle for everyone, even if you were proven right in court after thousands of dollars.
Most data privacy advisors currently advise to implement checkboxes to be safe than sorry. I've read about alternating interpretations on this, but until this has been fought out in court the situation remains unchanged: You can only be safe if you do more than maybe required. Most of the large companies have equipped their websites with checkboxes in contact forms or at least a dedicated data privacy notice right before the submit button. Many have removed contact forms altogether.
I do fully understand that this a huge annoyance for everyone involved.

If you have deleted a handful of members and their content has been merged to Guest you will probably have several hundred postings over time.  Someone that took the time to read through all of these "Guest" postings would find it difficult to guess which posting was made by which prior member.  If the same postings were attributed to various "defined" accounts as mentioned above someone "could" comb through the site and see all of the content a particular deleted member wrote.  Those postings might include enough clues that someone could conceivably figure out the identity of the poster. "If" content left behind by a departing members "could" be attributed to them is the content "really" anonymized?  Something to consider.

These improvements and tools are excellent and well considered, just what we needed, thank you. 
I'd also urge some general caution and due diligence especially with any non-member requests for bulk personal data export, admins should put some procedures in place and make sure co-admins and staff are aware, to recognise a request and to reasonably check proof of identity before handing over bulk export data  to ex-members, banned or disgruntled ex-members who potentially have a grievance, or ex-members requesting deleting accounts. 
It may be useful for current registered members to have a convenient option in their Account Settings to be able to request an export, so export could be performed automatically and recorded in the member history audit trail.
I'd also urge caution in transmitting that XML data to the requester especially by email, be sure to provide some security such as sending it in a passworded and/or encrypted zip file. Double, triple check you're sending it to the correct person, email address!
 

@Matt On deletion of members: 
Could there be an option to define the name to attribute to on that page directly? So we could input for example "Member 3312" (where 3312 would be their memberId). This will keep the discussion still somewhat reader friendly, so it would still be possible to differentiate different accounts as having written in the discussion, for readers reading old content. 
Alternatively let the Anonymize attribution do a md5 hash on the (memberId+some community specific value that is unlikely to be changed) and grab the first 8 letters or something. 

Hi @Charles I'm worried by this statement, this is factually wrong. I assume that IPB haven't engaged their own lawyer. The creator owns the content. There was a very famous case recently of a monkey winning a copyright claim over the photographer, as it was the monkey who took the selfie. It didn't matter that the photographer owned all the equipment and set it up.
Look at what Wordpress are doing to allow export for blog posts and comments etc, look at what Facebook have done to allow you to download everything.
Let's just say you're right about the forum posts. We still need this functionality for address, email, contact info, subscription dates, private messages.
 
 

@Matt
I highly appreciate your efforts with this blog post. Your writing shows a lot of common sense and from a website publisher's perspective I do fully agree.
But (and that's a big but) unfortunately the courts over in Europe have time and time again surprised us with its findings and the new law (and even the old data privacy laws within the separate EU member states) do not share that common sense.
While US Courts effectively can make laws, the courts over here can not. Each and every case is subject to interpretation of the written law and as you've noticed: the law is far from being exact. I'd like to address a few flaws with the law and the effects on communities driven by IPS. As you I am not a lawyer but reside in the one country with the single most cease-and-desist orders in relation to online business, copyright infringement and intellectual property claims: Germany. Hallo und Guten Tag.
Let me go over the utilities the IPS suite now offers:
The right to be informed Thank you - the cookie bar was long overdue ? Right to DELETE
This is a unbelievably tricky subject. Reading through the comments and even your post about an EU customer I wonder if anyone has ever read the laws on intellectual property (over in Europe).
If any part of anything I post here or in any other online community reaches the threshold of originality ("Schöpfungshöhe") it is automatically protected by a copyright law. (If you stretch the interpretation to its limits even this post right here could be covered since I aim to provide helpful information.) This copyright never expires and is not transferable to anyone else. Your original content will always be yours. The only way for a website publisher to keep the more creative posts of former users is, if those users have transferred an non-restricted usage rights to the publisher. The one and only way by law to have a copyright transferred from one person to another is by death of the original author. So even if you delete a former member from the community and keep the posts you are not immune to the Abmahnung. Years and years later a relative who inherited the intellectual property of a deceased member of your community could come after you. This is very very relevant when users are posting self-taken photographs or write fanfiction. There are ways to transfer unrestricted usage rights via your terms of service and I strongly suggest anyone within the EU does implement those. I haven't deleted anyone recently but I do recall that once deleted, the posts from a deleted member that then are logged under a "guest" name cannot be selected collectively afterwards. So if you delete a member and keep the posts there is no way to do a second cleansing if this specific idiot tries to make your life hard. Also there's a requirement to inform any third parties about the deletion of a specific dataset. So if your community system transferred personal data to Facebook (status updates...) you need to inform Facebook about the deletion. There's an exemption if this would require a "high effort" but what that means is for the courts to decide ? Suggestions to solve this issues: Have users sign away usage rights during sign-up via a checkbox (like with the opt-in for emails) Make posts of deleted members search-able afterwards in the ACP to get rid of them if needed Another big issue I see is with IP addresses. While it is absolutely common sense that an IP address is NOT personal information, the courts ruled otherwise. Time and time again. I will spare you tons of links and just post this one about a ruling from Germany's highest court:
https://www.lto.de/recht/hintergruende/h/bgh-urteil-vizr13513-dynamische-ip-adressen-personenbezogene-daten-speicherung-internetseiten-bundesrepublik/
Within this ruling you find the following:
IP addresses in itself, even dynamic ones, are personal data that need to be protected While website publishers certainly have an interest to protect their infrastructure this interest only applies when there is a specific threat which is not the case during normal operations All in all the IPs are NOT needed to serve the website to the visitor and therefore are not to be documented Fun fact about this: the one that went to court was a member of a political party. The one he sued was the country Germany. The court ruled in his favor. The highest European court came to the very same conclusion in 2016.
Therefor we absolutely need an option to disable the collection of IP addresses and purge previously collected data. (since that's not new with the GDPR)
I recognize that you might be able to run a few db-queries to purge the IPs but since the GDPR requires companies to have a method description for all things related to IT this is not enough. Each tool used within your companies IT structure needs to be GDPR compliant on its own. Therefore the exclusion of IP address data collection has to be implemented within Invisionpower Software to be legal.
A few more features required in relation to GDPR:
A opt-in checkbox for the contact form that has to be checked before the user can send you his information with a disclaimer that tells the user that the information he sends will be stored and used to answer his question. YES, this is f*cking obvious and seems totally retarded... ? Needs to be documented... An option to export all user data (posts, images, profile information) in a "standardized machine-readable form" See the right of transfer (§20 GDPR) https://www.datenschutz-grundverordnung.eu/grundverordnung/art-20-ds-gvo/ Each and every opt-in by a user has to be documented. IPS has implemented this for the opt-in for emails since every opt-in is now for a predefined specific purpose I'd argue that also the opt-ins for thread-updates, personal message etc. need to be gathered and documented. Age verification (I saw this in previous version - does it still exist?) ISP needs to provide a Data Processing Agreement - even if you do not host my communites your support can access them via an admin account for support. Therefor the agreement is needed. I have attached a document in english from a large european hosting provider. Maybe that's of help to you. I need one by May 24th.  
You're dead wrong here, sorry.
Hallo "Abmahnung". That's the real problem. I suspect tens of thousands of Abmahnungen will leave the fax machines on May 25th at 00:01 am.
Data Processing Agreement.pdf

FWIW I agree on the interpration from IPS on most points here. The only thing I'm a bit surprised by is that they don't provide retention settings for:
IP addresses Account history  Ironically, the "worth" of an IP address diminishes the longer it's stored, but I still feel this is one thing it would be appropiate to have a retention setting for. I will likely make a custom script for this in my case which will likely operate with two retention settings: 
One for members who have NOT been warned and/or suspended the last year One for members that have been warned and/or suspended the last year