simonle

Awesome! I've been waiting so long for a proper achievement system. 👍

Awesome! I've been waiting so long for a proper achievement system. 👍

This looks really good! 😀👍

Well, for one thing, the blog add-on doesn't support categories(!), which IPS use here.

It would be useful if we could silo the videos to a different s3/other location rather than having all attachments in the same file system.

Yes this, please! This also happens in the Activity stream which is really annoying, especially when it bugs out and doesn't hide the full post...

Well, for one thing, the blog add-on doesn't support categories(!), which IPS use here.

hey lets quickly do something to blogs so we can show that we still kinda care about it....
I'm sorry but the blog entry page design is still awful and most other popular platforms offer far nicer layouts, far better readability. Heck even this custom IPS.Pages blog is heaps better than the design of blogs. Sure I can make it look far better with custom CSS and it looks like I'll have to.
The fact that IPS chooses Pages to make a blog with over their own blog app, tells you a bit about the state of this product.
/myopinontakeitwithabarrelofsaltifyouwish

Thanks for the info and effort in making the tools needed to comply With GDPR.
However I really wish for a better Way of dealing with deletion or removal of personal data. I wish that there was a dedicated user page for this, where a user could perform the following actions:
deactivate profile - so that the user profile will not be accessible and every thing appears if the user is removed, except data is still existent and the user can reactivate their profile. delete profile - andboptions to also delete blogs and/or forum threads etc. also when a user chose to delete it would be great if we could set a period before the actual deletion is performed where the user can cancel the deletion.
Dealing with all this through the admin is becoming a pain, especialy having to remember deleting content with the request of profile deletion. 

Really appreciate this article and the efforts in general to provide us with the necessary tools to help us with compliance in 4.2.7, and of course the point about trying to be helpful and supportive whilst not suggesting that you are pertaining to be lawyers or providing legal advice is well taken. As I've said before, it's a good potential selling point for software companies too. 
I much prefer this more helpful customer service stance which is much more supportive than when back when the cookie consent thing became a thing.
Whilst hopefully most of us won't ever have to formally demonstrate compliance with GDPR as part of an official review, ICO complaint or audit, it's just having the reassurance that our members know we take our responsibilities seriously, and the reassurance that also comes with knowing we have the tools available when needed to show general compliance or if necessary, for administrators to easily run off a log report detailing, not war and peace, but the basics of when a member's consent was provided, acceptance of terms was agreed (when they registered, accepted an updated privacy policy etc, or in fact removed consent). The data is there in the database, it's just a matter of being able to run a 'member GDPR' report, perhaps one that can be exported as a convenient pdf, txt, csv or .docx file. Perhaps even having a list of these tools and relevant AdminCP pages in a small but handy 'GDPR' section of the AdminCP menu would be helpful?
Great to also see a basic cookie acceptance tool built-in tied into the system and the ability to edit accompanying text as needed without giving admins the potential to get it wrong by pre-checking opt-ins. Not only removes the need to use third party cookie compliance software but also makes the whole experience more natural, streamlined and seemingly less disjointed to the end user/potential new member.
The boundaries of the Internet have never been straightforward! I'm in the UK, but I have multiple IPS licences for both UK and US based websites. When I say US based site, its more a case of having switched my original .UK monickered site to being more international themed .net site many years ago, and although the majority of its forum members are US based, we have a lesser proportion of international members (Finland, France, Germany, UK) and whilst I use a cloud-based VPS from a US based service provider for all of these sites, I know I still have to show regard to GDPR if we want to provide a service to people within European countries.
I bet hardly any UK based hobby admins are actually registered with the ICO if they don't own a full businesses or organisation already registered as a Data Controller, even though they are making the decision to store and process personal information. GDPR seems to remove that convenience loophole.
I recall someone saying that an IP address is not personal information back when the cookie debate was going on, but now GDPR clearly defines it as such.
Like you say, the UK's ICO website has some good info and guidance, although at times it can seem overwhelming.
If in doubt, get some legal advice is the key thing from a potential confused admin's perspective, look for online presentations or perhaps check out the business support section of your local council, business association, college, library to see if they are providing 1 or 2 hour free sessions in the area.

The main reason to not use Facebook/Twitter/Google+ is to fight against centralization of Internet, which hurts freedom of speech. Privacy issues and data ownership are other extremely important reasons.
I'm really glad that we have IPS as an alternative community building tool. I also hope that IPS will eventually have built-in functionality to interact with Diaspora and Mastodon (decentralized alternatives to Facebook and Twitter).