ptprog

@Matt Really great, we really appreaciate the incredible effort put into improving this. Just one suggestion, to leave a way for us to add custom lines to the robots.txt in addition the optimized version (from the screenshot above, I got the impression that we can only select between optimized vs custom). So this options would create the optimized robots.txt + add the extra lines we configure manually. Because we have some custom directives to slow down or ban some bad crawlers that we wish to keep.

I actually like it. I hope they do it more... like a hundred times. 😄

For GDPR compliance the user has to actively confirm that the mail address can be saved and confirm that he read the privacy policy. 

Some thoughts:
- the abandon email is a really smart re-engagement reminder.  I give you +1 for this
- not a fan of the full page refresh to the registration form, I think the modal registration window is psychologically smoother and less of a hindrance
- why don't you offer social sign-ins next to email input for streamlined sign in? 

Note that you can use the contact form without agreeing to the ToS, I believe.  Probably there are other guest forms in a similar situation.
I'm checking European Commission websites to see how they are complying with GDPR, and their contact forms (or at least some) have the consent checkboxes.  So, even though I'm not particularly concerned with this issue, I think it would be wise to add this to contact forms and some other guest forms (maybe put it in the same places where you may place a CAPTCHA for avoiding guest spam messages).

Moreover, Anton can said to the post "I am Anton Popov from Leninskaya street, d. 16. Love cooking, my weigh is 80 kg, red eyes. I'm a christian, have a vegetovascular dystonia. Bisexual"
Bertha quoted Anton.
Certha copy-paste part of Anton's post directly.
Dertha made a screenshot of Anton's post, save it to local computer. And after some time posted it. Don't care about behavior. But. Some time later Anton made a account removal request and his account and data deleted and anonimyzed. After that Dertha posted screenshot.
I just want to say - you can't manage personal data information, stored as a part of content. If you try to do that - you can fail on the time, when someone post personal data after delete. So you (and moders) don't know anything about Anton, so you can't know about his previous delete. Of can? If can - you dont' clean up his ) Our lawyer get an answer for that question from our Controller. He said - content posted by users became a part of public domain. And for better understanding that we put the notify about that to top of all editors. May be that is too much for that. But we want to provide better service and undestanding to our users.

1) They don’t. Hackers and scammers are identified and prosecuted all the time. Not all of them, maybe not even most of them, but they are. 
2) Even if your claim would be entirely true, it would be irrelevant! There is no logical connection from “some people cannot be identified” to “therefore IPs cannot be personal data in general”, i.e. it is a logical fallacy when you make that connection. It is not a requirement of personal data to clearly identify an individual in every situation. My name might be used dozens of times in my country — in fact it actually is. Many people will share my birthday. My address might be shared by many people over the course of years. So having a piece of this type of information might not be enough to identify me clearly in any situation. And still: That doesn’t mean those pieces of information are NOT personal data. They are, because they relate to me in one way or another — and so can an IP address. 

@Matt @Christopher Anderson Well, it's pseudonymized at least. We personally take this road, so it will be useful to me if IPS would provide the option to let us input our own value to give as the new attribution. You can argue people can comb through all of the quoted content in others members posts and get the information that way anyway, or you could argue that an advanced AI in the future could be able to figure out which users are different anyway based on writing style alone.
I see no need to make it harder for people to understand how the flow of a previous conversation has been (if you choose not to delete the content in the first place), it only makes things confusing. 
There are 4 potential options here: 
Continue to attribute to Name (currently in this update) Attribute to "Guest" only (currently in this update) Attribute to the given name <Admin inputs new name> Pseudonymize: The software generates a md5-hash based on some values there and then that does not retrieve any member data, just something like a timestamp + some other value and then gives that name to all content from that account before it's deleted. @Matt Will I be able to hook into it at least? 

@Matt On deletion of members: 
Could there be an option to define the name to attribute to on that page directly? So we could input for example "Member 3312" (where 3312 would be their memberId). This will keep the discussion still somewhat reader friendly, so it would still be possible to differentiate different accounts as having written in the discussion, for readers reading old content. 
Alternatively let the Anonymize attribution do a md5 hash on the (memberId+some community specific value that is unlikely to be changed) and grab the first 8 letters or something. 

But other parts of account history is unnesseary. 
For example, do you need to know that someone changed from mypreviousmail@myjob.com to unemployednow@yahoo.com for a year? You are perfectly able to make a good argument for keeping such entries for some months after the member changed it, but you're really stretching it when it goes beyond a year for some of the information they store to account history now. 

Yes, in general you may have valid reasons to retain data.
For example, when you retain IP addresses, or even emails, of banned users and spammers, I see a reasonable reason to retain that data: prevent future abuses, from users that already have a historic of abuses (although I have some doubts about the real usefulness of this data...).
But I'm talking about a specific case.  In particular, my problem is with the indefinite storage of IP addresses as result of the "normal" use of IPS software.  I have used the IP data to detect abuses, but I never needed data from more than a few weeks ago.  So, even if the user does not want to be forgotten, I believe retaining this data indefinitely does not comply with the balance requirements of legitimate interest.
(This opinion is mainly based on my experience.  Others may have legitimate use cases to justify keeping such data, and if that's the case, I'm curious to know more about concrete examples.)
IP address are considered PII even when they are not directly connected with a user account.  If you cannot associate the IP address with an account, you can still "track" the user.  In this case, the IP addresses are similar to many other online identifiers such as tracking cookies, which are considered PII even if not associated with user accounts.
Thanks.  That may be enough for me.

Two points:
I would say that storing the IP address from which a post was made 5 years ago is storing more information than is needed. I just checked some private messages exchanged with a member that was deleted, and its IP address is still there (I did not check if posts also preserve this info), so it seems the possibility to delete a member is not enough to delete its personal data.

I really doubt European experts said something like that. It’s just clearly wrong over here. Ownership of intellection property cannot be transferred in Europe. Either community content isn’t intellectual property at all, e.g. a short comment. Then no one really owns it. Or it is intellectual property, e.g. a gallery picture the user has taken himself or an article or article-like forum post. In this case the intellectual property is owned by the creator for life (and his family for a certain time after his death). So the web provider will never “own the content”. Never! It’s legally impossible. The European creator can’t even give it up if he wanted to. What he can do is issue usage rights. And that is something that needs to be clarified in the terms—upfront. 
Wether this type of “data” needs to be seen as part of the upcoming GDRP rules, well, that’s open for debate at this point it seems. 

Probably. But there aren’t just the people working for the governments. It’s a common business model for private law firms to find legal problems on websites and send out formal warnings with a large fee. For those companies, the new regulations could be another gold rush. 

I personally do not feel that public posts or personal messages constitute 'personal data'. I see that more like email address, age, address, credit card details, etc.

No! This is where people take GDPR too far and misunderstand the point. Of course a contact form requires contact data and contact data to be stored. Just as ordering a product requires a shipping and billing address to be stored. You don’t need addition consent. The GDPR changes nothing in that regard and requires nothing new. 
You just shouldn’t ask for more information than necessary and you shouldn’t use it for other purposes. When the contact form signs the user up for a marketing email list without his knowledge and consent – well, you can’t do that anymore. (And you shouldn’t have done it in the past.)

Obviously I would not tell you to go against your lawyer's advice but I would note the contact us link in the footer is like 5 pixels to the right of the privacy policy link so you know... ?
As I said, the contact us form is basically a "send me an email" form so I do not personally see any GDPR impact anymore than someone just emailing you would have.

Two points:
I would say that storing the IP address from which a post was made 5 years ago is storing more information than is needed. I just checked some private messages exchanged with a member that was deleted, and its IP address is still there (I did not check if posts also preserve this info), so it seems the possibility to delete a member is not enough to delete its personal data.

Two points:
I would say that storing the IP address from which a post was made 5 years ago is storing more information than is needed. I just checked some private messages exchanged with a member that was deleted, and its IP address is still there (I did not check if posts also preserve this info), so it seems the possibility to delete a member is not enough to delete its personal data.

These improvements are welcome, but there are a few issues that still need to be addressed.
One is regarding the ability to either disable the collection or anonymize personal data that is not critical to the software functionalities.  I'm thinking about IP address in logs, for example.  I don't know if there are other items.
Regarding cookies, I think GDPR requires affirmative user action for things like accepting cookies.  Thus, IPS should not set any cookie until it has user consent, and it should also provide an opt-out mechanism.  I believe this is not done in current version (I didn't test 4.2.7 yet).
Using embedded content also means the users may get cookies from external domains/services.  So, we need more control on the embeds that are enabled, to make sure we don't add unexpected cookies. It would also be nice to be able to rebuild posts and remove external embedded content.

Or this, which I use:
 

Could you be more specific about the points 1 and 3?  That is:
Where did IPS "answer" about the opt-in/opt-out of cookies?
For the record, showing a message stating that cookies were set is not a valid opt-in.  I'm also not sure where we can opt-out after accepting the cookies.
(I don't think GDPR forces us to rely on consent to store cookies, but it would be nice if IPS allowed us to do so.) Where did IPS "answer" about allowing to export users' personal data?
I'm not sure which data users may require to be exported for portability, but even if we assume it is just the profile info (which may be easy to collect), note that the users may also request to know all personal data stored about them.  I'm pretty sure this includes IP addresses stored in IPS logs.  In any case, I did not find any feature to export users data in IPS 4.3 (but I may be missing it).

These improvements are welcome, but there are a few issues that still need to be addressed.
One is regarding the ability to either disable the collection or anonymize personal data that is not critical to the software functionalities.  I'm thinking about IP address in logs, for example.  I don't know if there are other items.
Regarding cookies, I think GDPR requires affirmative user action for things like accepting cookies.  Thus, IPS should not set any cookie until it has user consent, and it should also provide an opt-out mechanism.  I believe this is not done in current version (I didn't test 4.2.7 yet).
Using embedded content also means the users may get cookies from external domains/services.  So, we need more control on the embeds that are enabled, to make sure we don't add unexpected cookies. It would also be nice to be able to rebuild posts and remove external embedded content.

I too really appreciate this blog post and the concerted efforts you have taken in introducing tools and links to relevant information help us with GDPR compliance in 4.2.7.  I chose the community software as it is top class and actively enhanced, has professional support and takes security seriously. Now it benefits from support for first rate privacy and data protection tools to the list.
 
GDPR is I believe a much needed step forward for privacy and the assertion that individuals own the rights to their data is increasingly vital in this age of social media and big data analysis. I hope and believe GDPR may well become the de facto world privacy standard and should not be feared but embraced to provide true transparency and protection to our community members in the best way.
One area as highlighted also by the @The Old Man that may still need to be addressed  in relation to the right to be informed and a subjects access requests. I am not concerned particularly about content such as posts, articles, blogs etc however member data, store customer data and to IP & device data is collected and is accessible and there needs to be a mechanism to provide this data in response to subject access requests in an easily readable electronic form.  This data is accessible via the ACP but it is not easily captured or exported e.g. in CSV or PDF, the only real method currently is screen capture which is laborious.