Matt

This is working in Wordpress check your code :)
By the way, we use the "externalembed" @Matt also in Invision itself for SEO reasons :
We can show many blocks on every pages (last topics, last videos, last events etc) and there is no duplicate content problem as it shows up as iframes in the code
So i would recommend using those external embed blocks everywhere :) very useful !

We will. Which is why we're watching GDPR closely but not knee-jerking a bunch of half baked features into life that may never be needed or used.

We will. Which is why we're watching GDPR closely but not knee-jerking a bunch of half baked features into life that may never be needed or used.

We will. Which is why we're watching GDPR closely but not knee-jerking a bunch of half baked features into life that may never be needed or used.

We will. Which is why we're watching GDPR closely but not knee-jerking a bunch of half baked features into life that may never be needed or used.

Something to consider for a future release. You should be able to hook into it. 

And LEGO®, SEGA®, Warner Bros, etc. ?

And LEGO®, SEGA®, Warner Bros, etc. ?

All very sensible yes. There's a new Admin permission mask for the exports, so you can disable this per admin if you wanted to.

We can look at that in a future release.
One thing I'm always mindful of is security of the account.
What would a checkbox on a single use form do? 

We can look at that in a future release.
One thing I'm always mindful of is security of the account.
What would a checkbox on a single use form do? 

We can look at that in a future release.
One thing I'm always mindful of is security of the account.
What would a checkbox on a single use form do? 

I have, which is why I settled on "Guest" to completely anonymise it and ensure no mining or pattern matching could occur.
That really is not required. It should all in the T&S and Privacy Policy which you have to opt-in to when registering, and this opt-in is recorded.
GDPR is not about putting a checkbox in front of every possible interaction with the site. What a nightmare that would be for everyone.

Many? Most? Really? Sorry, but I don’t think those are honest claims. You happened to found one—that’s far from many or even most. 
My tip: read the GDRP text yourself. It clearly addresses this. If the processing of data was necessary anyway, the GDRP changes nothing. Shipping a product requires a shipping address. A contact form requires a way to reply to the request. GDRP doesn’t change that. It’s in there. 

eRecht24 (among many other established services) explicitly advises webmasters to implement checkboxes for forms. eRecht is a premier service for data privacy issues. The contact form in IPS does not require a user to be registered first, nor does the comment function for articles.
https://www.e-recht24.de/news/abmahnung/10651-abwarnung-kontaktformulare-einwilligung.html

Indeed it is. Matt, you've stated in another blog that the GDPR is very vague at times.  You ask three lawyers and get four answers. None of them are legally binding.
I've seen dozens of lawsuits years ago about the cookie notice thingy. It was a HUGE hassle for everyone, even if you were proven right in court after thousands of dollars.
Most data privacy advisors currently advise to implement checkboxes to be safe than sorry. I've read about alternating interpretations on this, but until this has been fought out in court the situation remains unchanged: You can only be safe if you do more than maybe required. Most of the large companies have equipped their websites with checkboxes in contact forms or at least a dedicated data privacy notice right before the submit button. Many have removed contact forms altogether.
I do fully understand that this a huge annoyance for everyone involved.

Something to consider for a future release. You should be able to hook into it. 

Thanks for the updates.
As @The Old Man said it would be great if the download/delete etc was within the users own account admin so admins don’t have to manually do this for them each time. 

All very sensible yes. There's a new Admin permission mask for the exports, so you can disable this per admin if you wanted to.

If you have deleted a handful of members and their content has been merged to Guest you will probably have several hundred postings over time.  Someone that took the time to read through all of these "Guest" postings would find it difficult to guess which posting was made by which prior member.  If the same postings were attributed to various "defined" accounts as mentioned above someone "could" comb through the site and see all of the content a particular deleted member wrote.  Those postings might include enough clues that someone could conceivably figure out the identity of the poster. "If" content left behind by a departing members "could" be attributed to them is the content "really" anonymized?  Something to consider.

Yes, only the enabled will be shown.

These improvements and tools are excellent and well considered, just what we needed, thank you. 
I'd also urge some general caution and due diligence especially with any non-member requests for bulk personal data export, admins should put some procedures in place and make sure co-admins and staff are aware, to recognise a request and to reasonably check proof of identity before handing over bulk export data  to ex-members, banned or disgruntled ex-members who potentially have a grievance, or ex-members requesting deleting accounts. 
It may be useful for current registered members to have a convenient option in their Account Settings to be able to request an export, so export could be performed automatically and recorded in the member history audit trail.
I'd also urge caution in transmitting that XML data to the requester especially by email, be sure to provide some security such as sending it in a passworded and/or encrypted zip file. Double, triple check you're sending it to the correct person, email address!
 

Thanks. The icing on the cake as no more scrolling through loads of irreevant dd-ons.

And LEGO®, SEGA®, Warner Bros, etc. ?

And LEGO®, SEGA®, Warner Bros, etc. ?

It makes perfect sense and you even gave the explanations. Your imprint provides information legally necessary, so of course they need to be correct. If you intentionally or unintentionally make your business appear bigger than it actually is, than that is indeed “competitive distortion”. You registered you business. You know what it is and you can put that on your websites. And as business owner you have the responsibility to know about these issues. So you made a mistake and you paid for it. And all that has nothing to do with GDPR …