Community and GDPR

Grant Pankonien — Mon, 03 Aug 2020 18:26:08 GMT

Current Revision posted to User Documentation by Grant Pankonien on 08/03/2020 18:26:08

This article will help you understand and configure features to support applicable GDPR requirements within your community.

Right to Erasure ('Right to be Forgotten')

As a community manager, how do I delete a user and their personal data from the community?

Community managers have multiple options when [[How do I administer members?|deleting a user from the community]]. They may choose to delete the user and all of their content or anonymize their content by reassigning their contributions to a "former member" account. In both cases, the user's personal data is always removed. Note: If personal data is posted within content (example. forum thread) that information is not removed in the case of anonymization.

Can users delete their own data (self-delete) and leave the community?

Yes. You can optionally [[How can I allow users to delete their own accounts?|allow users to delete their own accounts]] without community manager assistance. When enabled, users will have a "Delete my account" option in their profile settings page. When an account is removed this way, the user's contributions are assigned to the "former member" account and all of their personal data is removed. Note: If personal data is posted within content (example. forum thread) that information is not removed in the case of anonymization.

Data Portability

As a community manager, can I export users' data?

Yes. Community managers can use the member management to export users' data. See "How can administrators export a user's data" section of this [[How do I allow users to export their data?|article]] to learn more.

Can users export their own data without asking the community manager?

Yes. You can optionally enable users to initiate a data export on their own. When enabled, users will have an [[How do I export my data?|"Export my data"]] option in their profile settings. When the export is requested and completed, the user receives a private message with a time-sensitive (four days by default) export that contains all of their community data.

Consent for processing personal data

Can I track user consent to terms of service and privacy?

Community offers a way to track consent for overall site terms of service and privacy acceptance. Read [[How can I require acceptance of terms of service before member registration?|this article]] to learn more.

Does Community track historical user consent?

Community only stores the last time a user consented. Tracking historical acceptance is feasible using a customization.

Other

Can users delete any single piece of content they have authored?

Deleting content is based on permission and roles in the platform. Under most situations, non-permission elevated users can delete their posts if there have been no responses. To handle all potential delete scenarios (example: accidentally posted private information) you may want to offer a process to request content to be removed - e.g. email a community manager.

Our GDPR strategy goes beyond our online community. Can I automate and/or be notified of necessary actions (example: user delete, user exports)?

Yes. Community offers a REST APIs for deleting users. Using webhooks, external systems can be notified of export request completion and user deletes.

Community and GDPR

Grant Pankonien — Fri, 13 Sep 2019 16:02:29 GMT

Revision 2 posted to User Documentation by Grant Pankonien on 09/13/2019 16:02:29

This article will help you understand and configure features to support applicable GDPR requirements within your community.

Right to Erasure ('Right to be Forgotten')

As a community manager, how do I delete a user and their personal data from the community?

Can users delete their own data (self-delete) and leave the community?

Data Portability

As a community manager, can I export users' data?

Can users export their own data without asking the community manager?

Consent for processing personal data

Can I track user consent to terms of service and privacy?

Does Community track historical user consent?

Community only stores the last time a user consented. Tracking historical acceptance is feasible using a customization.

Other

Can users delete any single piece of content they have authored?

Our GDPR strategy goes beyond our online community. Can I automate and/or be notified of necessary actions (example: user delete, user exports)?

Yes. Community offers a REST APIs for deleting users. Using webhooks, external systems can be notified of export request completion and user deletes.

Community and GDPR

Ben Tiedt — Tue, 04 Jun 2019 20:10:04 GMT

Revision 1 posted to User Documentation by Ben Tiedt on 06/04/2019 20:10:04

This article will help you understand and configure features to support applicable GDPR requirements within your community.

Right to Erasure ('Right to be Forgotten')

As a community manager, how do I delete a user and their personal data from the community?

Can users delete their own data (self-delete) and leave the community?

Data Portability

As a community manager, can I export users' data?

Can users export their own data without asking the community manager?

Consent for processing personal data

Can I track user consent to terms of service and privacy?

Does Community track historical user consent?

Community only stores the last time a user consented. Tracking historical acceptance is feasible using a customization.

Other

Can users delete any single piece of content they have authored?

Our GDPR strategy goes beyond our online community. Can I automate and/or be notified of necessary actions (example: user delete, user exports)?

Yes. Community offers a REST APIs for deleting users. Using webhooks, external systems can be notified of export request completion and user deletes.