• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

[solved] Does the GDPR apply to a forum?

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.89/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
UPDATE 11 March 18: question answered. See my summary here. Thanks everyone.

UPDATE 24 May 18: definitive answer regarding an individual

There isn't an appropriate section for my question, so I've put it in General Software. Mods, please feel free to move it if you think it should be somewhere else.

I've been wanting to start a forum for the longest time and this year I might actually do it. It would start off as a general discussion forum with anonymous usernames as on here, with a tech corner, a bit like a small TPU and will be run as a non-profit. It might carry front page news at some point, but that would be some way off. However, UK law is changing, with the Data Protection Act being replaced by the much tougher EU General Data Protection Regulations on 25th May and I wonder if it would apply to someone like me.

I'm not a business and at most, my forum would run a few ads to help pay the bills. I've looked it over, but the website doesn't clearly spell out the scope of whom it covers, so I'm not quite sure if it applies to me. Basically, if I'm going to be under some onerous provisions with heavy penalties then I won't bother.
 
Last edited:

dorsetknob

"YOUR RMA REQUEST IS CON-REFUSED"
Joined
Mar 17, 2005
Messages
9,106 (1.27/day)
Location
Dorset where else eh? >>> Thats ENGLAND<<<
my opinion
it may have been more appropiate posted here ( Mods may also concur and subsquently move it :) editing this post also:)
https://www.techpowerup.com/forums/forums/programming-webmastering.52/

My Advice would be to call Someone like Godaddy and speak to "Customer/sales Serivce with enquirys as to legal responsabilitys /liabilitys
and the same to Other Hosting services
get each to send you a laid out Costed Plan ie a pre Contract Document
Hope this helps and
ps sorry if i'm telling you i'm telling you how to teach gran-ma how to suck eggs

Pps worth Speaking to @W1zzard for Advice
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.89/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
Thanks D, that sounds like a good place to start. If W1z can chip in too, that would be great.
 
Joined
Jul 25, 2006
Messages
13,023 (1.95/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
I think you should consult a lawyer (solicitor in the UK).
 

dorsetknob

"YOUR RMA REQUEST IS CON-REFUSED"
Joined
Mar 17, 2005
Messages
9,106 (1.27/day)
Location
Dorset where else eh? >>> Thats ENGLAND<<<
STEP 1.See above talk to Hosting providers
STEP 2.
I think you should consult a lawyer (solicitor in the UK).
Why pay for Legal Advice untill you have confirmed if you have any POTENTIAL liabilitys
 

Mindweaver

Moderato®™
Staff member
Joined
Apr 16, 2009
Messages
8,269 (1.46/day)
Location
Charleston, SC
System Name Tower of Power / Delliverance
Processor i7 14700K / i9-14900K
Motherboard ASUS ROG Strix Z690-A Gaming WiFi D4 / Z690
Cooling CM MasterLiquid ML360 Mirror ARGB Close-Loop AIO / Air
Memory CORSAIR Vengeance LPX 32GB (2 x 16GB) DDR4 3600 / DDR5 2x 16gb
Video Card(s) ASUS TUF Gaming GeForce RTX 4070 Ti / GeForce RTX 4080
Storage 4x Samsung 980 Pro 1TB M.2, 2x Crucial 1TB SSD / NVM3 PC801 SK hynix 1TB
Display(s) Samsung 32" Odyssy G5 Gaming 144hz 1440p, 2x LG HDR 32" 60hz 4k / 2x LG HDR 32" 60hz 4k
Case Phantek "400A" / Dell XPS 8960
Audio Device(s) Realtek ALC4080 / Sound Blaster X1
Power Supply Corsair RM Series RM750 / 750w
Mouse Razer Deathadder V3 Hyperspeed Wireless / Glorious Gaming Model O 2 Wireless
Keyboard Glorious GMMK with box-white switches / Keychron K6 pro with blue swithes
VR HMD Quest 3 (512gb) + Rift S + HTC Vive + DK1
Software Windows 11 Pro x64 / Windows 11 Pro x64
Benchmark Scores Yes
my opinion
it may have been more appropiate posted here ( Mods may also concur and subsquently move it :) editing this post also:)
https://www.techpowerup.com/forums/forums/programming-webmastering.52/

I don't know if that is the right place with out asking a few questions.

@qubit are you asking what forum to use example ZenForo, vBulletin, etc.. or are you asking where to start and how to code it? Do you want to learn HTML, CSS3, PHP, JavaScript, asp.net and need help? If so then I will move it for you buddy.
 
Joined
Jul 25, 2006
Messages
13,023 (1.95/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
Why pay for Legal Advice untill you have confirmed if you have any POTENTIAL liabilitys
Because it is the solicitors job to understand the laws and identify all those liabilities.

qubit has stated he will be accepting ad revenue to help pay the bills for the service he will be providing. That's a business - regardless if non-profit or not - regardless if he states it is a business or not.
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.89/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
@Mindweaver No, it's just the legalities of setting up a forum. Regarding the technicalities such as software, servers, domains etc I can work out myself and will ask on here if I get stuck on any of it.

@Bill_Bright Wouldn't surprise me if you're right re ads and a business. Legal advice sounds like a good idea at some point. I belong to a union which should be able to get me that kind of formal advice for free. I just wanted to get a start on it here and also figured it would make a for an interesting talking point. :)
 

CAPSLOCKSTUCK

Spaced Out Lunar Tick
Joined
Feb 26, 2013
Messages
8,578 (2.01/day)
Location
llaregguB...WALES
System Name Party On
Processor Xeon w 3520
Motherboard DFI Lanparty
Cooling Big tower thing
Memory 6 gb Ballistix Tracer
Video Card(s) HD 7970
Case a plank of wood
Audio Device(s) seperate amp and 6 big speakers
Power Supply Corsair
Mouse cheap
Keyboard under going restoration
just do it.

In the UK the taxman isnt even interested in the first year....they expect a loss.

Speaking purely from personal experience.
 

dorsetknob

"YOUR RMA REQUEST IS CON-REFUSED"
Joined
Mar 17, 2005
Messages
9,106 (1.27/day)
Location
Dorset where else eh? >>> Thats ENGLAND<<<
you have to find out potential liabilitys and the hosting company can indicate for free what they might Be

Then you pay for ( if you proceed ) Legal advice on the whole plan

There is no Point in PAYING FOR LEGAL ADVICE till the Hosting Company indicates some form of liability or not
if @qubit gets advice from potential host that indicates for certain that he will have liability's then he won't proceed
your Advice while appropriate if he proceeds ( would COST HIM MONEY that he may necessarily not need to spend if he does not proceed)
 

Tatty_Two

Gone Fishing
Joined
Jan 18, 2006
Messages
25,910 (3.78/day)
Location
Worcestershire, UK
Processor Intel Core i9 11900KF @ -080mV PL max @225w
Motherboard MSI MAG Z490 TOMAHAWK
Cooling DeepCool LS520SE Liquid + 3 Phanteks 140mm case fans
Memory 32GB (4 x 8GB SR) Patriot Viper Steel Bdie @ 3600Mhz CL14 1.45v Gear 1
Video Card(s) Asus Dual RTX 4070 OC + 8% PL
Storage WD Blue SN550 1TB M.2 NVME//Crucial MX500 500GB SSD (OS)
Display(s) AOC Q2781PQ 27 inch Ultra Slim 2560 x 1440 IPS
Case Phanteks Enthoo Pro M Windowed - Gunmetal
Audio Device(s) Onboard Realtek ALC1200/SPDIF to Sony AVR @ 5.1
Power Supply Seasonic CORE GM650w Gold Semi modular
Software Win 11 Home x64
I think, in relation to the new data protection legislation it would depend on what data you were storing, if the registration process allowed a user to place a date of birth then you may come up with some problems, where as an age may not, if all you asked from a user was an anonymous username and country of origin you may get away with it but I agree it's worth getting some advice whatever the source, either that or wait unit next year when we are not part of the EU and therefore may relinquish EU GDPR :)
 
Joined
Jul 25, 2006
Messages
13,023 (1.95/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
wait unit next year when we are not part of the EU and therefore may relinquish EU GDPR
It seems pretty clear in the link qubit included, while the name may change, the meat of the law will remain the same.
The new Data Protection Bill going through Parliament will transpose the GDPR into UK law, and will continue to apply post-Brexit.
 

dorsetknob

"YOUR RMA REQUEST IS CON-REFUSED"
Joined
Mar 17, 2005
Messages
9,106 (1.27/day)
Location
Dorset where else eh? >>> Thats ENGLAND<<<
It seems pretty clear in the link qubit included, while the name may change, the meat of the law will remain the same.
The devil is always in the Detail and untill such laws are passed nothing is sure
Its well Known here in Britain that certain parts of EU law will not be carried after Britex
We will have to wait untill Britex to find out for sure ( and Subsquent relevent legal challanges)
 

Tatty_Two

Gone Fishing
Joined
Jan 18, 2006
Messages
25,910 (3.78/day)
Location
Worcestershire, UK
Processor Intel Core i9 11900KF @ -080mV PL max @225w
Motherboard MSI MAG Z490 TOMAHAWK
Cooling DeepCool LS520SE Liquid + 3 Phanteks 140mm case fans
Memory 32GB (4 x 8GB SR) Patriot Viper Steel Bdie @ 3600Mhz CL14 1.45v Gear 1
Video Card(s) Asus Dual RTX 4070 OC + 8% PL
Storage WD Blue SN550 1TB M.2 NVME//Crucial MX500 500GB SSD (OS)
Display(s) AOC Q2781PQ 27 inch Ultra Slim 2560 x 1440 IPS
Case Phanteks Enthoo Pro M Windowed - Gunmetal
Audio Device(s) Onboard Realtek ALC1200/SPDIF to Sony AVR @ 5.1
Power Supply Seasonic CORE GM650w Gold Semi modular
Software Win 11 Home x64
It seems pretty clear in the link qubit included, while the name may change, the meat of the law will remain the same.
Commercially many are not of the same opinion though, it is believed that a watered down version may well be implemented post Brexit as many flaws appear to have been identified already, suffice to say that times are uncertain and so is the longevity of this bill as it stands once we are outside of the EU.
 
Joined
Jul 25, 2006
Messages
13,023 (1.95/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
I don't know. When I lived in the UK, many of your consumer protection laws were tougher than ours in the US. You both are right and what happens in May may be watered down compared to the GDPR. But there is also the possibility of even greater protection for the consumer - which I see as a very good thing. The smarter bad guys have turned to hacking companies because they know companies have been too lax in protecting consumer's information.

The bad guys have been extremely successful at using socially engineered malware distribution methods to trick [poorly trained] company employees into clicking on a very legitimate looking but malicious link designed to exploit known but unpatched!!!! :mad: vulnerabilities! And it has worked because executive management, CIOs and IT departments have failed to properly train employees to not be "click-happy". They have failed to impress upon IT personnel the need to apply security patches in a timely manner to minimize exposure of known vulnerabilities. And they have failed to invest essential resources in time, training and personnel to ensure a robust information protection plan is in place, is top notch, and remains top notch.

Take the Equifax hack of 145 million accounts (including 15 million in the UK). The vulnerability was discovered and a patch developed and distributed to Equifax 2 full months before the hack occurred. They were even notified by US CERT of the vulnerability and patch. But they failed to apply the patch - in violation of their own 48 hour patch time requirement. They still don't know exactly how the bad guys got in because they failed to implement the essential monitoring tools. They don't even know how the bad guy was able to download the massive amounts of data on145 million people and remain undetected - again, because they failed to implement the essential monitoring tools.

And all that critical, highly sensitive data wasn't even encrypted! :mad: :kookoo: :mad: :kookoo: :banghead:

I am all for less regulation but sadly, we have seen over and over - and over! - again companies' negligence - unwilling to invest in robust security - to include extensive employee training. I realize companies basically get $0.00/£0.00 on their IT security investment, but that's just become the cost of doing business in this bad guy infested digital age.

***

As far as the website host, pretty sure you have to sign an agreement absolving them of all liability - unless clearly their fault. I did for my business site with GoDaddy.

At least before going live, if you are going to run a site that contains any personal data, you need to contact a lawyer/solicitor, and get some good insurance!
 
Joined
Dec 6, 2005
Messages
10,885 (1.58/day)
Location
Manchester, NH
System Name Senile
Processor I7-4790K@4.8 GHz 24/7
Motherboard MSI Z97-G45 Gaming
Cooling Be Quiet Pure Rock Air
Memory 16GB 4x4 G.Skill CAS9 2133 Sniper
Video Card(s) GIGABYTE Vega 64
Storage Samsung EVO 500GB / 8 Different WDs / QNAP TS-253 8GB NAS with 2x10Tb WD Blue
Display(s) 34" LG 34CB88-P 21:9 Curved UltraWide QHD (3440*1440) *FREE_SYNC*
Case Rosewill
Audio Device(s) Onboard + HD HDMI
Power Supply Corsair HX750
Mouse Logitech G5
Keyboard Corsair Strafe RGB & G610 Orion Red
Software Win 10
I'm not a business and at most, my forum would run a few ads to help pay the bills. I've looked it over, but the website doesn't clearly spell out the scope of whom it covers, so I'm not quite sure if it applies to me. Basically, if I'm going to be under some onerous provisions with heavy penalties then I won't bother.

It doesn't spell out who it applies to because it applies to anyone that collects data electronically.

It's intended to protect people from identity theft and maintain privacy. There are numerous laws in the US that are analogous, the one that comes to mind is HPPA That said, the US is wayyyy far behind the EU/UK in protecting personal data... Equifax Breach and the US government is not looking out for people, they are looking out for business.

Basically, if you are collecting and/or using any personal information (and they spell it out), you are responsible for protection of that data from breach and intentionally or non-intentionally giving it away including derivatives or analysis that may give away personal data that can identify a specific individual.

Here's a snippet from GDPR:

The key elements of the GDPR
Personal data

The GDPR applies to personal data. This is any information that can directly or indirectly identify a natural person, and can be in any format. The Regulation places much stronger controls on the processing of special categories of personal data. The inclusion of genetic and biometric data is new.
Personal data

Name
Address
Email address
Photo
IP address
Location data
Online behaviour (cookies)
Profiling and analytics data
Special categories
of personal data

Race
Religion
Political opinions
Trade union membership
Sexual orientation
Health information
Biometric data
Genetic data
 
Joined
Jul 25, 2006
Messages
13,023 (1.95/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
Equifax Breach and the US government is not looking out for people,
They are not doing enough but again, the US CERT (part of US Homeland Security) did warn Equifax well before the breach. But Equifax failed to act on it. This one is 100% Equifax.

Now what needs to happen is the government needs to fine the heck out of Equifax, and perhaps criminally charge their execs. That may get the attention of other businesses and get them to tighten up their security and training.

From that list, you will have their email address and IP address you will need to protect - assuming you will have them create accounts.
 
Joined
Dec 6, 2005
Messages
10,885 (1.58/day)
Location
Manchester, NH
System Name Senile
Processor I7-4790K@4.8 GHz 24/7
Motherboard MSI Z97-G45 Gaming
Cooling Be Quiet Pure Rock Air
Memory 16GB 4x4 G.Skill CAS9 2133 Sniper
Video Card(s) GIGABYTE Vega 64
Storage Samsung EVO 500GB / 8 Different WDs / QNAP TS-253 8GB NAS with 2x10Tb WD Blue
Display(s) 34" LG 34CB88-P 21:9 Curved UltraWide QHD (3440*1440) *FREE_SYNC*
Case Rosewill
Audio Device(s) Onboard + HD HDMI
Power Supply Corsair HX750
Mouse Logitech G5
Keyboard Corsair Strafe RGB & G610 Orion Red
Software Win 10
Now what needs to happen is the government needs to fine the heck out of Equifax, and perhaps criminally charge their execs. That may get the attention of other businesses and get them to tighten up their security and training.

This conversation is somewhat off topic... Congress voted to disallow class action lawsuits against Equifax. Another shining example of our GOP leadership, with VP Pence making the deciding vote: https://techcrunch.com/2017/10/24/c...-other-companies-with-arbitration-agreements/
 
Joined
Jul 25, 2006
Messages
13,023 (1.95/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
Best to keep the political commentary to yourself or this thread will be shutdown.
 

the54thvoid

Super Intoxicated Moderator
Staff member
Joined
Dec 14, 2009
Messages
12,988 (2.39/day)
Location
Glasgow - home of formal profanity
Processor Ryzen 7800X3D
Motherboard MSI MAG Mortar B650 (wifi)
Cooling be quiet! Dark Rock Pro 4
Memory 32GB Kingston Fury
Video Card(s) Gainward RTX4070ti
Storage Seagate FireCuda 530 M.2 1TB / Samsumg 960 Pro M.2 512Gb
Display(s) LG 32" 165Hz 1440p GSYNC
Case Asus Prime AP201
Audio Device(s) On Board
Power Supply be quiet! Pure POwer M12 850w Gold (ATX3.0)
Software W10
@qubit - I work for a Local Authority Trust and we have been primed for the new data protection rules. The elements that will concern you as a data processor and a data holder will be the security and clarity of what information you will hold and what will be done with it. If you take our e-mail addresses and allow 3rd party 'spam' without our consent - you will be doomed. If you do not hold our e-mails on secure servers with adequate encryption and they are stolen - you are doomed.

In short:

1 - Data must be held securely and safely.
2 - What you do with said data must be clearly explained.
3 - You must ensure when we sign up we agree to your terms and conditions and said conditions adhere to the new GDPR.
4 - Any unauthorised dissemination of personal data (e-mail, name connected with other data etc) will get your ass sued.

Best to keep the political commentary to yourself or this thread will be shutdown.

If that were the case, certain forum members avatars should be banned (not aimed at you).
 
Last edited:
Joined
Dec 6, 2005
Messages
10,885 (1.58/day)
Location
Manchester, NH
System Name Senile
Processor I7-4790K@4.8 GHz 24/7
Motherboard MSI Z97-G45 Gaming
Cooling Be Quiet Pure Rock Air
Memory 16GB 4x4 G.Skill CAS9 2133 Sniper
Video Card(s) GIGABYTE Vega 64
Storage Samsung EVO 500GB / 8 Different WDs / QNAP TS-253 8GB NAS with 2x10Tb WD Blue
Display(s) 34" LG 34CB88-P 21:9 Curved UltraWide QHD (3440*1440) *FREE_SYNC*
Case Rosewill
Audio Device(s) Onboard + HD HDMI
Power Supply Corsair HX750
Mouse Logitech G5
Keyboard Corsair Strafe RGB & G610 Orion Red
Software Win 10
Best to keep the political commentary to yourself or this thread will be shutdown.

Commentary aside, it's fact, not fake news. Just an example of how US elected leaders are beholden to donors not their constituents

In short:

1 - Data must be held securely and safely.
2 - What you do with said data must be clearly explained.
3 - You must ensure when we sign up we agree to your terms and conditions and said conditions adhere to the new GDPR.
4 - Any unauthorised dissemination of personal data (e-mail, name connected with other data etc) will get your ass sued.

Well said. The best policy is not to store any personal information, unless you have a reason to :toast:
 
Joined
Jun 18, 2010
Messages
2,334 (0.44/day)
Processor Intel i7 970 // Intel i7 2600K
Motherboard Asus Rampage III Formula // Asus P8P67 Deluxe
Cooling Zalman CNPS9900MaxB // Zalman CNPS11X
Memory GSkill 2133 12GB // Corsair V 2400 32GB
Video Card(s) ASUS GTX1080 // MSI GTX1070
Storage Samsung 870EVO // Samsung 840P
Display(s) HP w2207h
Case CoolerMaster Stacker 830se // Lian Li PC-9F
Audio Device(s) onboard
Power Supply Seasonic X 850w Gold // EVGA 850w G2
Mouse Logitech G502SE HERO, G9
Keyboard Dell
Software W10 Pro 22H2
I work for a Local Authority Trust and we have been primed for the new data protection rules. The elements that will concern you as a data processor and a data holder will be the security and clarity of what information you will hold and what will be done with it. If you take our e-mail addresses and allow 3rd party 'spam' without our consent - you will be doomed. If you do not hold our e-mails on secure servers with adequate encryption and they are stolen - you are doomed.

In short:

1 - Data must be held securely and safely.
2 - What you do with said data must be clearly explained.
3 - You must ensure when we sign up we agree to your terms and conditions and said conditions adhere to the new GDPR.
4 - Any unauthorised dissemination of personal data (e-mail, name connected with other data etc) will get your ass sued.

Does, is this going, to apply if Servers are in one location and the Storefront is in a different location as well, non-profit or not?
If all the components are off-shore? "qubit" as an administrator only.
 

the54thvoid

Super Intoxicated Moderator
Staff member
Joined
Dec 14, 2009
Messages
12,988 (2.39/day)
Location
Glasgow - home of formal profanity
Processor Ryzen 7800X3D
Motherboard MSI MAG Mortar B650 (wifi)
Cooling be quiet! Dark Rock Pro 4
Memory 32GB Kingston Fury
Video Card(s) Gainward RTX4070ti
Storage Seagate FireCuda 530 M.2 1TB / Samsumg 960 Pro M.2 512Gb
Display(s) LG 32" 165Hz 1440p GSYNC
Case Asus Prime AP201
Audio Device(s) On Board
Power Supply be quiet! Pure POwer M12 850w Gold (ATX3.0)
Software W10
Does, is this going, to apply if Servers are in one location and the Storefront is in a different location as well, non-profit or not?
If all the components are off-shore? "qubit" as an administrator only.

It's not about profit or business use. It's simply about data retention and protection of personal data. If qubit is the administrator, he is the designated person in charge of the data (regardless of where it is kept) therefore he will be liable. Also, the regulations cover FOI requests as well so qubit will need to be able to retrieve requests made by his customers on what data he stores about them. In normal use, there would be no issue as long as the data is used for the stated purpose and held according to the requiremnets of the law.
 
Joined
Jun 18, 2010
Messages
2,334 (0.44/day)
Processor Intel i7 970 // Intel i7 2600K
Motherboard Asus Rampage III Formula // Asus P8P67 Deluxe
Cooling Zalman CNPS9900MaxB // Zalman CNPS11X
Memory GSkill 2133 12GB // Corsair V 2400 32GB
Video Card(s) ASUS GTX1080 // MSI GTX1070
Storage Samsung 870EVO // Samsung 840P
Display(s) HP w2207h
Case CoolerMaster Stacker 830se // Lian Li PC-9F
Audio Device(s) onboard
Power Supply Seasonic X 850w Gold // EVGA 850w G2
Mouse Logitech G502SE HERO, G9
Keyboard Dell
Software W10 Pro 22H2
It's not about profit or business use. It's simply about data retention and protection of personal data. If qubit is the administrator, he is the designated person in charge of the data (regardless of where it is kept) therefore he will be liable. Also, the regulations cover FOI requests as well so qubit will need to be able to retrieve requests made by his customers on what data he stores about them. In normal use, there would be no issue as long as the data is used for the stated purpose and held according to the requiremnets of the law.

Is there any way "qubit" can limit or circumvent or eliminate personal legal exposure?

Edit: "qubit" is a volunteer at a non-profit.
 
Last edited:

Tatty_Two

Gone Fishing
Joined
Jan 18, 2006
Messages
25,910 (3.78/day)
Location
Worcestershire, UK
Processor Intel Core i9 11900KF @ -080mV PL max @225w
Motherboard MSI MAG Z490 TOMAHAWK
Cooling DeepCool LS520SE Liquid + 3 Phanteks 140mm case fans
Memory 32GB (4 x 8GB SR) Patriot Viper Steel Bdie @ 3600Mhz CL14 1.45v Gear 1
Video Card(s) Asus Dual RTX 4070 OC + 8% PL
Storage WD Blue SN550 1TB M.2 NVME//Crucial MX500 500GB SSD (OS)
Display(s) AOC Q2781PQ 27 inch Ultra Slim 2560 x 1440 IPS
Case Phanteks Enthoo Pro M Windowed - Gunmetal
Audio Device(s) Onboard Realtek ALC1200/SPDIF to Sony AVR @ 5.1
Power Supply Seasonic CORE GM650w Gold Semi modular
Software Win 11 Home x64
Is there any way "qubit" can limit or circumvent or eliminate personal legal exposure?

Edit: "qubit" is a volunteer at a non-profit.
I work for a large national charity and our volunteers are not exempt from legal exposure.
 
Top