Official Everybody Edits Forums

Do you think I could just leave this part blank and it'd be okay? We're just going to replace the whole thing with a header image anyway, right?

You are not logged in.

#1 2018-05-24 22:05:57

Helvi
Member
Joined: 2015-04-06
Posts: 1,132

ATTN: Xeno - General Data Protection Regulation and EE

Please tell us more about it.
Like cookies related to this forum, the game site. Just to give an example.

"By using this site, you accept cookies" messages are also not sufficient.
If there is no genuine and free choice, then there is no valid consent. Make it possible to both accept or reject cookies.

H


Hi.

Offline

#2 2018-05-25 02:44:42

Xfrogman43
Member
From: need to find a new home
Joined: 2015-02-15
Posts: 4,174

Re: ATTN: Xeno - General Data Protection Regulation and EE

xenon doesnt own the forum


zsbu6Xm.png thanks zoey aaaaaaaaaaaand thanks latif for the avatar

Offline

Wooted by: (4)

#3 2018-05-25 05:37:54

Different55
Forum Admin
Joined: 2015-02-07
Posts: 16,572

Re: ATTN: Xeno - General Data Protection Regulation and EE

I can answer any questions about the forums.

The forums collect your IP every time you visit or interact with the site in any way and store it in the form of access logs that gradually rotate out roughly every 2 weeks.
The forums collect your IP every time you register an account or make a post and store it in the database.
The forums use cookies to tie in your browser to your user account while you're visiting the forums.
The forums use cookies to track which topics you've read and haven't read so they can display colorful dots of appropriate brightness.

That's all I got off the top of my head, anything more specific than that needs a specific question.


"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto

Offline

Wooted by: (3)

#4 2018-05-25 05:54:57

Enurp
Formerly ThuggishPrune
From: Ohio
Joined: 2015-06-20
Posts: 459

Re: ATTN: Xeno - General Data Protection Regulation and EE

Different55 wrote:

I can answer any questions about the forums.

The forums collect your IP every time you visit or interact with the site in any way and store it in the form of access logs that gradually rotate out roughly every 2 weeks.
The forums collect your IP every time you register an account or make a post and store it in the database.
The forums use cookies to tie in your browser to your user account while you're visiting the forums.
The forums use cookies to track which topics you've read and haven't read so they can display colorful dots of appropriate brightness.

That's all I got off the top of my head, anything more specific than that needs a specific question.

I have a question about the 3rd and 4th statement. Are they oatmeal or chocolate chip?

Offline

#5 2018-05-25 16:08:47

Different55
Forum Admin
Joined: 2015-02-07
Posts: 16,572

Re: ATTN: Xeno - General Data Protection Regulation and EE

which%20is%20better.png

Surprisingly, the forums prefer oatmeal.


"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto

Offline

#6 2018-05-25 18:06:37

Helvi
Member
Joined: 2015-04-06
Posts: 1,132

Re: ATTN: Xeno - General Data Protection Regulation and EE

Different55 wrote:

The forums use cookies to tie in your browser to your user account while you're visiting the forums.

I do not want any cookies. What now? There was no promt asking for permission etc.


Hi.

Offline

#7 2018-05-25 18:10:53, last edited by Different55 (2018-05-25 18:20:24)

Different55
Forum Admin
Joined: 2015-02-07
Posts: 16,572

Re: ATTN: Xeno - General Data Protection Regulation and EE

Easy solution there is just don't sign in. If you like I can put a disclaimer on the login/registration forms about it, but it's impossible to have logins/accounts that persist across page loads without cookies. They're not the spawn of the NSA they're a shortcut. A hand stamp to get back in the club in 2 seconds instead of having to dig out your ID and wait while we check to see if your name's on the list. You can wash the ink off your hands at any time using your browser's own tools to clear cookies or I could build in a sink somewhere.


"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto

Offline

#8 2018-05-27 10:56:29

Zumza
Member
From: root
Joined: 2015-02-17
Posts: 4,641

Re: ATTN: Xeno - General Data Protection Regulation and EE

EE and the forums has to comply with the GDPR and disclose what type of data they collect, for what reason, for what amount of time, and to inform with whom this data is shared(e.g. PlayerIO).
EE and the forums also have to provide "a portable copy of the data collected in a common format" if requested, and the right for users to have their data erased.


Everybody edits, but some edit more than others

Offline

Wooted by:

#9 2018-05-27 13:11:03

Tomahawk
Forum Mod
From: UK
Joined: 2015-02-18
Posts: 2,824

Re: ATTN: Xeno - General Data Protection Regulation and EE

Hands up who cares.


One bot to rule them all, one bot to find them. One bot to bring them all... and with this cliché blind them.

Offline

Wooted by:

#10 2018-05-27 13:21:27

Xenonetix
Past Owner
From: Working on EEU
Joined: 2015-03-07
Posts: 893
Website

Re: ATTN: Xeno - General Data Protection Regulation and EE

Helvi wrote:

Please tell us more about it.

http://everybodyedits.com/cookies.html


Xenonetix_2.png

Offline

Wooted by:

PTU

#11 2018-05-27 13:38:11, last edited by Zumza (2018-05-27 13:39:42)

Zumza
Member
From: root
Joined: 2015-02-17
Posts: 4,641

Re: ATTN: Xeno - General Data Protection Regulation and EE

Xenonetix wrote:
Helvi wrote:

Please tell us more about it.

http://everybodyedits.com/cookies.html

EE doesn't only use cookies to work. EE's database stores personal data such as email, IP etc.. The GDPR also requires to disclose all your third parties. For instance you should also disclose how you and PlayerIO use this data.


Everybody edits, but some edit more than others

Offline

#12 2018-05-27 13:48:18

Different55
Forum Admin
Joined: 2015-02-07
Posts: 16,572

Re: ATTN: Xeno - General Data Protection Regulation and EE

Zumza wrote:

EE and the forums has to comply with the GDPR and disclose what type of data they collect, for what reason, for what amount of time, and to inform with whom this data is shared(e.g. PlayerIO).

See above post, I'll see about sticking a privacy page together with this info on it.

Zumza wrote:

EE and the forums also have to provide "a portable copy of the data collected in a common format" if requested, and the right for users to have their data erased.

I don't know that handing out portable copies is possible for all information but I'll give it a shot. For the majority of the access logs, the IP is stored, but is completely detached from the user account. There's no way to reliably find out which IPs belong to which user there.


"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto

Offline

#13 2018-05-27 14:01:01, last edited by Zumza (2018-05-27 14:03:31)

Zumza
Member
From: root
Joined: 2015-02-17
Posts: 4,641

Re: ATTN: Xeno - General Data Protection Regulation and EE

The "portable copies" is a regulation for allowing users to port their data to another platform in case they want. I don't believe there's anyone who would request such a thing. But theoretically, if an European user requests that in a mail, you would have to comply.

I've noticed there's already a good privacy policy on http://everybodyedits.com/terms but it's quite broad. I believe the GDPR would require it to be a bit more specific.


Everybody edits, but some edit more than others

Offline

#14 2018-05-27 17:22:30

SmittyW
Member
Joined: 2015-03-13
Posts: 2,085

Re: ATTN: Xeno - General Data Protection Regulation and EE

Alternative solution: Block all EU users. This could also help the grammar issue //forums.everybodyedits.com/img/smilies/smile

Offline

Wooted by: (2)

#15 2018-05-27 17:25:38

Gosha
Member
From: Russia
Joined: 2015-03-15
Posts: 6,202

Re: ATTN: Xeno - General Data Protection Regulation and EE

VkhWLn5.png

EE doesn't use or store user's private information. Except for the ip for obvious, not business related activities (ip-bans)

so i think GDPR doesn't apply for ee

Offline

#16 2018-05-27 17:32:32

Different55
Forum Admin
Joined: 2015-02-07
Posts: 16,572

Re: ATTN: Xeno - General Data Protection Regulation and EE

It says "some obligations" like a DPO are waived, what obligations aren't waived?


"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto

Offline

#17 2018-05-27 17:45:11

SirJosh3917
Formerly ninjasupeatsninja
From: USA
Joined: 2015-04-05
Posts: 2,095

Re: ATTN: Xeno - General Data Protection Regulation and EE

Helvi wrote:

I do not want any cookies. What now? There was no promt asking for permission etc.

what kind of bull**** logic are you using right now honestly

you're basically trying to go into a bar without an id

why do you think cookies are the spawn of satan

Offline

#18 2018-05-27 18:03:47

LukeM
Member
From: England
Joined: 2016-06-03
Posts: 3,009
Website

Re: ATTN: Xeno - General Data Protection Regulation and EE

Gosha wrote:

https://i.imgur.com/VkhWLn5.png

EE doesn't use or store user's private information. Except for the ip for obvious, not business related activities (ip-bans)

so i think GDPR doesn't apply for ee

Don't things like email address and password count as private info? (And pretty sure IP counts too)

ninjasupeatsninja wrote:
Helvi wrote:

I do not want any cookies. What now? There was no promt asking for permission etc.

what kind of bull**** logic are you using right now honestly

you're basically trying to go into a bar without an id

why do you think cookies are the spawn of satan

Not sure if Helvi is doing this with good intentions or not, but EE does need to comply or they could be fined a large amount of money or whatever, it's better we bug the devs about it until it's done than randomly in the future someone taking legal action against EE.

Offline

#19 2018-05-27 18:07:45

Gosha
Member
From: Russia
Joined: 2015-03-15
Posts: 6,202

Re: ATTN: Xeno - General Data Protection Regulation and EE

LukeM wrote:

Don't things like email address and password count as private info? (And pretty sure IP counts too)

We only store ip to use it in non-commercially beneficial way (only for ip bans)

Emails and Passwords are stored in playerio. We don't and can't deal with them

Offline

#20 2018-05-27 18:16:07

LukeM
Member
From: England
Joined: 2016-06-03
Posts: 3,009
Website

Re: ATTN: Xeno - General Data Protection Regulation and EE

Gosha wrote:
LukeM wrote:

Don't things like email address and password count as private info? (And pretty sure IP counts too)

We only store ip to use it in non-commercially beneficial way (only for ip bans)

Emails and Passwords are stored in playerio. We don't and can't deal with them

Well EE is a commercial game, and IP bans are a part of EE, so I would argue that that means they are being used commercially.

And for the emails and passwords, it's still your responsibility even if technically they are stored on PlayerIO's servers, the data is still collected and used by EE, the end user never even knows about PlayerIO...

Offline

#21 2018-05-27 18:36:35, last edited by Zumza (2018-05-27 18:45:32)

Zumza
Member
From: root
Joined: 2015-02-17
Posts: 4,641

Re: ATTN: Xeno - General Data Protection Regulation and EE

Gosha wrote:

https://i.imgur.com/VkhWLn5.png

EE doesn't use or store user's private information. Except for the ip for obvious, not business related activities (ip-bans)

so i think GDPR doesn't apply for ee

Of course it does: it stores emails and associated IP addresses, which is a very bad mix to privacy.

A Data Protection Officer(DPO) is a special employee which has to have a professional knowledge in data protection law and IT security. By the new legislation in force, every company which activity consists in personal data processing must appoint one. Like in the article you screenshot instead of link, it is given the example of educational platforms such as schools, whom must appoint a DPO because they process student personal information.

EE doesn't have to appoint a DPO because it's just a sandbox game. But EE isn't exempted of respecting the rights of European users: to be informed, to rectify, to erase, to port.

Gosha wrote:

Emails and Passwords are stored in playerio. We don't and can't deal with them

It doesn't matter. You have to include in your privacy terms that you're sharing this informations with PlayerIO, and PlayerIO is also obligated to disclose how they use this data.
You essentially have to include all the other third parties you use: you have to specify that the Twitter widget from everybodyedits.com may also store cookies, etc..


Everybody edits, but some edit more than others

Offline

#22 2018-05-27 19:41:02, last edited by Gosha (2018-05-28 05:30:47)

Gosha
Member
From: Russia
Joined: 2015-03-15
Posts: 6,202

Re: ATTN: Xeno - General Data Protection Regulation and EE

(i am speaking as a community member, if i say something wrong don't blame ee staff, only my shortsightedness)

Offline

Wooted by:

#23 2018-05-27 20:09:49

peace
Member
From: admin land
Joined: 2015-08-10
Posts: 9,226

Re: ATTN: Xeno - General Data Protection Regulation and EE

hwo do you guys chnage emials from users then?


peace.png

thanks hg for making this much better and ty for my avatar aswell

Offline

#24 2018-05-27 23:04:03

Cyral
Member
From: United States
Joined: 2015-02-15
Posts: 2,269

Re: ATTN: Xeno - General Data Protection Regulation and EE

Gosha wrote:

https://i.imgur.com/VkhWLn5.png

EE doesn't use or store user's private information. Except for the ip for obvious, not business related activities (ip-bans)

so i think GDPR doesn't apply for ee

GDPR does apply to any personal information, which includes IP addresses, emails, etc. There are of course legitimate reasons to store this data longer than 30 days (e.g. for ip bans).

Gosha wrote:
LukeM wrote:

Don't things like email address and password count as private info? (And pretty sure IP counts too)

We only store ip to use it in non-commercially beneficial way (only for ip bans)

Emails and Passwords are stored in playerio. We don't and can't deal with them

Any data that is processed on your behalf is still your responsibility. Just because the data is stored on another server or processed by another provider doesn't mean it's not your data. (In fact, to comply with deletion requests and such, you need to remove the data from all third-parties that process data on your behalf as well). If your service providers are unable to comply with these requests, then they are not GDPR compliant themselves, making them unsuitable for you to use if you are going to be GDPR compliant. When you consider the requirements for the GDPR, you need to think about (and you should already know) where your data is, for example in web server logs, forum backups, your PayPal account (or whatever) for processing payments, etc.


Player Since 2011. I used to make bots and stuff.

Offline

Wooted by: (2)

#25 2018-05-27 23:57:20

Different55
Forum Admin
Joined: 2015-02-07
Posts: 16,572

Re: ATTN: Xeno - General Data Protection Regulation and EE

Oh right backups I almost forgot about those.

that's a whole other can of worms. As far as I'm aware I physically can't selectively delete stuff from the backups. I can scrub your stuff from the active database but the backups hang around for a lot longer.


"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto

Offline

Zumza1528119798708723

Board footer

Powered by FluxBB

[ Started around 1711676625.0695 - Generated in 0.079 seconds, 11 queries executed - Memory usage: 1.86 MiB (Peak: 2.14 MiB) ]