The GDPR is an EU legislation that enhances the protection of personal and private data of EU citizens and ensures that organizations that collect and process personal data comply with various obligations. It replaces and builds upon the 1995 EU Data Protection Directive (DPD) and its terms on data privacy and security but includes a few new additions that focus on the rights for secure personal data and stricter penalties for noncompliance. Moreover, the GDPR is a directive that will ‘harmonise’ data privacy laws across Europe. It applies to the 27 member states at all levels of the law; local courts, supreme courts, and eventually the EU Court of Justice.
It’s important to note that even if your company is based outside the EU, the GDPR is still applicable if you are processing the data of EU citizens.
Open Social provides the following four features to help Open Social clients to comply with the GDPR principles:
- Data Policy (+ User Consent)
- Inform personal data usage
- Disable user profile fields
- Delete user account and remove personal data
Feature 1, 2 and 3 are not visible by default. Site managers can enable or configure them when they are needed.