Talkyard hosted comments and GDPR, CCPA
I singed up for the Almost Free plan for hosting comments a new programming blog. I am not using Google Analytics and wondered if the Talkyard hosting in is GDPR compliant and hopefull if also compliant with CCPA laws in the state of California.
Any help appreciated. I may just shut the blog down in lieu of descending down a never ending legal rabbit holes of more never ending questions and answers.
- 1 replies
- KajMagnus @KajMagnus2021-04-04 06:35:44.240Z2021-04-04 09:19:22.350Z
Hi Aris, good question. I'm just re-reviewing 3rd party data processors used by our Software as a Service (incl Amazon Simple Email Service, Google Cloud Project, Automattic Akismet).
There's one that doesn't have its own Data Processing Agreement: Stopforumspam .com. I suspect Talkyard will need to stop using Stopforumspam or make it opt-in.
Stopforumspam has a GDPR policy but no DPA — then what? I'm not sure. Here's their GDPR policy: https://www.stopforumspam.com/gdpr
I also need to enable some code that purges already soft deleted Talkyard sites. (Have been "dry running" that code for a while, to catch any bugs — purging / hard deleting whole sites makes me nervous.)
I'm writing a GDPR DPA (Data Processing Agreement) document that we can agree about if you want.
shut the blog down in lieu of descending down a never ending legal rabbit holes
compliant with CCPA laws
Having had a look at CCPA here: https://en.wikipedia.org/wiki/California_Consumer_Privacy_Act it seems to me that CCPA is less strict than GDPR:
CCPA differs in definition of personal information from GDPR as in some cases the CCPA only considers data that was provided by a consumer. The GDPR does not make that distinction and covers all personal data
I might be mistaken, having had just a quick look at CCPA, but it seems to me that all companies living up to GDPR, also are CCPA compliant.