GDPR

From EQdkp Plus
Jump to: navigation, search


Because of the new General Data Protection Regulation (GDPR), we introduced with EQdkp Plus 2.2 several methods to help you being compliant with the GDPR.

Delete User data

You should delete user data when a user gets deleted. Therefore we added the hooks user_delete and user_reset.

Example (from Usermap Plugin)

if (!class_exists('usermap_user_delete_hook')){
	class usermap_user_delete_hook extends gen_class{
		/* List of dependencies */

		/**
		* usersettings_update
		* Do the hook 'usersettings_update'
		*
		* @return array
		*/
		public function user_delete($data){
			$userID = $data['user_id'];
			
			$this->db->prepare("DELETE FROM __usermap_geolocation WHERE user_id=?")->execute($userID);
			
			$this->pdh->enqueue_hook('usermap_geolocation_update');
			$this->pdh->process_hook_queue();
			
			return true;
		}
	}
}

Storing of IP addresses

You should only save IP addresses where really neccessary. When you are saving IP addresses, make sure that you will delete it after a short time. Better is saving anonymized IP addresses. The environment class provides with the attribute ip_anonymized the anonymized IP address of the current user. Otherwise, you can use the function anonymize_ipaddress to anonymize other IP addresses

Privacy Policy

The privacy Policy was outsorced to the Plugin legal. If you use external services, that require personal data (e.g. when embedding external JavaScript-Libraries etc), then you should add a snippet into the privacy policy. The Plugin therefore provides some hooks: plugin_legal_privacypolicy and plugin_legal_legalnotice for the imprint page.

Export of user data

For exporting user data, like IP addresses, coordinates etc., you should use the hook user_export_gdpr. Example (from Usermap Plugin)

if (!class_exists('usermap_user_export_gdpr_hook')){
	class usermap_user_export_gdpr_hook extends gen_class{
		/* List of dependencies */

		/**
		* usersettings_update
		* Do the hook 'usersettings_update'
		*
		* @return array
		*/
		public function user_export_gdpr($data){
			$userID = $data['user_id'];
			
			$objQuery = $this->db->prepare("SELECT * FROM __usermap_geolocation WHERE user_id=?")->execute($userID);
			
			$arrOut = array();
			if($objQuery){
				while($row = $objQuery->fetchAssoc()){
					$arrOut[] = $row;
				}
			}
			
			return $arrOut;
		}
	}
}