Hi,
sorry for late reply, it was night for us.

About GDPR, this is not something that regards our products. We offer a instrument that allow you to expand Joomla registration form by adding custom fields, it allow also to share informations about users (Users List).

Of course "what information to ask" and/or "what information to share" in the lists is something we are not responsible for, but in accordance with "the data you want to collect", "the use you want to make" and the "the storage where you want to put" (for example server location) then this is a prerogative of your company that will have to comply with the new GDPR guidelines.

We are preparing something? Nope, this is not something that regards only Joomla, Extensions or Websites, this is something that regards your company. Something about GDPR practices:
- Protect customers' personal data from unauthorized access (Breach)
- Instruct all employees on the new legislation
- Adopt an appropriate governance and data protection policy proportional to the risk in the case of Breach
- Introduce the figure of the DPO (Data Protection Officer)
- Provide technological tools necessary to monitor and prevent cyber attacks
There things are not something that you can do with a simple Joomla tool.

Thanks for your response, but the new GDPR (effective next month) is not just about what to ask or share. It also requires the website owner to provide one click methods to:
- show a single list containing all information related to the user that is stored by the website (e.g. accounts, webshop/forum/comments/profile/tracking/what-ever)
- edit or delete that information
- delete account and all user related information.

In order to provide those one click / single list functions others a preparing or all ready offering extensions, including hooks for other parties (like you) to be included in these one click /single list functions.

Please check the mentioned parties as an example and note that Virtuemart, J2Store, Kunena, JomSocial and others are allready joining the bandwagon.

Hi,
Sorry but I've never heard of "one click" actions about GDPR.

Anyway Easy Profile extends Joomla user management (not replace) so show/edit/delete informations are functions inherited by Joomla.

Hi,
from what I understood the applications of the new GDPR for websites could be the following:
1) Adjustment of the Privacy Policy
2) Delete Stored Information
3) Retrieve Stored Information for owner

Adjustment of the Privacy Policy
This is required and Easy Profile already allow to add Terms and Conditions (like this site)

Delete Stored Information
This is not required to be a automatic process. Now we are waiting for some Joomla news (this should be something that Joomla should manage). If Joomla does not add something like this then we will implement this feature in the mid of May.

NOTE: When you delete and account all Easy Profile's user information will be deleted as well, this happen because Joomla have a own trigger called "onUserAfterDelete".

Retrieve Stored Information for owner's data
This is not required to be a automatic process and this is not possible to manage with All-in-one solution, because Joomla is a CMS and each Component store informations with his way.
The right way to accomplish this is that Joomla add this function and add a trigger that allow to all developers to add component's information to export.

We are open to your every thought, so feel free to answer

GDPR also requires:
4) List all kinds/types of information that is stored
5) List stored information
6) Edit stored information.

Offcourse this can be done in various ways and is allready supported by most applications like yours, but/however

for user convenience (also an implication of the GDPR) these functions need to be offered in a 'centralized' way, that is in one place, with one clear and simple interface.

Joomlart, Pixpro, J!Extensions and others are developping just that, a centralized/uniformn way of doing things and they provide an API for integrating other parties (like Easy-Profile) to be integrated.

Maybe we should stop the discussion about what GPDR is or means, and just focus on Easy-Profile to develop plugins using those API's.

The plugin should allow Joomlart, Pixpro, J!Extensions and others to include and deal with Easy-Profile profiles, with/without Joomla core fields.

Agreed...

Pixpro looks best of bunch to me and ok at $10, but THEY need to provide clearer documentation as how to write the plugin as Easy Profile does, so that the implementation is seen and openly discussed?

At least that way WE can take action for ourselves without having to wait for core team dev

... any new thoughts ???

Hi,

GDPR also requires:
4) List all kinds/types of information that is stored
5) List stored information
6) Edit stored information.

4) This is something that you need to explain in your privacy policy

5) 6) This is something that you already do in Edit Profile page.

for user convenience (also an implication of the GDPR) these functions need to be offered in a 'centralized' way

Easy Profile extends Joomla user management (not replace), Registration and Edit Profile pages are the same of Joomla and managed with Joomla built-in com_users component, Easy Profile custom fields and features like tabs are added with some Javascript trick and Joomla user plugins, but mainly all features are managed by Joomla core component.
Basically when you use Easy Profile to register/edit and account then you are using Joomla default pages to do this. With this way all Joomla users plugin are also compatible with Easy Profile.
I think this is the most important feature of Easy Profile.

We does not need to create a centralized way to make this, because Joomla already offer it. No make a sense that we develop a Joomla user plugin for each component, because this is something that component developer should make (of course a user plugin will works with or without Easy Profile).

From my point of view, you should not use directly Easy Profile to centralize informations; The best and unified way to make this is to use Joomla (and it will works also with Easy Profile).

An example,

A Joomla community site build using, Kunena, Easy-Profile, jEvents, jComments, AcyMailings, and J2Store.

GDPR requirements:
- one single forget-me button
- one single list with all user related data (forum-items and reactions, profile fields, enrolled events and comments, assigned mailinglist, shopping-basket, favoured items, etc. etc.

Yes, Joomla has to do something (and is working on that), but the extention suppliers have to do something.

I hope what you is right: if Joomla solves this for standard user/account-info, it will automatically work for all Easy-Profile customfields.

I'll setup a test if I can find the time.

Regards,

Hans Doeve

A Joomla community site build using, Kunena, Easy-Profile, jEvents, jComments, AcyMailings, and J2Store.

My question...If you build a Joomla community site using, Kunena, jEvents, jComments, AcyMailings, and J2Store?
We use Joomla so the centralized way should be Joomla.
A possibility is to use Joomla Users Plugins (like for example your previous link https://issues.joomla.org/tracker/joomla-cms/20051 , you can find that plugin at /plugins/user/privacyconsent/privacyconsent.php), but we can't do something that each developer need to do.

For some component we have integration and some other component is already well integrated in Joomla:
for example:
Kunena - It include a plugin that allow you to use Easy Profile profiles (so Joomla edit profile page), we also offer a free plugin that allow you to see all Kunena things (Topics, Favourites,..)
Acymailing - It already allow you to add custom fields and subscription status in Joomla Registration and edit profile pages (so also in Easy Profile).

GDPR requirements:
- one single forget-me button
- one single list with all user related data (forum-items and reactions, profile fields, enrolled events and comments, assigned mailinglist, shopping-basket, favoured items, etc. etc.

These are not requirements. These are automatically ways to met some GDPR requirement. For example in your privacy policy you can write something like "To obtain or remove your informations please contact us at [email protected]" (I think)

About "one single forget-me button", this is a simple very simple thing and as I wrote in my previous reply we will add this feature if Joomla will not implement (or will release some information about soon implementation) this feature until mid May.

That's good news.

I'll than test the Joomlart extension (Still beta however)

Hi,
Joomla 3.9 will be compliant with GDPR, but I don't know when it will be released

For now we have prepared a plugin that add "Delete Account" tab in edit profile page.

How it works
It allow a tab in Edit Profile page called "Delete Account", this tab is not available for Super Admin users. Basically it Delete/Block an account in according with plugin configuration.
After user delete/block own account all admins receive an email.

How to install it
- Download and install it
- Configure the plugin from Extensions->Plugins, it is called "Easy Profile - Delete Account"
- Configuration is very simple you can only choose which action perform: Block or Delete
- Enable the plugin from Extensions->Plugins


NOTE: We recommend to test it in dev site.

Please if you use this plugin then leave here a feedback

Hi all,

I'm also interested by the GDPR functions.

Note that the GDPR rules allow user to export his personal datas.
This functionality is called "Right of Datas Portability".

It should be great to allow user to export his own datas by adding a button-link on his profil page.

Hi dolmenhir,
unfortunately is not possible for us to centralize all informations from all components, Joomla has thousands of components/plugins/modules that collect informations.

The best way would be for Joomla to do this. This will be something that will be implemented in Joomla 3.9 (see article at https://www.joomla.org/announcements/release-news/5731-joomla-3-9-and-joomla-3-10.html)

Hi dolmenhir,
unfortunately is not possible for us to centralize all informations from all components, Joomla has thousands of components/plugins/modules that collect informations.

I understand and I agree with you.
But the goal it only to export the personal datas stored in the user's profile, not all component informations which, for most of them, doesn't store real personal datas but just personal settings to use these components.

The user delete account function is brilliant and works ! Thanks

Hi @alexwalker,
thanks fo your feedback

Hi,

the "Delete Account" Plugin works perfect! Simple, easy.....

Thanks

Hi @LeitLux,
thanks for your feedback

... and where do we find this plug in??

... he, I found it scrolling up this discussion.

... and it works !!

This plugin is useful only in older Joomla 3 versions, because now Joomla include a more powerful Privacy plugin to be compliant GDPR directives.
- Privacy Agree expires
- Export of user data in a compliant format
- Delete account requests

The Joomla built-in privacy plugin contains API for developers, so many components (like Easy Profile) are automatically integrated (for example for the export user data feature).

We have developed this plugin only in waiting that Joomla 3.9 includes own privacy plugin as announced more than 1 year ago (so now it is incomplete and obsolete)

Indeed, thanks