1. Visiting from the US? Why not try DIYnot.US instead? Click here to continue to DIYnot.US.
    Dismiss Notice

New site terms

Discussion in 'Forum Information' started by John D v2.0, 23 May 2018.

  1. John D v2.0

    Joined:
    26 Aug 2016
    Messages:
    4,648
    Thanks Received:
    614
    Country:
    United Kingdom
    Requests for Content to be removed or modified will be undertaken only at our discretion

    Read more: https://www.diynot.com/diy/misc/accept-terms
    If it is information relating in any way to the individual making the request this would come under gdpr right to erasure, the staff would have no discretion over that at all. The site is obliged to organise the information in such a way that they can erase all information successfully.
    I presume the terms will be updated again in readiness for gdpr on Friday?
     
  2. bernardgreen

    Joined:
    3 Nov 2006
    Messages:
    19,104
    Thanks Received:
    1,705
    Location:
    Bedfordshire
    Country:
    United Kingdom
    I think this is a "permission" for content that has been posted on the site to be edited or removed by a moderator. It cannot be applied to a person's personal data if that person requests that such data be removed or modified.
     
  3. John D v2.0

    Joined:
    26 Aug 2016
    Messages:
    4,648
    Thanks Received:
    614
    Country:
    United Kingdom
    Indeed and personal data under gdpr is any data that could be used to identify an individual, even if that identification could only take place by correlating the data against another data source.
    So a lot of content in postings including attachments would come under that, and the site admin would have to delete it all on the request of the individual concerned.e
     
  4. DIYnot

    Staff Member

    Joined:
    17 Aug 2001
    Messages:
    2,348
    Thanks Received:
    431
    Country:
    United Kingdom
    To date, on the rare occasion that requests have been made to remove posts containing personal info we do indeed remove them, so as far as GDPR is coming into play that is something we have always done anyway. In terms of completely removing all posts, GDPR requires that users have a way to delete their personal data. It (the EU) specifically defines 'personal data' in the GDPR regulation Article 4 as:

    ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

    So in those terms information on your profile (name etc) could be considered to fall under those guidelines. You can edit those details or they'll be removed if you cancel your account. However posts within the forums do not generally qualify as personal data. If a post or posts contain personal data then we can work with you to remove that personal info or post(s)/content, but as I said earlier that is something that we have always done anyway on the rare occasion someone has asked.

    Hope that brings some clarity.
     
  5. John D v2.0

    Joined:
    26 Aug 2016
    Messages:
    4,648
    Thanks Received:
    614
    Country:
    United Kingdom
    Thanks for the update!
    An identifier would also include your forum username as it can link back to an individual. As such, after an erasure request under GDPR, all posts made would certainly have to have the username removed.
    It could get worse too:

    "Personal data that has been pseudonymised – eg key-coded – can fall within the scope of the GDPR depending on how difficult it is to attribute the pseudonym to a particular individual."
    So if there are enough clues even by linking together posts by the same anonymous ID, that too would fall under GDPR. Best practice seems to be that a risk assessment about how easily the data could be combined and how easy to obtain the datasets to do the combination.
    If someone has posted a photo of themselves that would need removing. If the photo is only their house, that would need combining with address history so less risk.

    As a user, I think GDPR is fantastic. As someone working in the industry I'm sick of hearing about it and working on it for the past year!
     
  6. DIYnot

    Staff Member

    Joined:
    17 Aug 2001
    Messages:
    2,348
    Thanks Received:
    431
    Country:
    United Kingdom
    No problem :) Regarding usernames, when we delete user accounts we are now routinely renaming their username at the same time. This functionality we hope to have built into the user cancellation mechanism in due course as well.
     
    • Thanks Thanks x 1
  7. Old&Cold

    Joined:
    16 Jun 2017
    Messages:
    1,087
    Thanks Received:
    175
    Country:
    United Kingdom
    Edit,wrong forum. sry ;)
     
    Last edited: 25 May 2018
  8. John D v2.0

    Joined:
    26 Aug 2016
    Messages:
    4,648
    Thanks Received:
    614
    Country:
    United Kingdom
    Not sure what you mean? GDPR is about how the site uses the personal data of the members on here, it isn't concerned at all with advice people give whether professional or otherwise.
     
Loading...

Share This Page