A language learners’ forum

Does "a language learners'forum have to comply to the GDPR Compliance? Is it a company?

Jean-Luc wrote:Does "a language learners'forum have to comply to the GDPR Compliance? Is it a company?

Everyone in the world has to comply with the GDPR if you have users in the EU. What a lot of websites did, mostly in the USA, was delete all EU users and use Geo banning to make sure no person from the EU could sign up. We decided to risk the 2 million Euro fine since we only keep peoples email address for password changes and make a GDPR policy. There was some discussion about shutting down LLORG because of GDPR.

Great. By the way, what are your revenues?

Fines of GDRP:
Lower level

Up to €10 million, or 2% of the worldwide annual revenue of the prior financial year, whichever is higher, shall be issued for infringements of:

Upper level

Up to €20 million, or 4% of the worldwide annual revenue of the prior financial year, whichever is higher, shall be issued for infringements of:

https://www.gdpreu.org/compliance/fines-and-penalties/

Two primary groups of entities must therefore comply with the GDPR.

Who must comply:

Firms located in the EU
Firms not located in the EU, if they offer free or paid goods or services to EU residents or monitor the behavior of EU residents

https://www.gdpreu.org/the-regulation/who-must-comply/

Our revenue is zero, nil, niente, nothing, zip. We are not a company just a couple of language learners who pay to host a forum for like minded people. So 0 * 20000000 = 0

rdearman wrote:Our revenue is zero, nil, niente, nothing, zip. We are not a company just a couple of language learners who pay to host a forum for like minded people. So 0 * 20000000 = 0

So GDRP is not really of your concern...
https://ec.europa.eu/info/law/law-topic ... w-apply_en

Add the fact that identifying someone without his consent seems difficult on this forum....

@Jean-Luc Have you read rdearman's official GDPR compliance statement?

Doitsujin wrote:@Jean-Luc Have you read rdearman's official GDPR compliance statement?

Yes, I did. Every time I join a forum I read the rules (old school). But I read the official texts too...

Article 3

Territorial scope

1. This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not.
2. This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to:
(a)
the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or
(b)
the monitoring of their behaviour as far as their behaviour takes place within the Union.
3. This Regulation applies to the processing of personal data by a controller not established in the Union, but in a place where Member State law applies by virtue of public international law.

It's nice to be advised of the safety rules about personal datas inspired by GDRP. For the provider of the forum with earnings through adds, it's slightly different... https://www.endurance.com/privacy/privacy

Why such a keen interest in what I personally consider the worst law ever made?

rdearman wrote:Why such a keen interest in what I personally consider the worst law ever made?

The idea is good in my opinion, the text a little bit difficult to enforce (even if companies under 250 people have less to do) and only follows the general trend of people that don't want to be traced/tracked in everydays' life (have a look at China who "rates" people with digital datas). Many countries will follow under the pressure of consumers or citizens.

My interest: all professionals have nowdays a website in the EU and are concerned. So I am.
For my personal blog under wordpress.com the provider did the job and offered tools for it. For instance the https that secured with SSL is automatic (like the wordpress company:-) for all blogs.

https://www.wired.co.uk/article/chinese ... y-invasion
https://techcrunch.com/2019/02/01/faceb ... ccounter=1
https://www.wired.co.uk/article/what-is ... fines-2018