The Akismet GDPR page says you can enable a privacy notification. However, I don’t know where I can enable this. I don’t see it in the Akismet settings.
When Akismet is enabled on your site, only the personal data needed to carry out its core function of protecting you against comment spam is collected. In the language of the GDPR, this is a “legitimate interest” use of that data. By displaying the notice of “This site uses Akismet to reduce spam. Learn how your comment data is processed.” (which can be enabled in the plugin settings), you’re letting visitors know that Akismet is collecting data for our legitimate interest and how we’re processing it.
These are the only Akismet settings I can see:
1 Like
I am no lawyer or GDPR expert, but if I look at the Akismet GDPR page it is a little confusing… the plugin it refers to is the WordPress plugin, not the Discourse plugin. In WordPress a privacy notice like this makes sense because it is possible to add comments without creating an account.
Here in Discourse, I think this question should be covered by the site privacy notice which your users agree to when they create their account. An example privacy notice is provided when you set up your site, but you will want to update it so it complies with the laws and regulations that apply to your community.
As an example, take a look at https://www.discourse.org/privacy which covers meta and refers to Akismet in a few places.
2 Likes
OK thanks. We’ll look at building some wording into the site legal notifications. A general question I think other EU forums might commonly have is how to use plugins that send data to 3rd-parties from Discourse in a way that complies with GDPR.
1 Like