Does it store birthday? That would be problematic when GDPR applies.
The theme component only applies a check on a user field.
The birthday is stored in the user field.
If this is necessary for compliance then there is no GDPR issue.
7 Likes
Right, there’s a wide variety of data requirements and age verification these days — I think under GDPR ideally the birthdate would be used to verify compliance with age requirements, and then no longer be stored.
In the US the requirement to verify age can sometimes be a higher priority, because regulations like COPPA restrict the processing of children’s data.
Either way, if you’re capturing this information it should be treated as personal information, you should only store what’s necessary (this is where a lot of the variance is), and it should be protected appropriately.
Anyone that’s unsure should consult a lawyer in their area!
3 Likes
This sentence make me miss the internet from the 90s. We got rid of dial-up, but at what cost…
5 Likes
GDPR is about being in control of your data, it’s not about being against storing information. If and only if there is a valid reason to process a birth date (because your forum has content that requires age verification), then you for sure can just do it. But you need to be open about it and have a valid reason. Processing it is just as much of an issue as storing it. And if you store it, you need to be clear about how long this data is stored and for what this information is used in your privacy statement.
1 Like