# GDPR & XSF 14 At [email protected] - 2018/05/18 11:30 UTC Attendees: winfried, Ge0rG, jonasw, pep.
Date of Next: 2018/05/22 10:30 UTC https://gdpr-info.eu/ Q1) 1. What consequences does the GDPR has for the Jabber network? 2. .. Jabber server operators? 3. .. what can/should do the XSF with that? Q2) What consequences does the GDPR has for the XSF running Jabber server? Q3) What consequences does the GDPR has for the work processes of the XSF itself (membership, voting, wiki etc)? ## Q1 ### Q1.2 https://wiki.xmpp.org/web/GDPR#Roles_and_responsibilities Overview of the roles and responsabilities within the context of GDPR, for XMPP operators. Definition of data subject, data controller, data processor, and third-party. - Other examples of third-parties: * Remote Roster Management (not handled by the same operator) * Push services - Warning for (android) mobile client devs: By using Google APIs, you have to ensure that your users agree to Google's Privacy Policies[0]. You need to have the user opt-in for push services if you want to fall under GDPR. Seealso comprehensive documentation by daniel[1] of data that's being passed to the push component, and sent to Google, in his implementation. iOS devs might be in a similar situation. - How is the Tos/data protection policy template going on? [0]: https://developers.google.com/terms/#section_7_privacy_and_copyright_protection [1]: https://github.com/inputmice/p2 -- Maxime “pep” Buquet
signature.asc
Description: PGP signature
