Any plans to support Joomla 3.9's privacy system?

Do you have any plans to create a privacy plugin for Event Booking (and your other extensions) that will tie into the Joomla Privacy system that was released with Joomla 3.9? At the moment, given that you don't have such a plugin and user requests for privacy exports don't contain any of their information contained in Event Booking, Membership Pro, Joom Donation, etc.

Do you plan on supporting the Joomla Privacy system at some point? If so, do you have a timeframe?

I wanted to bump this up.

GDPR is pretty important for anyone that does business in or with people in the European Union. Given that none of your components support the Joomla Privacy system at the moment is a huge oversight. That means that any automation that the Joomla Privacy system provides doesn't extend to any of your components, which leads to manual work for any end-user data requests.

If you don't plan on supporting the Joomla Privacy system please just say so, and don't ignore this. If you do plan on supporting it, can you give a general timeline? Q1, Q2, Q3, or Q4 of 2019?

Thank you.

Hi Eric

Sure, if it's really needed, we can bring support for in in Q1 2019. I understand the code, just need to know exactly what data you expect to be exported?

Give me the requirement and I will work on it

Tuan

I guess you haven't worked with the Joomla Privacy system at all then.

Basically, the end user can make a data request. They choose which type of request, of which there are two. They are requesting an export of their data and to remove their data. Per GDPR all users need the ability to request what data a website has for them, and to request that all of their data is deleted.

If your components, and I mean all of them, are connected to the Joomla Privacy system then the user's data is then acted on by the system.

For a data export, it would contain every piece of information that the application has for the user. All user data and all records.

For a data removal, it would mean that all of the user's data would be deleted from the application, including all data in all records.

The Joomla Privacy system helps to centralize this process and gives the administrators a framework to see the requests come in and the act on them. With a click of a button data export requests can be processed, pulling together the data into a single file which is then sent to the end user's email address. For removal requests, the Joomla privacy system facilitates the removal of all user data from the website, right down to their user account.

I have been testing this system since Joomla 3.9 was released and it does work well. That is as long as components support it.

The key thing to realize with the system is that it is meant to help developers support privacy standards like GDPR through centralizing all data requests and user content to the privacy policy. Using their system means that you don't need to implement the full GDPR workflow within your applications. You just implement what you need and tie into their system to centralize it all.

You can read more about the Joomla Privacy system at these links:
docs.joomla.org/J3.x:Privacy
www.joomla.org/3/

Let me know if you have any questions.

Hi Eric

Actually, I understand how the Joomla Privacy System works, just don't know what data should be included in the export request

But OK, I can look at how Joomla core implements it and do the same. Give me sometime to work on it

Tuan

The basic rule of thumb is all data that pertains to the user making the request. We actually should not pick and choose what data to give them. If it is data about them we need to provide it.

Joomla bundles all of the data into a single XML file. The amount of data in there is pretty dense.

Let me know if you need more information. I am happy to help in any way I can.