You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
From my light reading on the topic, stakepools will be in violation of gdpr due to collection of email addresses. We might need to implement some opt in/out checkboxes and a "forget me" method for deleting/disabling one's account.
I'm really not sure how to go about the latter. But for the former, emails could be hashed by default unless the user opts in. This would break the password recovery feature, so users would need to be informed.
It might help to have a generic privacy policy stub added to the project. I'm not really sure yet, but it seems like one is necessary for gdpr.
The only other potential concern would be IP address logging, but that's the domain of the nginx (or whatever web service) so I don't think dcrstakepool is responsible for that side of things.
The text was updated successfully, but these errors were encountered:
From my light reading on the topic, stakepools will be in violation of gdpr due to collection of email addresses. We might need to implement some opt in/out checkboxes and a "forget me" method for deleting/disabling one's account.
I'm really not sure how to go about the latter. But for the former, emails could be hashed by default unless the user opts in. This would break the password recovery feature, so users would need to be informed.
It might help to have a generic privacy policy stub added to the project. I'm not really sure yet, but it seems like one is necessary for gdpr.
The only other potential concern would be IP address logging, but that's the domain of the nginx (or whatever web service) so I don't think dcrstakepool is responsible for that side of things.
The text was updated successfully, but these errors were encountered: