You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I just searched again, and am getting hits saying if the id is next to another piece of personal data, so that the id can be used later to identify a person, is a GPDR violation.
I think this is work looking into, actually, to figure out a clear strategy on our end. In our case, if the decidim instance is integrating with our hosted API, we're also a third-party, which compounds to the problem.
Maybe the ids can be encrypted? This quick search didn't give me any clear strategies. We should look at how Decidim handles ids, and look into whether Rails addresses this in any way.
Currently our dropdown of delegates presents delegate names, with a value of their email -- which is a privacy issue:
Instead we should use a different value (the user id? or a disposable id?) and translate that into the email for the LV api call.
The text was updated successfully, but these errors were encountered: