The Fresh Loaf

News & Information for Amateur Bakers and Artisan Bread Enthusiasts

TFL + GDPR

Floydm's picture
Floydm

TFL + GDPR

You might have noticed you've been getting a ton of emails recently from companies that "care about your privacy". That is because there are new data privacy regulations coming into effect in less than a month that impact anyone doing business with EU citizens. I'm still getting a handle on what they mean and whether what TFL does constitutes "doing business" with anyone, but at the least it is a good time for some housecleaning here.

Today I started purging old accounts that never activated. There is no reason to retain anything about any of those accounts. 

After that I'll purge old accounts that haven't been active in a long time. 

Next it sounds like it makes sense for me to add a new Terms & Conditions screen that folks will need to acknowledge when they sign up or sign in. The GDPR states that site owners need to have a record of such a thing. And the T&C language needs to be understandable rather than in legelese, which is good. So I am working on putting that together.

After the T&C has been up and active site members have had a chance to opt-in, I can remove accounts that don't opt in. I don't want to retain anyone's info who isn't consciously OK with sharing it here.

I think I can also give people the permission to delete their own accounts and information, which is also part of the GDPR.

To be clear, I never sell, rent, share, or do anything with anyone's email address or any other personal information that is held here (and I wonder: does the kind of mixer or thermometer you use count as personally identifiable information?). Email addresses are used, at sign up, to verify that there is a human at the other end of the line and thus to cut down on the number of spam accounts that get created. After that, email is used for private messages between site members or to receive comment notifications, both of which you can opt out of. A handful of times a year I look up a user's email address and contact them directly, typically either because a site member asks me to get in touch with them and doesn't want to use the PM system or I have a concern about their conduct or content of a post. Your info here is not being shared or used for marketing purposes, and I put a great deal of effort to keep the site and server secure so it can't be accessed or misused.

Comments

Danni3ll3's picture
Danni3ll3

I can’t imagine that it is easy for you to keep up with all of this, and know that we, speaking for myself and I am sure, others as well, really appreciate what all that you do. Thank you!

Lechem's picture
Lechem (not verified)

Here in the UK, and I'm sure in other places as well, we've all been taking GDPR courses and tests. Lot's of companies are having to make us opt back in for emails otherwise we're taken off the list automatically.

Ru007's picture
Ru007

We appreciate all you do for the site.