Explanations to the GDPR/DSGVO [Part 1]

Lena Vanilli
Lena Vanilli
 Administrator edited May 2018 in General Themes

Huhu Metros,

we have adapted our data protection guideline to conform with the new requirements of the DSGVO (DatenSchutz-GrundVerOrdnung -> General Data Protection Regulation = GDPR). Some of these "reforms" already existed in the old regulation. However, the old regulation was not given as much value as the DSGVO, which has now become legally binding on 25th May 2018 (after a two-year grace period).

In principle, the new data protection regulation is a good thing because it strengthens the consumer rights (that is: citizens). It can be assumed that we will not have as much spam in our mail accounts any longer. And that our data can no longer be collected and distributed uninhibitedly.

The new data protection regulation was aimed to be more transparent and understandable for consumers. Well, so far our privacy policy has been about 30 sentences. Now there are 18 PDF pages! And important parts (e.g. social media) are not included because they do not occur in METRO. I think the simplification has somehow gone to pieces. But let's try to put things together in a more compressed way.

In this post I would like to discuss what is changing for all of us. Two areas are involved:

- the grid (grid services, homepage, forum)
- the private homepages, home regions


The Grid

The operators of METROPOLIS have appointed a data protection officer who can be contacted for all data protection issues.

You can read the new data protection guidelines including the data of the data protection officer here in German and in English .

Generally speaking, it must be said: METROPOLIS uses neither trackers nor marketing tools such as "Google Analytics" or advertising tools such as "Affilinet". Such tools are data octopuses in the purest sense. But it can also be more subtle. We also use Google fonts, for example, because they provide the more beautiful fonts. With the use of Google fonts, however, data is also transmitted to Google. You generally can't  do anything about it, unless you don't use the Google fonts anymore.

Even if there is nothing we can do about it, we must point it out. The same applies to YouTube videos, which can be included in the forum, for example. Here too, data is transferred to YouTube when the videos are played. If you want to exclude this, you have to log out of YouTube first, and then watch the video. For this reason, user education through the Data Protection Directive is an important issue and a major step towards IT maturity.

But for the users of METROPOLIS should be clear...

- that we do not pass on any personal or anonymous data to third parties.
- that we provide information about stored personal data at any time.
- that we delete all data collected about a specific person on request.
- that we provide assistance in matters of data protection.  

What about visitors from other grids?

Most of them have probably not read our privacy policy at all. The Hypergrid visitors are also logged in the METRO with IP address and history, but only the Hypergrid address (which is a synonym) is stored. This data is not considered personal, because no direct reference to a real user can be established (principle of anonymisation). Therefore, their explicit consent is not required.

What about the connected regions and their content?

METROPOLIS-Grid and its operators are responsible for the contents of the Mainlands. The owners are responsible for the rental regions as well as for self-hosted regions. The simulators on which the regions run create log file data. Scripts can also run in the region that log incoming visitors or even contact them automatically. Of course, the visitor must be informed about this. And automated tracking even requires his consent. It is not personal data at the moment. However, it can become such if someone establishes a connection to a real user.

The Homepages

You will be interested to know what effects the new DSGVO has on your hompages (grid project pages, regions project pages), because these Internet appearances must also be designed conforming to DSGVO.

First of all, you should have a privacy policy. you can do that either manully or with some generators on the net, which are free for the most part. We have chosen this generator, which also offers an English translation.

I have to say beforehand that I did not find one single generator that really completely covers all conceivable data protection questions. But this generator seems to me to be the most sensible one for our cause.

The generator asks for the necessary information in a question-and-answer game and also generates an HTML code, which you can than integrate into your website one to one. Now you have crossed the most important hurdle.

The best way is to place your new privacy policy in a kind of footer. This is an area of your homepage that is displayed on every page. Because that is a regulation in the DSGVO. ;)

Everything else is more or less small stuff. But it could cost you money if a lawyer notices. )


Facebook like

The direct Facebook like is not DSGVO-compliant and therefore illegal! You have to take that off your homepage right now! Instead of these direct buttons, Shariff, for example, offers all social media buttons DSGVO-compliant and it looks good at the same time. :)  

Contact Forms

If possible, you should not offer contact forms but direct mail links. The reason: You must add the text with the contact form that this data transmission is DSGVO-compliant and that the sender agrees with the transmission. So the send button is not enough. And when sending, make sure that only one SSL/TLS transmission is DSGVO-compliant. So: you need an encryption license! In addition, you must sign a contract with all partners through whom this data is transferred. E.g. with the server provider (e.g. Hetzner), the mail provider (e.g. Web.de) and the data carrier (e.g. Unitymedia). This means all those involved who come into contact with this data in any way.

Understandably there are no contact forms at METRO. ;)

... to be continued in Part 2 :)


Thanked by: Han Held


Sign In or Register to comment.


It looks like you're new here. If you want to get involved, click one of these buttons!


In this Discussion

© Copyright 2019 - Metropolis Metaversum
All times are GMT