Hello guys,
I guess you have seen it by now that there is a lot of fuzz and panic about the new GDPR. We are slightly affected by this as well and therefore I have been investigating what we need to do to be compliant.
The website needs the following things changed:
https://git.ipfire.org/?p=ipfire.org.git;a=commitdiff;h=77a085ed3f2e0444ba6f...
This just updates the disclaimer and adds a few clauses about data protection and what we are doing with the data. This applies mainly to the support forums.
This also needs to be ported to the new website design, which I can do shortly. Sven's development branch unfortunately has a few merge issues with the master branch and I need a little time to sort this out.
The other thing that we probably do not need to change because of legal restrictions, but is a good idea anyways is to serve *all* additional JS, CSS and fonts locally. That reduces the amount of data that is being collected by Google Fonts and other CDNs so that we protect our users from that. The additional time the website needs to load is not too bad and should be acceptable over privacy.
Just wanted to keep you folks updated about this.
If anybody else knows anything that we are not doing right about GDPR yet and we need to change, please let me know.
Best, -Michael