RGPD compliance

Discussion in 'ISPConfig 3 Priority Support' started by Davide, May 21, 2018.

  1. Davide

    Davide Member

    As you for sure know, for RGPD compliance, we should inform our customers what data we collect about them. I was looking on forum, but I cannot find anything about this.

    I cannot find nothing relevant in my own cookies, but I was looking at "sys_session" db table and there I can see info about current sessions. What kind of information is collected there? Is that data deleted after user disconnects?

    Does ispconfig panel collect any kind of data apart from neccesary customer data? (name, address, email, etc)

    Thank you!
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    There are a few threads on that topic, you may have searched for a different term as the common name is probably GDPR, I guess RGPD is the local name in your country, in Germany, for example, it's named DSGVO.

    That's a session cookie and session cookies are explicitly allowed without the need to gather specific consent. The session cookie normally ends at the end of the session, except when the user ticked the checkbox to stay logged in, then the session will stay until he logs out. The session just holds the user data, so it does not contain more or different data from what you store in the ISPConfig database anyway.

    ISPConfig stores only the data that you (or your customer) enters into it. Like in most IT system, IP addresses are stored and logged for security reasons, so you should inform your customers about that.

    Here are two threads that cover some other aspects of the new law:

  3. Davide

    Davide Member

    Thnak you very much for your answer.

    I've searched, but found nothing. Reading my own question, I suposse I've mispelled "RGPD" for "GPRD" :(

    Thank you!

Share This Page