joknight wrote:I was wondering if will be required to place some form of GDPR compliance regulations into and onto my contact form that uses a forms component such as ChronoForms or form component.
Regarding the form itself:
- Do you use the the principle Privacy by design?
What information (personal data) do you ask for in your form?
Only information that is needed to contact the person that uses the contact form?
- Do you use the the principle Privacy by default (opt-in by default, not opt-out)?
If you add options like "subscribe to newsletter", are the options unchecked by default (so they have to opt-in if they want to)
- What do you do with the information? Send it to your own email address?
Do you store it in your Joomla database? If you store it, how long will you keep it?
- What do you do to protect the transport of information from the visitor to your server?
Do you use TLS (previously SSL; the tiny lock in the address bar of your browser) to protect the communication from your visitor to your server?
Some general GDPR things to consider regarding your website:
- Do you have a privacy statement on your website?
- Do you describe what personal data you process (gather, user and store), how long you keep it, with whom you share it, etc?
- Do you describe which Technical and Organisational Measures you take to protect that data?