What is GDPR?
General Data Protection Regulation law basically means that you are required to have legitimate consent from each of your users specifying that they allow you to store and process their personal data. As such, there can’t be any hidden terms, pre-checked tick boxes, or "If you continue using this site, it means..." language. Terms of use should be clear and conscious for user action. You are obligated to store all existing consent forms and remove them should the user revoke his or her consent. It may sound daunting, but worry not! ModelCentro will be doing everything for you. You can find more details here.
What type of personal data do you mean?
According to the law:
Natural persons may be associated with online identifiers provided by their devices, applications, tools, and protocols, such as internet protocol addresses, cookie identifiers, or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.
(This basically means that anything from a cookie file or IP to a user’s username and email are considered personal data.)
What changes does this law bring to my site?
According to the law, sites are required to have consent in place from each user, and they are unable to store or process a user’s personal data without their consent. As such, we are introducing the following changes and functionality:
Upon visiting your site, users will see a ‘Cookie Files’ bar, informing them which cookies are critical for the site to function and which are optional. At this point, the user consents to accept cookie files from us.
For new users: Upon providing personal data in any place on the site (tip, gift, login, registration, pay-per-minute) we will ask them to provide their consent in order for us to be able to process their personal data (NOTE: WE ONLY NEED IT ONCE. Users won’t be asked every time). It will be the good ol' ‘I’ve read and accept the privacy policy, etc’ - the only difference is that the box will be not pre-checked; users will need to tick the box and click 'Agree' in order to provide consent.
For existing users: Once an existing user logs in to his/her account (or tries to provide personal data without logging in, as described below) he/she will be prompted to provide his/her consent in the same way as a new user. Yes, this is also a one-time action.
All consents will be stored as specified by the law with all applicable data, i.e. time of consent, what was agreed to, what we asked when consent was granted, etc.
Users will have the option to permanently delete their account. This means that users can request that all of their personal data be erased at any time.
Users will be able to revoke consent at any time.
Sites will have a page explaining how we use personal data and which data is being collected and why. The same goes for cookie files.
Changes in your Control Panel (Site Admin):
Since according to the law we are not allowed to store and process users' personal data without having consent, all existing users' data will be hidden from performers.
That means that for all existing users, subscribers, etc., that have not yet provided their consent, you will see their user ID instead of their username, and a personal data message instead of their email. Once consent has been granted you will see their username and email as you did previously.
If an existing user that has provided consent earlier revokes their consent or requests their personal data be deleted you will start seeing their user ID and personal data message instead of their username and email
Please be advised that these changes to your Control Panel will only be applied to users from the European Union.