[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
[epsilon-dev] Fwd: [eclipse.org-project-leadership] General Data Protection Regulation (GDPR) at Eclipse Foundation
|
Hi everyone,
In response to the request below I've removed external scripts from
StatCounter, Google Analytics and Twitter from the Epsilon website
[1].
On a related note, it'd be nice if we could migrate the website to use
the new and shiny official Eclipse Foundation template [2] instead of
our bespoke 2012 (?) template. Both templates are based on Bootstrap
so hopefully this shouldn't require a huge amount of work. Let me know
if you'd be interested in helping out with this over the next few
months so that we can start thinking about how to best split the work.
Cheers,
Dimitris
[1] https://bugs.eclipse.org/bugs/show_bug.cgi?id=534384#c12
[2] https://www.eclipse.org/eclipse.org-common/themes/solstice/docs/
---------- Forwarded message ----------
From: Christopher Guindon <chris.guindon@xxxxxxxxxxxxxxxxxxxxxx>
Date: 4 May 2018 at 21:43
Subject: [eclipse.org-project-leadership] General Data Protection
Regulation (GDPR) at Eclipse Foundation
To: eclipse.org-project-leadership@xxxxxxxxxxx
Dear Eclipse Project Leads,
As you may know, a new EU regulation referred to as the General Data
Protection Regulation (GDPR), which covers data protection and privacy
for all individuals within the European Union, becomes enforceable on
May 25th, 2018.
The Eclipse Foundation is taking this new regulation very seriously
and we are taking the necessary steps to make sure that we are
compliant before the GDPR deadline.
We are writing to inform you of the steps that are relevant to you,
and to seek your support in ensuring all of the Foundation’s web
properties, including project websites, are in conformance. We
understand the timelines associated with this conformance are tight,
and appreciate your prompt actions. As you can imagine, this is a
major undertaking for the Foundation - your prompt attention to ensure
the appropriate steps are taken by your project are appreciated.
Project Website Audits and Required Updates
We plan on auditing every Eclipse project website for compliance. This
includes web properties and applications hosted on Foundation-provided
resources, such as project virtual servers. If an application or site
is not compliant, effective May 24th, we will be forced to disable the
website and redirect traffic to their respective PMI project page.
Once disabled, a project site will need to demonstrate to the Eclipse
Foundation that its site is compliant before it can be re-enabled.
This can be done by opening a bug and requesting a review from the IT
Services team.
The Eclipse Foundation is planning to include GDPR-compliant features
in our Quicksilver theme, for example the Quicksilver theme will
include a new website privacy policy popup.
Project sites who are not using the Quicksilver theme will need to
make sure that their website is fully compliant with the GDPR
(http://ec.europa.eu/justice/smedataprotect/index_en.htm).
While we may identify additional requirements in the following weeks,
at a minimum our audit will include confirming a project website
fulfills the following requirements:
All project web pages must include a footer that prominently links
back to key pages, and a copyright notice. The following minimal set
of links must also be included on the footer for all pages in the
official project website:
Main Eclipse Foundation website (http://www.eclipse.org);
Privacy policy (http://www.eclipse.org/legal/privacy.php);
Website terms of use (http://www.eclipse.org/legal/termsofuse.php);
Copyright agent (http://www.eclipse.org/legal/copyright.php); and
Legal (http://www.eclipse.org/legal).
Approved Eclipse logos are available on the Eclipse Logos and Artwork
page: https://eclipse.org/artwork/
A user must be requested to give their consent, and explicit consent
must be given by the user before a project website can start using
cookies. This requirement also includes cookies used by 3rd party
services such as, but not limited to: Google Analytics, Google Tag
Manager, and social media widgets.
Project websites must not collect and/or store and/or display personal
information.
Project websites using 3rd party services such as, but not limited to,
google analytics must be explicit about which company or companies
have access to the data collected. For example, the project website
must identify on their website the individuals or organizations who
have access to google analytics data.
We are currently using Bug 534384 - The General Data Protection
Regulation (GDPR) at the Eclipse Foundation
https://bugs.eclipse.org/bugs/show_bug.cgi?id=534384 to define action
items that we must do before the GDPR deadline!
Feel free to post questions, feedback or concerns on this bug as we
work together to protect the personal information of our users!
--
Christopher Guindon
Lead Web Developer
Eclipse Foundation
Twitter: @chrisguindon
_______________________________________________
eclipse.org-project-leadership mailing list
eclipse.org-project-leadership@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/eclipse.org-project-leadership
IMPORTANT: Membership in this list is generated by processes internal
to the Eclipse Foundation. To be permanently removed from this list,
you must contact emo@xxxxxxxxxxx to request removal.
--
Dimitris Kolovos
Professor of Software Engineering
Department of Computer Science
University of York
http://www.cs.york.ac.uk/~dkolovos
EMAIL DISCLAIMER http://www.york.ac.uk/docs/disclaimer/email.htm
