- Subscribe to RSS Feed
- Mark Thread as New
- Mark Thread as Read
- Float this Thread for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Hi
I'm based in the UK and as of 25th May 2018 the new GDPR guidelines will land across the EU. I see Weebly participates in the Privacy Shield agreement, which implies that you are (or will be) GDPR compliant.
I've noticed that you capture IP Address both on contact forms and on surveys. I'm interested in the rationale for this and why it is necessary. Under GDPR IP addresses will be classified as personal data.
Under GDPR I (as Data Controller) will need to write a privacy policy stating what personal data I capture, why I need it, and also how long I will keep it for. Whilst I can justify all the other personal data I am asking for in a contact form, I cannot justify capturing IP Address. I'm therefore at the point where I believe I cannot use your contact form or survey options as I believe they would breach GDPR.
Does Weebly have plans to stop capturing IP Address? Or give EU customers the option in form settings (with appropriate warnings etc)?
Thanks in advance
- Labels:
-
GDPR
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
I'm not sure on that @CGreen. Although I'm sure our policy team is already on top of it. I'll see if we can get some sort of clarification for you.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Thanks @Bernadette - clarification on this would be great!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
The people I would need to talk to are out over the weekend, but I made a note to remind myself. Thanks so much for your patience.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Hi @Bernadette I wondered if you had any update on this?
Thanks in advance
Corrine
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
As far as I have heard, no - we haven't gotten any updates yet.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
@Adam @CGreen @Bernadette
Thanks for your post. This is without a doubt THE biggest priority for anyone who looks after a website in the UK.
Please could you let us know asap what work is being done to ensure our Weebly websites are compliant in the data we obtain and how we obtain it.
The contact form needs an opt in/out, especially compliance for Ecommerce and shipping.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
@_wordgetsaround - not just the UK - the whole of the EU!
I would suspect we can work around the marketing opt-in issues within the current form restrictions though - make sure your box is NEVER preticked, craft a 'usage' statement which makes it clear what will happen to your personal data if you DO tick the box, update your privacy policy AND ... make sure you offer a way to unsubscribe (and follow through). Easy eh?! Not so sure on the ecommerce aspects (not an area I'll be looking at right now)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Yes the whole EU!
I am attending a GDPR event in February. Perhaps we can share resources to make a full proof policy to go on our websites.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
@_wordgetsaround good idea - I suspect there won't be a 'one size fits all' on this though - Not as far as a privacy policy goes. For me, I'll be a sole trader offering services, but that will be a very different use case to an online shop I would think. And lets not even go near capturing credit card details ...!
Now cookies ... that's a different matter altogether (I'll shamelessly link to my other GDPR thread now: https://community.weebly.com/t5/Vote-on-Features/GDPR-Compliant-Cookie-Policy-and-Opt-Outs/idi-p/862...)
I think Weebly (and/or the community) could very easily come up with a 'standard wording' (use at your own risk, etc etc) reflecting best practice for the Weebly cookies. Users would then obviously have to tailor depending on what they wanted to add (eg plugins, Google Analytics - again that last one is fairly straightforward to find standard best practice wording for on the web.)
Have fun at your GDPR conference - hopefully you'll find it's not too different in principle from the DPA, it's just that the definition of personal data got a whole lot wider .. Happy to catch up afterwards and I can share drafts!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
@Adam any update on this yet? I see (having just tested out a blog post and comment) that IP is also captured in the blog comments, as well as email address. Again, this will be treated as personal data so I think explicit consent will be required so we'll need a way to notify someone. Also, as per the original question - what's the justification for capturing IP address here? I can justify email but not IP, so I do not think I can implement comments until I hear what your plans are for this?
As far as I am aware, a truly unique ID (eg a UUID for a db) won't fall foul of GDPR so long as it's not tied to an individual
Thanks in advance
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
We're going to have more information coming soon on this, @CGreen, both on general compliance and if a user contacts you to obtain their data or have it removed.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Thanks @Adam. Appreciate the reassurance. For now I think I'll have to simplify things and launch without blog comments though. Trusting your solution will address, so I can add them in later
Corrine
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Hi Adam,
We are also looking at GDPR and Weebly's compliance/Legislation around cookies and IP addresses and need to be reassured by Weebly that you will be conforming. Can you let us know when you have completed your privacy policy around system security that falls in line with this legislation that comes into force on 25.05.18.
Many thanks and look forward to hearing from you,
Nicky
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Hi @NickyT. Yes, we are very much aware of the deadline date. We have several teams assigned to make sure we cover every aspect of GDPR, and we will post updates as we receive them. Thanks for your patience and trust in us.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
We really really want to trust in you but as a matter of fact - time is running out. Can you assure us that Weebly will cover every aspect of GDPR by 25/5/2018?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Hi Bernadette, do you have any news on GDPR vs. Weebly? It's getting close now.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Hi all! I know everyone is super unsure of what will happen on 5/25/18, but I promise you everything we be ready. Our legal team, product managers, devs, and quality assurance team are all-hands-on-deck finishing up the updates. Our customer support had additional training this week and we do have our posted guides available on our help page. If anyone has more specific questions not addressed in the guides please submit a ticket to support. All GDPR questions will be escalated to our policy team. Thanks everyone! https://hc.weebly.com/hc/en-us/requests/new
https://hc.weebly.com/hc/en-us/articles/360000488108-GDPR-FAQ
https://hc.weebly.com/hc/en-us/articles/360000977487-GDPR-What-Weebly-is-Doing
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Hello Bernadette, I was nice to read how confident you were then and also to know how many people at Weeby were working "all hands on deck." We are now in the present - 30th May 2018 and the reality is the "I Accept" banner placed on our website is not working. Having alerted your Help Team on Friday last I believe Weebly thinks they had fixed things. As of todays date the website still does not work properly, many pages are not visable to members, like they used to be. I would appreciate a reply from someone at Weebly. Many thanks.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Hi, unfortunatly this IP Address capture is a GDPR problem in the EU. I had to take off any forms on my websites in 2018 becuase of this. I don't think the situation has changed since then, or have I missed something?
I would appreciate an "IP Address Capture" opt in / opt out option from Weebly for it's clients. I think the EU area is big enough to justify working on this option; don't you?
Best
Kenneth
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Thanks for reaching out, @KG100. Can you please submit a ticket to support? Customer service reps are not able to respond to inquiries about GDPR and this will need to be addressed by the policy team. Someone from the team will be able to provide more information regarding your request. You can submit a ticket by scrolling down to the bottom of our Help Center.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report