|
10.
|
|
|
Data protection officer and work flow for responding to inquiries;
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../source/faq/privacy.rst:21
|
|
11.
|
|
|
Internal documentation around data protection.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../source/faq/privacy.rst:22
|
|
12.
|
|
|
Features in Mahara that cater to the GDPR compliance:
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../source/faq/privacy.rst:24
|
|
13.
|
|
|
Everyone can be required to consent to the terms and conditions and the privacy statement of the site: This is the :ref:`strict privacy mode <institution_settings>`.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../source/faq/privacy.rst:26
|
|
14.
|
|
|
Currently, the strict privacy mode requires that it is not possible for people to be in multiple institutions.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../source/faq/privacy.rst:29
|
|
15.
|
|
|
If an institution has additional terms and conditions or privacy regulations to which its members need to consent when using the site, they can be dealt with on the :ref:`institution level <institution_legal>` and members need to consent to them.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../source/faq/privacy.rst:31
|
|
16.
|
|
|
Whenever changes are made to the legal statements (terms and conditions and privacy statement), everyone affected by them needs to consent to the changed statement(s) when they log into the site the next time.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../source/faq/privacy.rst:32
|
|
17.
|
|
|
People can :ref:`revoke their consent to any legal statement <account_settings_legal>`. That will result in a notification to the site or institution administrator for further communication. Additionally, the account will be suspended automatically.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../source/faq/privacy.rst:33
|
|
18.
|
|
|
A history of the legal statements is kept on the :ref:`site level <legal>` and the :ref:`institution level <institution_legal>` and tracked who made the changes.
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../source/faq/privacy.rst:34
|
|
19.
|
|
|
Everyone can :ref:`delete their account <user_delete_account>` or request the deletion of their account if an institution requires a review. In the GDPR, this is known as "the right to be forgotten". All personal content is deleted. The content a person created outside of their personal space is not affected by the account deletion as it is tied to shared content rather than personal content. These include:
|
|
|
|
(no translation yet)
|
|
|
|
Located in
../source/faq/privacy.rst:35
|