Community
    • Login

    is Notepad++ compliant with GDPR

    Scheduled Pinned Locked Moved Boycott Notepad++
    15 Posts 7 Posters 4.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Matthieu gabrielliM
      Matthieu gabrielli
      last edited by

      Hi,

      when registering, I was forced to consent to 2 conditions (data processing, receive emails)

      This is very annoying, I had to create a fake google account just to be able to register here.

      I’m not OK about these consents, and being in Europe, GDPR should protect me and this site should not force me to these consents.
      2 years when we implement GDPR requirements for our websites, our lawyer cleary said we cannot force people registering on our website to accept emails or to force people to register with a social media account, due to privacy concerns.

      I wonder if Notepad++ even care about GDPR

      PeterJonesP 1 Reply Last reply Reply Quote 0
      • PeterJonesP
        PeterJones @Matthieu gabrielli
        last edited by

        @Matthieu-gabrielli ,

        You registered for the forum, not for Notepad++. Notepad++ does not require registration. There is no requirement that you register a forum account to use Notepad++.

        If you would like to make use of the forum, then you have to use an OAuth provider for your security. If you don’t like their terms, don’t sign up for one, and don’t use the forum. In my 4+ years on the forum, I have received 0 email messages from the forum. The only “personal information” that it gathered from whatever you put in your OAuth-provider account was your user name and enough to fill out your profile; you can then edit any piece of information in that profile that you want.

        If you don’t like those restrictions, then don’t use the forum.

        1 Reply Last reply Reply Quote 6
        • Luke Parkes-HaskellL
          Luke Parkes-Haskell
          last edited by

          This post is a little old, but I have to complain about the same thing;

          If you don’t like those restrictions, then don’t use the forum.

          Requiring a user to sign up to a mailing list in order to access a support forum is not GDPR compliant; it’s one thing to ask a user to create an account to authorise them, but making it mandatory to sign up for a mailing list is a clear-cut violation of the GDPR, even if that mailing list isn’t particularly active.

          Alan KilbornA PeterJonesP 2 Replies Last reply Reply Quote 0
          • Alan KilbornA
            Alan Kilborn @Luke Parkes-Haskell
            last edited by

            @Luke-Parkes-Haskell

            To one point: I don’t think you’ll ever be sent an email from this.

            1 Reply Last reply Reply Quote 0
            • PeterJonesP
              PeterJones @Luke Parkes-Haskell
              last edited by

              @Luke-Parkes-Haskell said in is Notepad++ compliant with GDPR:

              Requiring a user to sign up to a mailing list in order to access a support forum

              There are two factual errors in that statement alone.

              1. You are not signing up for a mailing list; you are signing up for a forum. The forum software does not currently email anyone (much to some users’ chagrin – see this summary post linking to multiple such complaints). If this feature of the forum is ever enabled (it is not, currently), there are user settings (click on your icon, select settings, and go to the notifications and sounds settings) which can turn off all email notifications. Emailing the user is currently disabled, and is 100% user-configurable if it is ever enabled, so you can opt out of receiving the emails (that currently are never sent).

              2. This is not a support forum. This is, as it’s specifically named, the Notepad++ Community Forum. It is a forum for the community (any Notepad++ users who choose to read and answer this forum) to use to discuss the product; in the midst of that discussion, we do help each other with questions and problems and problem solving, but this is not “ask official support and we guarantee you a response from some official support person”: there are no official support people employed by Don or some mythical Notepad++ Company; Notepad++ is a completely volunteer product, including participation in this forum.

              Luke Parkes-HaskellL 1 Reply Last reply Reply Quote 2
              • Luke Parkes-HaskellL
                Luke Parkes-Haskell @PeterJones
                last edited by

                @PeterJones They’re not factual errors, unless you’re being maliciously pedantic.

                That I need an account to access the forums isn’t the issue, this is expected, it’s ‘necessary’ for it to be the case. The software however explicitly asks to process and store your details for use in a mailing list - it doesn’t matter if there is no such list, nor does it matter that the e-mail feature is disabled. The existence of that checkbox, which is mandatory to access these forums, is not GDPR compliant.

                That this isn’t an ‘official support forum’ is also totally irrelevant; it’s the ‘official’ community attached directly to the main project’s website, and is where you’re directed if you’re looking for support through the main website.

                As far as I can tell, that summary post is completely unrelated to the complaint brought up here.

                EkopalypseE plutoisaplanetP 2 Replies Last reply Reply Quote 0
                • EkopalypseE
                  Ekopalypse @Luke Parkes-Haskell
                  last edited by

                  @Luke-Parkes-Haskell said in is Notepad++ compliant with GDPR:

                  The software however explicitly asks to process and store your details for use in a mailing list

                  Curious, where does it say that? When I log in with my github account, I can’t see such an indication.

                  Alan KilbornA 1 Reply Last reply Reply Quote 1
                  • Alan KilbornA
                    Alan Kilborn @Ekopalypse
                    last edited by Alan Kilborn

                    @Ekopalypse said in is Notepad++ compliant with GDPR:

                    Curious, where does it say that? When I log in with my github account, I can’t see such an indication.

                    Probably when you are about to create an account for the first time?

                    Others:

                    So (probably) Notepad++ makes no claim anywhere to be GDPR compliant.

                    And (probably) GDPR is a suggestion, not a law.
                    If it is a law (in your part of the world), perhaps said part of the world should block access to the site?

                    Otherwise, just like you have a choice to use the free Notepad++ software, you have a choice to not use this Community site.
                    Choose wisely. :-)

                    1 Reply Last reply Reply Quote 0
                    • EkopalypseE
                      Ekopalypse
                      last edited by Ekopalypse

                      @Alan-Kilborn said in is Notepad++ compliant with GDPR:

                      Probably when you are about to create an account for the first time?

                      But you don’t create an account on npp community.
                      I thought you can only use those 4 predefined OAuth solutions.
                      Facebook, Google, github and I forgot the 4th one.

                      And (probably) GDPR is a suggestion, not a law.

                      Oh no, GDPR is NOT a suggestion.

                      I’m not a laywer but those predefined OAuth solutions are used by
                      hundreds or thousands or even more other sites for doing authentication so I assume that GDPR regulators should have already know that.

                      Alan KilbornA 1 Reply Last reply Reply Quote 0
                      • Alan KilbornA
                        Alan Kilborn @Ekopalypse
                        last edited by

                        @Ekopalypse said in is Notepad++ compliant with GDPR:

                        But you don’t create an account on npp community.

                        I suppose I meant on first login to Community, not “create” account. :-)
                        It has been a while since I’ve thought of this.

                        predefined OAuth solutions are used by

                        hundreds or thousands or even more other sites for doing authentication so I assume that GDPR regulators should have already know that.

                        So the inference is that there is no problem with how Community site does what it does. Except maybe using the phrase “mailing list” which maybe is an outdated vestige of how things were done in the past?

                        1 Reply Last reply Reply Quote 0
                        • EkopalypseE
                          Ekopalypse
                          last edited by

                          @Alan-Kilborn

                          As said, not a lawyer … but it would surprise me if this kind of login procedure
                          hadn’t already been discussed by the regulators … but who knows.

                          1 Reply Last reply Reply Quote 0
                          • EkopalypseE
                            Ekopalypse
                            last edited by Ekopalypse

                            So still not a lawyer - just failed the test I did 10 minutes ago :-D

                            I found this from here.

                            Q: My community forum uses Facebook Connect to authenticate members, does that create a privacy risk?
                            
                            A: Facebook has been in the news recently for its handling of user data.
                            Facebook and other social media logins can make it easy for people to
                            register to a community. When someone registers for  your community
                            forum using Facebook, they are allowing Facebook to send over
                            information about your new member and presumably Facebook is
                            logging that transaction. From a compliance point of view, we would
                            think that this is two separate actions and that you as the community
                            manager are not responsible for someone’s use of Facebook to log in. 
                            If you offer social logins, we would recommend that you also offer a 
                            registration form as well to give people the option.
                            
                            1 Reply Last reply Reply Quote 3
                            • guy038G
                              guy038
                              last edited by

                              Hi, @ekopalypse,

                              The article "Answers to Common Questions About GDPR & Community Forums", that you mentioned in your last post, is really informative.

                              Thanks you for sharing it with us !

                              BR

                              guy038

                              EkopalypseE 1 Reply Last reply Reply Quote 2
                              • EkopalypseE
                                Ekopalypse @guy038
                                last edited by

                                @guy038
                                my pleasure :-)

                                1 Reply Last reply Reply Quote 2
                                • plutoisaplanetP
                                  plutoisaplanet @Luke Parkes-Haskell
                                  last edited by

                                  @Luke-Parkes-Haskell said in is Notepad++ compliant with GDPR:

                                  @PeterJones They’re not factual errors, unless you’re being maliciously pedantic.

                                  That I need an account to access the forums isn’t the issue, this is expected, it’s ‘necessary’ for it to be the case. The software however explicitly asks to process and store your details for use in a mailing list - it doesn’t matter if there is no such list, nor does it matter that the e-mail feature is disabled. The existence of that checkbox, which is mandatory to access these forums, is not GDPR compliant.

                                  That this isn’t an ‘official support forum’ is also totally irrelevant; it’s the ‘official’ community attached directly to the main project’s website, and is where you’re directed if you’re looking for support through the main website.

                                  As far as I can tell, that summary post is completely unrelated to the complaint brought up here.

                                  Here is a screenshot of the signup page where you create an account for these forums:
                                  b63bf94f-aced-46e9-8c20-5ad4037f0fbb-image.png

                                  So yes,you’re completely right.

                                  1. This page says that you are registering and/or creating an account. It uses both terms.
                                  2. It explicitly requires you to opt into emails as part of signing up. It informs you that it will default to sending you weekly emails, and on the settings page it appears to show the same setting by default:
                                    c61522db-98dc-4909-983f-5f4f6bf40ada-image.png

                                  So one or more things should probably change. For those who are concerned about sharing your email, I was too because all the OAuth providers used to sign up use my private email which I did not want to be shared. However when choosing GitHub, even though it says that it will share all your private emails, the forum software defaults to using your [username]@users.noreply.github.com email account. This I’m happy with, and then I changed my username after the fact.

                                  1 Reply Last reply Reply Quote 0
                                  • First post
                                    Last post
                                  The Community of users of the Notepad++ text editor.
                                  Powered by NodeBB | Contributors