GDPR (“General Data Protection Regulation”) is the EU regulation on handling any personal data of individuals – but it does not just affect organizations and companies located in the European Union, but anyone frequently interacting with EU residents.
Although GDPR covers all data processing in the organization (including subcontractors), websites are covered as well as they are an important channel of communication and exchange of communication. If the site (owner) is located in the EU, Switzerland or Norway, or having visitors from any of these countries, it needs to make sure to be GDPR compliant, which at least requires a current privacy statement. Besides, GDPR will obviously affect all DNN Websites with public registration, where you are gathering personal information from each registrant. But personal data also includes IP address, which is usually stored from unauthorized visitors as well or even transferred to external services like Google Analytics, Google AdWords, Google Maps or Google Fonts (if included in the site) etc. And of course, any form on the site requests personal information, e.g. for gathering an answer or registering for a newsletter.
Is DNN Platform or Evoq GDPR compliant? Well, it is a framework, which may be used to create sites, which are GDPR compliant - but it might require some tweaking and modifications that are not obvious.To make it easier for site owners to be fully GDPR compliant, we want to improve the framework, we already identified a couple of areas for improvement and we want to setup a team to implement these enhancements in the DNN framework and provide useful information about GDPR for DNN Site Owners.
If you are interested to join us in this effort, please contact Clinton Patterson (email clint.patterson[at]dnnsoftware.com) or me (leupold[at]dnnwerk.de), we would love to get you involved!