I’d be really keen to host a lemmy instance but just wondering with GDPR and everything, if there is anything else to consider outside of the technical setup and provisioning of hardware?
Lemmy is storing users data so is there any requirement to do anything GDPR wise?
Hope this is the right place for this - But seen a lot of posts interested in hosting their own lemmy instance, and this is an extension of that
However, this duplication mechanism renders content deletion or rectification more difficult. In case of deletion by the user, the platforms with duplicates receive usually an automated deletion request and must be trusted to comply and delete their duplicate.
Seems like sending the delete notice is all that’s required?
Seems like sending the delete notice is all that’s required?
Yes, but
and must be trusted to comply and delete their duplicate.
So because of that trust factor, if you really want to protect yourself and be 100% GDPR compliant, you’d probably want a legal contract with every instance to federate with ascertaining that they are GDPR compliant too to legally deflect blame if you’re unable to comply with a data delete request.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
Seems like sending the delete notice is all that’s required?
Yes, but
So because of that trust factor, if you really want to protect yourself and be 100% GDPR compliant, you’d probably want a legal contract with every instance to federate with ascertaining that they are GDPR compliant too to legally deflect blame if you’re unable to comply with a data delete request.