Uploaded image for project: 'Privacy'
  1. Privacy
  2. MGNLPRIV-20 Polishing functions in the Privacy module
  3. MGNLPRIV-23

Disallow specifying email on the consent confirmation page

    XMLWordPrintable

Details

    • Sub-task
    • Resolution: Obsolete
    • Neutral
    • None
    • None
    • None
    • Kromeriz 151, Kromeriz 152

    Description

      On this page

      /travel/contact/confirmation

      we should disallow specifying the email address to which the GDPR report will be sent.

      • The Report should be sent only to the user who is authorized to create, send and read the report, hence probably the one whose email is already registered in the system under one of the personalFields.
      • Cause if the user made a typo while entering "his/her" email, the report with all the personal data could potentially end up in somebody else's hands which is a big GDPR no no.

      The page in the end should probably look only just like this:

      A second sub-issue:

      The email which delivers the report could have GDPR Report in the subject line and the following text in the body:

       

      Hello
      
      Please find in the attachment a zipped GDPR report containing files with references to all your personal data used by the site.
      
      Thank you
      

      Attachments

        Activity

          People

            Unassigned Unassigned
            mdrapela Martin Drápela
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: