[DOCU-1556] Document that GDPR features require special storage setup Created: 26/Jun/18  Updated: 29/Jun/18  Resolved: 28/Jun/18

Status: Closed
Project: Documentation
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Major
Reporter: Christopher Zimmermann Assignee: Christoph Meier
Resolution: Done Votes: 0
Labels: GDPR-DOCS
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
dependency
depends upon MGNLPRIV-41 Consistent data privacy across multip... Closed
Template:
Acceptance criteria:
Empty
Task DoR:
Empty
Documentation update required:
Yes
Date of First Response:
Sprint: Docu Sprint 53
Story Points: 0.5

 Description   

If some kind of clustering or sync mechanism is not implemented, then on an installation with multiple public instances errors could occur (including those which could mean that a website is not adhering to GDPR and is liable for legal action.)

Examples

  • Different visitors are stored on different public instances.
  • A visitor is storied on different public insgtances, with different consent info on each.
  • A visitor changes consent on one instance - but that is not reflected on the other.
  • A visitor requests to be forgotten - but is only forgotten on one server.

On the PUR documentation pages we include a note

"The user account is only created on the public instance. Make sure to backup this data when using several public instances, the instances or at least the users workspace needs to be clustered in order to share accounts between different instances. Another option is to implement observation based synchronization in order to replicate user accounts across instances."

(https://documentation.magnolia-cms.com/display/DOCS57/Public+User+Registration+module)

 

 We need some kind of similar information on the GDPR/privacy pages.



 Comments   
Comment by Christoph Meier [ 27/Jun/18 ]

I propose to create an "includable" and to add it at:

Comment by Christoph Meier [ 27/Jun/18 ]

Work in progress on https://documentation.magnolia-cms.com/display/DOCS57/_GDPR+data+is+stored+on+public+and+must+be+synchronized+on+clusters

Comment by Christoph Meier [ 28/Jun/18 ]

Added ad described above.

On the GDPR and forms page I have added a new h2 Data storage which contains the 2 includable

  • _privacy module writes into the contacts app
  • _GDPR data is stored on public and must be synchronized on clusters
Generated at Mon Feb 12 01:19:11 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.