GDPR question: what do I do to ensure compliance on a site where users can upload small bits of arbitrary data, some of which is likely to include personal data, but that doesn't explicitly solicit any identifiable info? There will be no user accounts or any way of associating information with a particular user other than what the user might include in what they post.

Can I just provide an email address that can be used to reach me, and ask users to get in touch if they want something deleted?

Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!