[pydotorg-www] GDPR policy for Python.org?
Mats Wichmann
mats at wichmann.us
Wed Jul 8 17:15:00 EDT 2020
On 7/8/20 2:29 PM, M.-A. Lemburg wrote:
> I'm not aware of any such work.
>
> FYI: GDPR compliance is rather difficult to reach in an open
> volunteer based environment. You can only manage this if you pin
> down data access to a smaller limited number of people.
>
>
> On 08.07.2020 21:14, Terri Oda wrote:
>> Hey all,
>>
>> The Python Google Summer of Code team is trying to make sure we're
>> compliant with GDPR, particularly because we're updating the blogging
>> system that stores student weekly reports so now's a good time to review
>> any data storage policy.
>>
>> As far as we can tell, the PSF's policy hasn't been updated since 2015,
>> so it predates GDPR. Is anyone working on it and is there anything we
>> should know?
>>
>> Terri
/waves to Terri from New Mexico. Miss us? :)
I'd say another big challenge is that python.org is a lot of differently
managed pieces, not really unified except that they externally all
appear to be part of python.org ... there's a CMS-managed part, a wiki,
a jobs site, a blog site, the mailing lists (with, importantly,
archives), the legacy bugtracker (b.p.o). further - and one of the
reasons it's so hard to do this for OSS projects - external sites may
present a copy of the mailing list archive which python.org has no
control over. It probably wouldn't hurt just to do an exercise to know
there's a policy that should - or should not - apply across all of
those, or what separate policies might be. 'We don't know" is kind of a
bad answer.
More information about the pydotorg-www
mailing list