Changes between Version 3 and Version 4 of GdprCompliance

Timestamp:

Sep 27, 2018, 7:36:43 AM (6 years ago)

Author:

Kevin Reed

Comment:

--

GdprCompliance

@@ -26 +26 @@
 [http://boinc.berkeley.edu/trac/wiki/UserOptInConsent#Usage Usage information]
 
-There are two types of consent that come with all BOINC projects: `ENROLL` and `STATSEXPORT`: corresponding to a consent to the project's terms-of-use during enrollment and consent to statistics exports. To enable these policies, use the **Manage consent types** page accessible from the main OPS page.
+There are two types of consent that come with all BOINC projects: `ENROLL` and `STATSEXPORT`: corresponding to a consent to the project's terms-of-use during enrollment and consent to statistics exports.  By default, these consent types are disabled. To enable these policies, use the **Manage consent types** page accessible from the main OPS page.
 
 == Account creation ==
@@ -50 +50 @@
 `STATSEXPORT`, if enabled will only export statistics for users who have consented to having their statistics exported. This consent is disabled by default for each user. 
   * The user must go to their **project preferences page** and then enable the corresponding checkbox.
+
+= Data Deletion =
+
+GDPR provides a right to users to have their data deleted from the system.  See [https://gdpr-info.eu/art-17-gdpr Article 17 of the GDPR].  This capability was implemented within BOINC in the design outlined [http://boinc.berkeley.edu/trac/wiki/RightToErasure here] in Server Release 1.0.  
+
+BOINC projects can enable this feature by setting the field <enable_delete_account/> with the [https://boinc.berkeley.edu/trac/wiki/ProjectOptions project config] file to one of the following options:
+
+* 0 = Users are not given the option to delete their account (Default value)
+* 1 = User data is anonymized.  This means that user records and host records are left in the database but personal information is replaced with nonsense data.  Other user related records not required for processing are deleted.
+* 2 = All user data is deleted.  This means that all user releated records are deleted from the database.  
+* 3 = Project defined implementation.  Projects can implement a function in project.inc: project_delete_account($user) and this function will then be used when a user delete's their account. 
+
+Projects should also enable the following [ tasks in their [https://boinc.berkeley.edu/trac/wiki/ProjectTasks project tasks] in their project config file in order to ensure proper processing:
+
+{{{
+    <task>
+        <cmd>run_in_ops ./delete_expired_tokens.php</cmd>
+        <period>24 hours</period>
+        <disabled>0</disabled>
+        <output>delete_expired_tokens.out</output>
+    </task>
+    <task>
+        <cmd>run_in_ops ./delete_expired_users_and_hosts.php</cmd>
+        <period>24 hours</period>
+        <disabled>0</disabled>
+        <output>delete_expired_users_and_hosts.out</output>
+    </task>
+}}}
+