Single user export for GDPR #1998

Open
opened 2025-11-02 04:20:37 -06:00 by GiteaMirror · 8 comments
Owner

Originally created by @piperswe on GitHub (Jul 2, 2018).

For GDPR compliance on a Gitea instance I host, the ability to export the data pertaining to a single user would be extremely useful so I don't have to resort to writing dodgy SQL queries.

Originally created by @piperswe on GitHub (Jul 2, 2018). <!-- 1. Please speak English, this is the language all of us can speak and write. 2. Please ask questions or configuration/deploy problems on our Discord server (https://discord.gg/NsatcWJ) or forum (https://discourse.gitea.io). 3. Please take a moment to check that your issue doesn't already exist. 4. Please give all relevant information below for bug reports, because incomplete details will be handled as an invalid report. --> For GDPR compliance on a Gitea instance I host, the ability to export the data pertaining to a single user would be extremely useful so I don't have to resort to writing dodgy SQL queries.
GiteaMirror added the issue/confirmedtype/feature labels 2025-11-02 04:20:37 -06:00
Author
Owner

@T100D commented on GitHub (Jul 2, 2018):

To be compliant, GDPR is only in count for personal or profile info imho. So only the data in the Public Profile page is at stake here.

@T100D commented on GitHub (Jul 2, 2018): To be compliant, GDPR is only in count for personal or profile info imho. So only the data in the Public Profile page is at stake here.
Author
Owner

@tarelda commented on GitHub (Jul 3, 2018):

T100D, you are actually wrong here. According to answer to question made by T-Mobile, all customer data, that was willingly uploaded into the service, can be requested for a review or deletion, but doesn't include data automatically generated due to user activity (for example activity logs etc.).

@tarelda commented on GitHub (Jul 3, 2018): T100D, you are actually wrong here. According to answer to question made by T-Mobile, all customer data, that was willingly uploaded into the service, can be requested for a review or deletion, but doesn't include data automatically generated due to user activity (for example activity logs etc.).
Author
Owner

@T100D commented on GitHub (Jul 3, 2018):

@tarelda GDPR only concerns personal and/or identity related data. It is not related to business like data that one personally owns, or has created and stored on-line, despite the splendid service by T-Mobile.

There is an exclusion in GDPR when it concerns business related data for example. Messages in issue's, and programs in Gitea could fall under the business exclusion, Gitea just has to mention that when people create online accounts on open internet Gitea services.

The Github privacy statement is highly usable imho: https://help.github.com/articles/github-privacy-statement/#githubs-global-privacy-practices

@T100D commented on GitHub (Jul 3, 2018): @tarelda GDPR only concerns personal and/or identity related data. It is not related to business like data that one personally owns, or has created and stored on-line, despite the splendid service by T-Mobile. There is an exclusion in GDPR when it concerns business related data for example. Messages in issue's, and programs in Gitea could fall under the business exclusion, Gitea just has to mention that when people create online accounts on open internet Gitea services. The Github privacy statement is highly usable imho: https://help.github.com/articles/github-privacy-statement/#githubs-global-privacy-practices
Author
Owner

@tarelda commented on GitHub (Jul 3, 2018):

@T100D, only exclusion I am aware of is that you don't have to delete or share information vital for your business operation. Otherwise you have to and even in this situation you have to provide user with reasoning for that (ATM I don't have access and time to GPDR source text to point paras and points, but I actually read it).
Github privacy statement claims that data is collected under US law instead of European and is compliant with GPDR as external entity, which falls under different category, than being European organization.

@tarelda commented on GitHub (Jul 3, 2018): @T100D, only exclusion I am aware of is that you don't have to delete or share information vital for your business operation. Otherwise you have to and even in this situation you have to provide user with reasoning for that (ATM I don't have access and time to GPDR source text to point paras and points, but I actually read it). Github privacy statement claims that data is collected under US law instead of European and is compliant with GPDR as external entity, which falls under different category, than being European organization.
Author
Owner

@stale[bot] commented on GitHub (Jan 20, 2019):

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.

@stale[bot] commented on GitHub (Jan 20, 2019): This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.
Author
Owner

@stale[bot] commented on GitHub (Feb 18, 2019):

This issue has been automatically closed because of inactivity. You can re-open it if needed.

@stale[bot] commented on GitHub (Feb 18, 2019): This issue has been automatically closed because of inactivity. You can re-open it if needed.
Author
Owner

@lesderid commented on GitHub (Jun 14, 2019):

Was this added? Anyone publicly deploying Gitea for users in the EU needs this.

@lesderid commented on GitHub (Jun 14, 2019): Was this added? Anyone publicly deploying Gitea for users in the EU needs this.
Author
Owner

@i5heu commented on GitHub (Jun 15, 2019):

#2012 is also important for EU users - a privacy and imprint section is legally required!

@i5heu commented on GitHub (Jun 15, 2019): #2012 is also important for EU users - a privacy and imprint section is legally required!
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#1998