Jump to content

GDPR, Account Security + Privacy Policy & Terms Updated


Hells Warrrior

Recommended Posts

  • Tech Admin

We are making some changes to the site and generally speaking it is to do with security and changes in data collection in Europe with the new GDPR legislation coming into force. 

 

The first stage of our changes, is that have now introduced two factor authentication. What does it mean?

 

Quote

Two Factor Authentication allows members of our community to secure their accounts using an additional layer of security in addition to their normal username and password. Different handlers provide different ways users can protect their account. Users will not be presented with any two factor options unless at least one of these handlers is enabled

What handlers will be using?

 

Google Authenticator & Additional security questions.

 

When will you be promted? When you access the site.

 

What will require two factor authentication?

 

Quote
  • Managing Authorized Devices
  • Logging into the front-end from a new device
  • Changing password 
  • The user will also need to re-enter their current password.
  • Logging into the front-end from a known device 
  • This does not apply if the user is logged in automatically because they have used the Remember Me checkbox.
  • Logging into AdminCP
  • Updating two-factor authentication setup 
  • Changing email address 

 

You will have 3 attempts for authentication success, after which you will be sent a link via email (to the registered email address) to reset two factor authentiication.

 

If for some reason you cannot reset (such as losing your phone) then the following scenario will apply.

 

  • Send an email with a link to reset two factor authentication set up
  • Contact administrator to manually reset 

 

We urge you to also setup security questions.

 

http://www.callofdutyzombies.com/settings/account-security/

 

We have also introduced a new option that is displayed to guests/members regarding our privacy policy, code of conduct, terms of service. We will be asking all members to accept these changes.

 

267677347388988aad2e45cac7ff9a6c.png

 

The biggest change to the terms, is that you have the right to request you account to be deleted. The content that is posted belongs to callofdutyzombies.com and remains the property of callofdutyzombies.com - if the account is entirely deleted, it can also delete content which can and will disrupt the flow of a topic / conversation. That is why user deletion will be implemented going forward but it will not include content deletion.

 

We will do our best to remove any personally identifiable information but we cannot search every post/topic you have made for this information and if it is in a post or topic, then you really shouldn't have gave out personally identifiable information unless you intended to do so.

 

If you have any difficulties intially with any of the above, please contact us

Link to comment
  • Replies 7
  • Created
  • Last Reply
  • Moderators

Just looking up what GDPR means, since I'm a European citizen as well so it will affect on my everyday-life outside CoDZ as well.

Quote

 

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy

I'm bad with the words. Is this a good or bad thing (more privacy or more espionage?)

Link to comment
  • Tech Admin

Look at it which way you like to be honest, I'm personally finding it a drag on my resources at work at the moment to make sure we are compliant. The data protection rules have been needing an update for some time and long overdue. 

 

Anyone that holds information about you (in Europe anyway legally) and morally in the rest of the world should be held accountable for any of that data. What it does with that data and how it protects that data (however minimal) from peering eyes. So we are going full https on this site, introduced two step authentication to make your data more secure. Emails and password can be sold on the dark web and it can have a knock on effect elsewhere, that could have repurcussions financially. 

 

If the breach was here for example, and then sold on. It would be us that were responsible for the data breach and if haven't taken the appropriate steps to make the data we hold more secure, we would be held accountable personally.

 

We ain't a business but my name is on the domain and breaches of this new act, will be directed towards me and the other admins and to be honest - we need to take action. Additionally, the terms etc. have been updated and as we are hosted in the US, we are primarily a US website we are covered by US law but we also service throughout the world so need to have some form of "protection" both for us an our members and we need to adhere to the relevant laws.

Link to comment
  • Tech Admin

Just a complete update to be honest and making data retention user requested more stringent. We'll most likely have to send an email out before the 25th May asking users if they still wish for us to contact them. If not, they'll no longer receive communication from us but that is really only for European members (impossible to distinguish - well not "impossible" just very labour intensive and I haven't got the time).

Link to comment
21 hours ago, Hells Warrrior said:

We basically moved all images, javascript, css to amazon s3 storage. It takes time but I think a wee snag has hit user profile pictures and I'm looking into it (both aspects are unrelated).

Alright. That sounds fine. I hope things work out with getting them back around.

(I'm just glad that I still got my Signature working. :D)

Link to comment

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use, Privacy Policy, Code of Conduct, We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. .