I’d be really keen to host a lemmy instance but just wondering with GDPR and everything, if there is anything else to consider outside of the technical setup and provisioning of hardware?

Lemmy is storing users data so is there any requirement to do anything GDPR wise?

Hope this is the right place for this - But seen a lot of posts interested in hosting their own lemmy instance, and this is an extension of that

  • TheButtonJustSpins@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    However, this duplication mechanism renders content deletion or rectification more difficult. In case of deletion by the user, the platforms with duplicates receive usually an automated deletion request and must be trusted to comply and delete their duplicate.

    Seems like sending the delete notice is all that’s required?

    • Max-P@lemmy.max-p.me
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Seems like sending the delete notice is all that’s required?

      Yes, but

      and must be trusted to comply and delete their duplicate.

      So because of that trust factor, if you really want to protect yourself and be 100% GDPR compliant, you’d probably want a legal contract with every instance to federate with ascertaining that they are GDPR compliant too to legally deflect blame if you’re unable to comply with a data delete request.