iTop icon indicating copy to clipboard operation
iTop copied to clipboard

Published 20 hours ago verified publisher icon Combodo

GDPR consent : apply to all instances containing the Hub connector

Open xtophe38 opened this issue 2 years ago • 10 comments

Up to now, we define that RGPD consent is required if iTop is not an "iTop Product". This is, I think, too restrictive as other products based on iTop (TeemIp std alone today and ESM products tomorrow) may not require RGPD consent even if they are not "iTop Products". Since instance data are collected through iTop Hub only, I suggest to base the test of RGPD consent requirement on the fact that iTop Hub Connector extension is installed.

xtophe38 avatar Sep 05 '22 13:09 xtophe38

I also think the ITSM connectors also require this consent.

PS, the correct English term is GDPR.

Hipska avatar Sep 05 '22 13:09 Hipska

I also think the ITSM connectors also require this consent.

For now it isn't. I suppose it is because if you have a package including the ITSM Designer Connector then you have a contract with Combodo or one of its partner ?

@dcoille can you confirm ?

piRGoif avatar Sep 06 '22 07:09 piRGoif

I like your suggestion ! Just a little change request : you should create a SetupUtils method, as what was done with IsProductVersion. To test for the presence of the Hub Connector, maybe call it IsItopHubInstance ?

Like Pierre I would rather have the test using a detection method than an "hard-coded" test, so we can factorize this kind of detections.

Molkobain avatar Sep 12 '22 08:09 Molkobain

Factorization done as required.

xtophe38 avatar Sep 12 '22 15:09 xtophe38

For a private function, it is perfectly doable to do a refactoring to correct english naming:

	private function NeedsGdprConsent()

Hipska avatar Sep 13 '22 07:09 Hipska

For a private function, it is perfectly doable to do a refactoring to correct english naming:

	private function NeedsGdprConsent()

Yeah, we should do that, but it won't be mandatory for this PR to be accepted. I'll do the rename :)

piRGoif avatar Sep 13 '22 07:09 piRGoif

Sure, it can be accepted as is indeed. I was just mentioning as it could be done in this PR as well, no need for a separate PR.

Or, indeed, just do it directly on the branch without PR, that works as well 😄

Hipska avatar Sep 13 '22 07:09 Hipska

I've done the rename directly in this PR branch as it will lower the possible conflicts :)

piRGoif avatar Sep 13 '22 07:09 piRGoif

Functional review: R&D still to do some checks but it is accepted. If chosen implementation is very safe plan for 2.7.8, otherwise 3.0.3

@Hipska there is no GDPR disclaimer for products using the ITSM Designer because they can only be used with a Combodo subscription which contains the legal details.

Molkobain avatar Sep 13 '22 14:09 Molkobain

Rebased (there were conflicts due to #335) and forced pushed !

piRGoif avatar Sep 20 '22 08:09 piRGoif

Moved to functional review to avoid loosing another month while function is renamed

Molkobain avatar Nov 02 '22 15:11 Molkobain

@xtophe38 once method changed, it's ok to merge

Molkobain avatar Nov 08 '22 10:11 Molkobain

Rebased & force pushed

piRGoif avatar Nov 29 '22 17:11 piRGoif