MyFinances icon indicating copy to clipboard operation
MyFinances copied to clipboard
verified publisher icon TreyWW

important: stricter PII handling. Not sharing other user email addresses in emails like invitations

Open TreyWW opened this issue 1 year ago • 2 comments

How big is this feature?

Small

Describe the problem

At the moment we have checks like {{ request.user.first_name or request.user.email }} has invited you to join xyz! on certain features. This isn't the best habit to be getting into. user first name is acceptable, user email however there may be chances where we leak it without the users action or awareness.

Describe a possible solution

  • warnings to users when actions will be emailing other people, tell the main user that their details will be shared
  • provide more placeholders, OR force users to fill out a first_name instead of having fall backs at all

TreyWW avatar Oct 02 '24 20:10 TreyWW

Hi @TreyWW, is this worked upon yet? was planning to give it a shot.

alpha-neutr0n avatar Oct 05 '24 17:10 alpha-neutr0n

Hi @alpha-neutr0n,

Apologies for the late reply. Yep that's fine you can work on this. I'd appreciate it if you could update the issue wherever possible as you make progress. Just helps let me know that you're still working on it and if for whatever reason you get stuck or someone else needs to take over they have some more details.

Thanks! I'll assign you now.

TreyWW avatar Oct 05 '24 19:10 TreyWW