We do often include affiliate links to earn us some pennies. See more here.

Steps we're taking as a site for GDPR compliance

By - | Views: 27,939

As we're sure many of you know, a big new privacy and data protection thing is coming into force next month from the EU, called the EU General Data Protection Regulation (GDPR).

Any website that takes any information from anyone in the EU, has to comply with it, or face huge fines. Naturally, we want to ensure we're complying.

Here's a few steps we've already done

  • All YouTube embeds in comments/forum posts now use YouTube's enhanced privacy mode, which doesn't load a single cookie until you hit play.
  • All future articles with a YouTube embed will also use YouTube's enhanced privacy mode, we're working to update all older articles with a script soon.
  • We recently (read: finally) added the ability for you to delete your own individual comments. Was on the todo list for a long time, sorry it took so long. This will be rolled out to the forum too ASAP.
  • If you wish to completely remove your account (not "hidden"—just completely gone), there's an option to do so in your User Control Panel now.
  • All new users PC Info is now opt-in to the Monthly User Statistics, this can be changed any time with a new checkbox labelled "Include your PC details in our Monthly User Statistics?" at the top of the User Control Panel page for PC Info. Not a big change, but it means now you can display your PC Info without being in the survey. For people who have it checked and leave it for a long time, data is eventually cut out of the monthly survey that we consider stale anyway, so it wouldn't be included when it gets too old. To be clear on our user survey: no user identifiable information is included for the survey output, no user id, no username or anything—just the answers.
  • We've removed the Twitter embed in the right sidebar, so that Twitter cookies and tracking does not touch our website at all. To be clear, the Twitter handle @gamingonlinux still exists, just the embed for it on our site is gone.
  • The registration page now includes links to our Ethics and Privacy policy pages (can be found any time in the site's footer).
  • This was done a long time ago, but as a reminder, if you wish your profile to be private, you can do so by setting it in the User Control Panel Privacy page. We've decided that going forward, all new users profiles will be private by default. We're eventually going to add more specific details of what you wish to show on your profile page instead of private or public. Luckily, we don't actually store or show a lot of information anyway.
  • We've removed the ability for users to set an avatar from a URL. While we're sure our security was tight on that to ensure they 100% are linking to an image, it's just not worth the hassle if somehow a script slipped past it and stored a cookie on your PC. You can still pick an avatar from the gallery (which we will expand) or upload an avatar directly.
  • When a submitted article is approved, we're making sure to wipe the email and IP that it was submitted from. They're only stored to block spammers (based on IP) and to email you if it's accepted or denied. Denied articles are completely removed.

Other misc updates:

  • Notifications older than six months are now being wiped, to help keep our database lean and mean. To be honest, if you haven't visited in six months it's likely any notifications are pointless.
  • We removed the GamingOnLinux Facebook Group embed from the right sidebar on the homepage, this was unrelated to GDPR. We just didn't like their data handling with the recent stuff in the news. To be clear, the GOL Facebook Group still exists, just the embed for it on our site is gone.
  • We now included a standard message in all articles, at the bottom to notify you that certain links will be affiliate links. So no editor can forget (read: me, I'm forgetful).

You can find more about GDPR here.

Personally, while testing our site using uBlock Origin in Chrome, I don't see a single notification about anything blocked, so that's good. Since we have no adverts, no outside statistics tracking or anything (we don't even use Google Analytics like most sites do) there should be nothing to be concerned about.

If you feel there's something we should be doing that we're not to help protect your privacy and data, do let us know any time.

Ps. You can follow random progress on gitlab here.

Article taken from GamingOnLinux.com.
Tags: Site Info
40 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly came back to check on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly. Find me on Mastodon.
See more from me
The comments on this article are closed.
63 comments
Page: «3/7»
  Go to:

serge Apr 20, 2018
Quoting: liamdawe
Quoting: sergealso for youtube you have to ask people consent for the cookie before they hit the display button.
Really? Google should be doing that then, frustrating if we are forced to do it for them. Got a link to confirm this?

i could find a link if you want but it is in french.

you have to ask people consent for the cookies before they are stored in their browser and you should be already doing it.

this is why you see all those site with a bar asking people for cookies, but most of them are not compliant because they don't block cookies at all and do not let people have a choice to accept cookies or refuse them.


Last edited by serge on 20 April 2018 at 4:31 pm UTC
Peapoll Apr 20, 2018
Sorry! I confused uBlock Origin and uMatrix (made by the same developer). The site shows up clean in uBlock Origin, but there are some google cookies blocked by uMatrix. It shows on any page, but the results are not consistent as it sometimes shows as 0 Google cookies blocked.
TheSHEEEP Apr 20, 2018
View PC info
  • Supporter Plus
Quoting: liamdawe
Quoting: sergealso for youtube you have to ask people consent for the cookie before they hit the display button.
Really? Google should be doing that then, frustrating if we are forced to do it for them. Got a link to confirm this?

This is the reason for a great deal of websites showing that little bar at the top/bottom of their page informing you that they use cookies and that you should leave if you do not agree with that (or something along those lines).
You probably just clicked it away like any sane person would :D

Yeah, it is quite a stupid rule and way behind the technology.
But laws are always behind technology, so we gotta deal with it.
Better to have some laws that lead to some uncomfortable work than no laws at all.


Last edited by TheSHEEEP on 20 April 2018 at 4:35 pm UTC
serge Apr 20, 2018
Quoting: TheSHEEEPThis is the reason for a great deal of websites showing that little bar at the top/bottom of their page informing you that they use cookies and that you should leave if you do not agree with that (or something along those lines).

Those site are not compliant to the law because they have to let you access to the website even if you refuse their cookies, it is up to them to take all the step required for not storing cookies in your browser.

For exemple it should be stated clearly on the website that if a user do not accept youtube cookies, he will not be able to see the videos, and the webmaster should block the videos for him but let him access to the website anyway.
Liam Dawe Apr 20, 2018
Looks like i may need to whip up a small JS overlay for YouTube videos then, to warn people since Google is not and block the video if people do not accept it.
ElectricPrism Apr 20, 2018


Just kidding, but seriously -- when you give up freedoms and liberties for perceived benefits it never turns out right and everyone looses. I would describe this situation as not "realistic" or not "sustainable".

I am not even sure if the greater majority of individuals who voted on the legislature understand the difference between IMAP or POP3, or can barely distinguish a email and a website, let alone the three browser "the little e", "fox fire" and "the google".

Laws are the least effective way of persuading intelligent people (websites, companies) to behave fairly with their users. Most of the internet that has no base in the EU will carry on unchanged, and this will spur technology innovations to get out of the EU or they will mascaraed around a facade of compliance.

Nowadays a person can establish a corporation in Nevada, USA and have all the paperwork and legal requirements filled. Base the server in the US and likely skip all the nonsense.

Lets pass a bill to end world hunger -- because more laws is obviously the way to get shit done. /s


Last edited by ElectricPrism on 20 April 2018 at 5:15 pm UTC
serge Apr 20, 2018
Quoting: liamdaweLooks like i may need to whip up a small JS overlay for YouTube videos then, to warn people since Google is not and block the video if people do not accept it.

you should ask the consent globally and not on each youtube videos because it will be annoying.

i have given you a link in a previous comment of the tool i use and is easy to setup.

you could tell people if they continue to navigate on your website they will accept cookies and if they want they can choose on your privacy page.
Liam Dawe Apr 20, 2018
Quoting: serge
Quoting: liamdaweLooks like i may need to whip up a small JS overlay for YouTube videos then, to warn people since Google is not and block the video if people do not accept it.

you should ask the consent globally and not on each youtube videos because it will be annoying.

i have given you a link in a previous comment of the tool i use and is easy to setup.

you could tell people if they continue to navigate on your website they will accept cookies and if they want they can choose on your privacy page.
A blanket statement is no longer sufficient. That was for the old rules, not GDPR.
pete910 Apr 20, 2018
View PC info
  • Supporter Plus
Quoting: liamdawe
Quoting: Patola
Quoting: liamdaweAnd yes, it's a massive burden for webmasters. I'm not against it though, privacy is massively important, just the way the EU is going about it isn't great for smaller sites like us. Even though GOL is hosted in the USA, the law applies to anyone from the EU visiting GOL.
What I meant was: couldn't the site just fetch the twitter data, and render it statically in pure text with a link to the twitter entry on twitter? There is impossible to have cookie collected this way if the person does not click the link.
That's possible, sure, but it's another thing to do if we want it. Likely just not worth the effort :)

Quoting: pete910Hate to be that guy but,

QuoteWe recently (read: finally) added the ability for you to delete your own individual comments. Was on the todo list for a long time, sorry it took so long. This will be rolled out to the forum too ASAP.

Don't actually agree with that tbh.
To be fair, most other sites allow you to do this from what I've seen and allowing users to remove their information is part of this new EU rule, so I do have to follow it.

Quicker we leave the better :P
Liam Dawe Apr 20, 2018
Quoting: pete910Quicker we leave the better :P
Well, the UK leaving doesn't matter. It will be written into UK law.


Last edited by Liam Dawe on 20 April 2018 at 5:29 pm UTC
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
The comments on this article are closed.