data privacy instruction for ambassadors and store managers
Description
As ambassadors are dealing with private user data (e.g. Address, Birthday), they need to get a “Datenschutzbelehrung” that they will handle data with care. This is a necessary implementation to comply with data privacy laws.
Impact
ambassadors
Proposal
Extend the fs_foodsaver table with two columns :
data_privacy_instruction (short: dp_int) type bool (saves if the agreement has been accepted or not)
data_privacy_instruction_date (short:dp_int_date) type date (saves the date, when the privacy agreement has been accepted)
Task for Developer
-
check immediately after login
-
is user ambassador or orga and has not agreed to the “data privacy instruction”
-
then: display a dialog box that can’t be removed or skipped before it has been answered.
-
Name of the dialog box : “Datenschutzbelehrung”
Text in the dialog box :
“Als Botschafter*in habe ich Zugriff auf bestimmte personenbezogene Daten der Foodsaver*innen in den von mir verwalteten
Bezirken. Ich habe zur Kenntnis genommen, dass es mir untersagt ist, personenbezogene Daten unbefugt zu erheben,
zu verarbeiten oder zu nutzen (Datengeheimnis). Dieses Datengeheimnis besteht auch nach Beendigung meiner Tätigkeit fort.
Ich habe in dem Zusammenhang insbesondere die Paragraphen 5, 7, 43 und 44 BDSG zur Kenntnis genommen.“
link to :
§ 5 https://www.gesetze-im-internet.de/bdsg_1990/__5.html
§ 7 https://www.gesetze-im-internet.de/bdsg_1990/__7.html
§ 43 https://www.gesetze-im-internet.de/bdsg_1990/__43.html
§ 44 https://www.gesetze-im-internet.de/bdsg_1990/__44.html
unfortunately this text can’t be a “textbaustein” from edit content because it has to be revisioned and changes tracked.
a previously unchecked radio button
( ) Ich habe die oben stehende Belehrung gelesen und verstanden.
Sie wurde mir zusätzlich mitsamt dem vollen Wortlaut der genannten Paragraphen im BDSG an meine E-Mail-Adresse
zur Kenntnis geschickt.
( ) Ich will das o. g. nicht bestätigen und trete daher mit sofortiger Wirkung als
Botschafter/Botschafterin/Botschafter*in/Orga-Mensch zurück.
Button on Dialog Box
“Next” - only get’s active after the user has picked an option
If the user has chosen the first option, set data_privacy_instruction and data_privacy_instruction_date in the database and continue to the normal start page.
If the user has chosen the second option, downgrade the user as a normal BIEB, flush the rights and continue to the normal start page.
If possible send mail about as mentioned above. text provided by @irgendwer
"Flush the rights" Actions
- set rolle = 1 (foodsaver)
- remove id from ambassador of any district.
- remove from ambassador workgroup
- remove ambassador quiz.
- remove from store responsibility
- logout person to “reload rights".
Links / references
it would be advantage that the development part is already done and @irgendwer just delivers the text. not for development to wait for the text first.