Joomla! Documentation - User contributions [en]

Privacy Guidance for Joomla Extensions

2021-01-27T17:18:48Z

Alphapi: Add of Article 7 on the 1. Consent to the use of personal data functionalities section

<noinclude><languages /></noinclude>
{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
<translate> Find your extension’s Achilles heel (weakness) in terms of personal data protection</translate>
}}
{{-}}

<translate> This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group where representatives from the communities of WordPress, Drupal, Umbraco and of course Joomla! are collaborating in privacy.</translate>

<translate> '''Global Recommendation'''</translate>
<translate> This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as much as possible.</translate>

<translate> '''Important notice'''</translate>
<translate> You should not solely rely on the information below to design your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and let you improve it based on GDPR requirements and through the provided link to the how-to Joomla! documentation.</translate>
{{-}}

<translate> '''Choose the severity group of your extension in terms of privacy:'''</translate>

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|<translate> Groups</translate>
!width=60%|<translate> Personal data processing profile</translate>
!width=20%|<translate> Related questions</translate>
|-
| '''<translate> Group A</translate>'''
| <translate> The extension isn't expected to process or store any personal data</translate>
| <translate> 7 and 8</translate>
|-
| '''<translate> Group B</translate>'''
| <translate> The extension is expected to process or store data that can be used to indirectly associate the identity of a person</translate>
| <translate> 1 to 8</translate>
|-
| '''<translate> Group C</translate>'''
| <translate> The extension is expected to process or store personal data that can be used to directly associate the identity of a person</translate>
| <translate> 1 to 8</translate>
|-
| '''<translate> Group D</translate>'''
| <translate> The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to</translate>
<translate>
*race and ethnic origin data,
*religious data,
*genetic data,
*health data.</translate>
| <translate> 1 to 8</translate>
|-
| '''<translate> Group E</translate>'''
| <translate> The extension is expected to share personal data with at least one third party service</translate>
| <translate> 1 to 8</translate>
|}

<translate>
== 1. Consent to the use of personal data functionalities== 
</translate>

*'''<translate> Group affected: B, C, D, E</translate>'''
<translate> *Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2001-1-1 Article 7], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]</translate>

<translate> #'''Is there any functionality to collect and log consents from users that submit their personal data?'''</translate>
<translate> ##A consent collection and logging system already exists.</translate>
<translate> ##Such a system partially exists (for example there is a consent checkbox but does not store logs)</translate>
<translate> ##There is no consent collection and logging system '''{{rarr}}Recommended Action:''' ''A functionality to inform users regarding the privacy policy (upfront the collection of any personal data) and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''</translate>
<translate> #'''Is there a functionality to allow users to withdraw their consent?'''</translate>
<translate> ##A functionality provides to users the ability to withdraw consent.</translate>
<translate> ##There is no functionality to withdraw consent. '''{{rarr}}Recommended Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality to provide a simple and easy flow to users to easily find an easy way to withdraw.''</translate>
<translate> #'''Is the consent functionality connected to the Joomla core Privacy Component?'''</translate>
<translate> ##Yes, it is connected to the Joomla core Privacy Component.</translate>
<translate> ##The consent functionality is based on a custom mechanism.</translate>
<translate> ##No, it is not. '''{{rarr}}Recommended Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will facilitate for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.</translate>
<translate> #'''Does your extension allow the generation of additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''</translate>
<translate> ##Yes, there is such functionality that can be used to generate additional consent mechanisms.</translate>
<translate> ##Yes, there is such functionality but with limited options (i.e. you can only add one more).</translate>
<translate> ##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommended Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''</translate>

<translate>
== 2. Consent for Cookies collecting personal data == 
</translate>

<translate> *'''Group affected: B, C, D, E'''</translate>

<translate> #'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''</translate>
<translate> ##Yes there is such functionality.</translate>
<translate> ##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality</translate>
<translate> ##No, there is no such functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''</translate>
<translate> #If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw their consent?</translate>
<translate> ##Yes, there is such functionality</translate>
<translate> ##No, there is no functionality for that, but there is an informational notice for the webmaster to use such a functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to allow users to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''</translate>

<translate>
== 3. Right to Data Portability == 
</translate>

<translate> *'''Group affected: B, C, D, E'''</translate>
<translate> *Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]</translate>

<translate> #'''Is there a functionality that gives users the ability to request and download their data?'''</translate>
<translate> ##Yes, there is such functionality.</translate>
<translate> ##Yes, but partially.</translate>
<translate> ##No, there is no functionality for that. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to the Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''</translate>
<translate> #Is the file that is downloaded in a machine readable format (for example XML, CSV)?</translate>
<translate> ##Yes, it is.</translate>
<translate> ## No it isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to allow users request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''</translate>

<translate>
== 4. Right of Access by the data subject == 
</translate>
<translate> *'''Group affected: B, C, D, E'''</translate>
<translate> *Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]</translate>

<translate> #'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''</translate>
<translate> ##Yes, it provides.</translate>
<translate> ##Yes, there is but partially.</translate>
<translate> ##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''</translate>

<translate>
==5. Right to be Forgotten == 
</translate>
<translate> *'''Group affected: B, C, D, E'''</translate>
<translate> * Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]</translate>

<translate> #'''Is there a functionality that offers to users the request to remove/delete all of their data?'''</translate>
<translate> ##There is.</translate>
<translate> ##There is, but partially.</translate>
<translate> ##There isn’t. '''{{rarr}}Recommended Action:''' ''A functionality and an easy to use flow should be provided to users to submit deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''</translate>
<translate> #'''Does the extension include an uninstall operation to your extensions code to successfully delete all the previous collected users’ data once the Super User decides to uninstall it?'''</translate>
<translate> ##Yes, this operation is included.</translate>
<translate> ##No, there isn’t. '''{{rarr}}Recommended Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''</translate>

<translate>
==6. Privacy by Default== 
</translate>
<translate> *'''Group affected: B, C, D, E'''</translate>
<translate> *Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]</translate>

<translate> #'''Does the software have all the settings set to the most private possible due to its scope?'''</translate>
<translate> ##Yes, the default settings are in the most private.</translate>
<translate> ##No, the default settings are not in the most private. '''{{rarr}}Recommended Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''</translate>
<translate> #'''Is the extension collecting personal data that is not needed/being used currently?'''</translate>
<translate> ##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.</translate>
<translate> ##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommended Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''</translate>

<translate>
==7. Security Measures== 
</translate>
<translate> *'''Group affected: A, B, C, D, E'''</translate>
<translate> *Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]</translate>

<translate> #'''Is there secure transmission for all the resources used by the functionality?'''</translate>
<translate> ##Yes, all the requests are under HTTPS (TLS).</translate>
<translate> ##Some of the resources transmit information insecurely.</translate>
<translate> ##All the resources transmit information insecurely. '''{{rarr}}Recommended Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s, you can run a test to ensure the security of the certificate used and configuration of this server. There are many tools and services to help you on that, for example you can use [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''</translate>
<translate> #'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''</translate>
<translate> ##Yes, data can be stored encrypted.</translate>
<translate> ##Only part of the data can be stored encrypted.</translate>
<translate> ##No, no data are encrypted by the extension. '''{{rarr}}Recommended Action:''' ''To empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''</translate>
<translate> #'''If there is a need to apply anonymization techniques are they applied?'''</translate>
<translate> ##Yes, data can be anonymized.</translate>
<translate> ##Some of the data can be partially anonymized.</translate>
<translate> ##No, there is no ability to anonymize data. '''{{rarr}}Recommended Action:''' ''You can use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''</translate>

<translate>
==8. (In case of) Third parties/Sub-processors== 
</translate>
<translate> *'''Group affected: A, B, C, D, E'''</translate>
<translate> *Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]</translate>

<translate> #'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''</translate>
<translate> ##Yes, there is a list of all third parties.</translate>
<translate> ##No, there is no list of third parties or the list is not full. '''{{rarr}}Recommended Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''</translate>
<translate> #'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension for the Webmasters that will use it to find it easy to sign them? Even if the third party does not collect any personal data, an agreement for that should exist.'''</translate>
<translate> ##Yes, with all the third parties.</translate>
<translate> ##Yes, with some of the third parties.</translate>
<translate> ##No, there is no DPA signed. '''{{rarr}}Recommended Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''</translate>

<translate>
==Further reading== 
</translate>

<translate> *[[S:MyLanguage/Secure_coding_guidelines|Secure coding guidelines], Joomla Documentation</translate>
*<translate> Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at:</translate> https://git.io/fjww3
<translate> *Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).</translate>
*<translate> Open Source Privacy Standards, by Heather Burns (webdevlaw):</translate> https://git.io/fjwwG
*<translate> Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series:</translate> https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*<translate> Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures:</translate> https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*<translate> Koho R., Privacy by default and GDPR, examples and best practises:</translate> https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*<translate> GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG:</translate> https://techblog.bozho.net/gdpr-practical-guide-developers/

'''<translate> Contributors</translate>'''
*<translate> Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team</translate>
*<translate> Contributors</translate>: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
[[Category:Joomla! 3.9{{#translation:}}]]
</noinclude>

JDOC:Documentation Translators

2019-10-16T10:58:51Z

Alphapi: /* el - Ελληνικά - Greek */

[[File:JDOC translation icon.png|right]]
Here, people '''translating''' {{SITENAME}} can sign up as a translator. Please be sure to read the required reading list below.

After you add your username to the list below under the appropriate language heading, a [[JDOC:Translation Administrators|Translation Administrator]] will assign your username translator permissions. After your username is added as a translator you can start translating! Please be on the look out for a [[Template:Translator welcome|welcome message]] with more information posted to your user talk page.{{-}}

==Required Reading==
* Getting started, read [[JDOC:Page Translation Quickstart Guide|Page Translation Quickstart Guide]]
* Detailed explanation of translating, [[JDOC:Page Translation Explained|Page Translation Explained]].
* Our [[JDOC:Language policy|Language policy]]
* [[JDOC:Translator Tips|Translator Tips]]
* [[Joomla:JDOC%27s_Translation_Guidelines|Translation Guidelines]]
* Having an [[JDOC:Translation Questions|issue or need help]]?

{{tip|text=Dear translators! Please [[Special:TranslatorSignup|register for translator notifications about your language]]. You are placed on a list to receive notices about new/updated pages that need translation.|title=A Tip for Translators}}

===Add Your Language===
If your language isn't listed below, please add it using the format:

<code><lang code> - Localised language name - English language name </code>

Use the syntax, <code><nowiki>* {{User|YourUsername}}</nowiki> - requested</code>

When a Translation Administrator adds you as a translator, they will remove the "- requested" from your username.

==Current Translations Teams==

Documentation language codes are different from Joomla! language codes, they are ISO 639-1 2 letter code. A small quantity of 4 letter language codes are used as an exception, but these language codes are all lowercase.

=== ar - عربي - arabe ===
* {{User|ghilo}}
* {{User|HawraMilani}}
* {{User|hossen}}
* {{User|ahmadm42}}

=== af - Afrikaans ===
*{{User|JoeSA}}

=== be - Беларуская - Belarusian ===
* {{User|Nikolice}}

=== bg - Български - Bulgarian ===
* {{User|bdimov}}
* {{User|Mastwd}}

=== bn - বাংলা - Bengali ===
* {{User|ashiks}}
* {{User|smsnobin77}}

=== ca - Català - Catalan ===
* {{User|el_libre}}

=== cs - Čeština - Czech ===
* {{User|fredericco-cz}}
* {{User|Bart}}
* {{User|n3tcz}}
* {{User|svatas}}

=== da - Dansk - Danish ===
* {{User|ot2sen}}
* {{User|rbuelund}}

=== de - Deutsch - German ===
* {{User|Astridx}}
* {{User|Assmann}}
* {{User|Alexander-metzler}}
* {{User|Balzercomp}}
* {{User|Batmin}}
* {{User|bbkSecond}}
* {{User|ceus1984}}
* {{User|Chmst}}
* {{User|chrishoefliger}}
* {{User|Dimkk}}
* {{User|FancyFranci}}
* {{User|Farrell}}
* {{User|Florian}}
* {{User|FLin1}}
* {{User|FrankyD}}
* {{User|Franz.wohlkoenig}}
* {{User|fruppel}}
* {{User|goethe}}
* {{User|gorgonz}}
* {{User|Hleithner}}
* {{User|jehacgn}}
* {{User|JDocDummy}}
* {{User|joomla-agency}}
* {{User|Joomti}}
* {{User|Ka3media}}
* {{User|King_Louis_1}}
* {{User|Knig.Markus}}
* {{User|Kolvar}}
* {{User|Kurztipp}}
* {{User|LadySolveig}}
* {{User|m-b-o}}
* {{User|Maggus}}
* {{User|Max123kl}}
* {{User|michaelmyk}}
* {{User|Nathan.k}}
* {{User|oliverhh}}
* {{User|Paterna}}
* {{User|Pc-doppler}}
* {{User|Pete71}}
* {{User|phillopp}}
* {{User|plocher}}
* {{User|Prof.Logout}}
* {{User|quiltgabi}}
* {{User|RMajewski}}
* {{User|Schmidie64}}
* {{User|SeigetsuShoen}}
* {{User|Sieger66}}
* {{User|Sisko1990}}
* {{User|Spannama}}
* {{User|Stefanie}}
* {{User|tfecha}}
* {{User|Tkahl}}
* {{User|UCFnet002}}
* {{User|Usimon}}
* {{User|Webberry}}
* {{User|Yvesh}}
* {{User|zero24}}
* {{User|Xadomir}}
* {{User|waldiwhz}}
* {{User|Widmann}}
* {{User|Zeroweb1}}
* {{User|Zeroweb2}}

=== el - Ελληνικά - Greek ===
* {{User|Aris_Ntatsis}}
* {{User|pnkr}}
* {{User|SiteworksGr}}
* {{User|Tonia_Chan}}
* {{User|Alphapi}}

=== es - Español - Spanish ===
* {{User|Abulafia}}
* {{User|Andrea Gentil}}
* {{user|Antoniofmunoz}}
* {{User|BNovoa.S}}
* {{User|brucevalle}}
* {{User|carcam}}
* {{User|cristobal.vio}}
* {{User|Crsanchez}}
* {{User|danielperaza}}
* {{User|duoduo}}
* {{User|filisfutsarov}}
* {{User|framon}}
* {{User|Irene.lopez}}
* {{User|isidrobaq}}
* {{User|ivanramosnet}}
* {{User|Javiparati}}
* {{User|Jcollver}}
* {{User|Jolfig}}
* {{User|Koa}}
* {{User|Leo_Soto}}
* {{User|netandsoftware}}
* {{User|pdavila2709}}
* {{User|NunoLopes}}
* {{User|pfvidal}}
* {{User|shaz}}
* {{User|Urielmx}}
* {{User|VictorYork87}}
* {{User|viena}}
* {{User|Willin}}

=== et - Eesti - Estonian ===
* {{User|Eraser}}

=== fa - فارسی - Persian ===
* {{User|azolfagharj}}
* {{User|Grand}}
* {{User|Heydari}}
* {{User|Joomlafarsi}}
* {{User|Levelup}}
* {{User|mhehm}}

=== fr - Français - French ===
* {{User|david613}}
* {{User|edelouche}}
* {{User|Erix}}
* {{User|Garstud}}
* {{User|Lorangerart}}
* {{User|MaximeK7}}
* {{User|Opware2000}}
* {{User|Perete}}
* {{User|Remi1945}}
* {{User|Sandra97}}
* {{User|Shim-sao}}
* {{User|Twister65}}
* {{User|alatak}}

=== ga - Gaeilge - Irish ===
* {{User|rvbgnu}}

=== he - עברית - Hebrew ===
* {{User|ydl}}
* {{User|shirdesign}}

=== hi - हिंदी - Hindi ===
* {{User|AlamM}}
* {{User|Rana}}
* {{User|Syhussaini}}
* {{User|Shivamrajput}}
* {{User|ankitify}}

=== hr - Hrvatski - Croatian ===
* {{User|limoo}}

=== hu - Magyar - Hungarian ===
* {{User|Balazs}}
* {{User|webgobe}}

=== hy - Հայերեն - Armenian ===
* {{User|Aaleksanyants}}

=== id - Bahasa Indonesia - Indonesian ===
* {{User|dw1Rianto}}
* {{User|Micokelana}}
* {{User|sikumbang}}

=== it - Italiano - Italian ===
* {{User|alexred}}
* {{User|aleorco}}
* {{User|alikon}}
* {{User|Andreacarriero}}
* {{User|CinziaDesign}}
* {{User|donato}}
* {{User|ino}}
* {{User|Ladyj}}
* {{User|Luca.marzo}}
* {{User|marioluciani}}
* {{User|moqui}}
* {{User|nemo_bis}} (occasionally)
* {{User|Paolo Alberti}}
* {{User|Fabio Caracciolo}}
* {{User|robertolongo}}
* {{User|ste}}
* {{User|Ing Pulizzi}}

=== ja - 日本語 - Japanese ===
* {{User|Koji Hijikuro}}
* {{User|Nori}}
* {{User|Richell}}
* {{User|Yama}}
* {{User|Yui}}

=== nl - Nederlands - Dutch ===
* {{User|AboutTime}}
* {{User|Alex0703}}
* {{User|Annemiek}}
* {{User|Arkomat}}
* {{User|bcdesign}}
* {{User|crommie}}
* {{User|Grubosoft}}
* {{User|fcschippers}}
* {{User|HermanPeeren}}
* {{User|Hvdmeer}}
* {{User|janvankuijk}}
* {{User|John Flour}}
* {{User|JorSanders}}
* {{User|Josien}}
* {{User|Lara}}
* {{User|LtB}}
* {{User|Lianne}}
* {{User|klatte88}}
* {{User|ManuAmpe}}
* {{User|Marcelk}}
* {{User|marionnijhuis}}
* {{User|Marnix}}
* {{User|MartijnM}}
* {{User|Meta}}
* {{User|metdick}}
* {{User|Mtb}}
* {{User|n9iels}}
* {{User|Nemphias}}
* {{User|Nico-van-Leeuwen}}
* {{User|Onderzoekspraktijk}}
* {{User|rachel73}}
* {{User|Renem}}
* {{User|Ries}}
* {{User|Rineke}}
* {{User|Schrijvers123}}
* {{User|slibbe}}
* {{User|Sloekers}}
* {{User|Stitch123}}
* {{User|Vertaalbirdy}}
* {{User|webmiep}}
* {{User|Webcase}}
* {{User|webcatsolutions}}
* {{User|willoweb}}
* {{User|wimstrik}}

=== pl - Polski - Polish ===
* {{User|Derek}}
* {{User|justyna}}
* {{User|MiloW}}
* {{User|Zwiastun}}

=== pt - Português (Portugal) - Portuguese (Portugal) ===
* {{User|Djesus}}
* {{User|Horus_68}}
* {{User|Lampreia Lopes}}
* {{User|Mansil}}
* {{User|Nunof}}
* {{User|NunoLopes}}
* {{User|Ricardo.fusco}}

=== pt-br - Português Brasil - Brazilian Portuguese ===
* {{User|Airton}}
* {{User|alangustavo}}
* {{User|AleMorettiSan}}
* {{User|Anabarcellos}}
* {{User|Ariadnepinheiro}}
* {{User|Belisards}}
* {{User|Dagoberto}}
* {{User|DiLeu}}
* {{User|Filipetorres}}
* {{User|Gleisonsoares}}
* {{User|Helvecio}}
* {{User|Henrydouglas}}
* {{User|Jeann Wilson}}
* {{User|Juliano.freitas}}
* {{User|Murilotimo}}
* {{User|VitorAdonai}}
* {{User|Vizetti}}
* {{User|Welkson Ramos}}

=== ro - Română - Romanian ===
* {{User|andreeastefan}}
* {{User|isac}}
* {{User|Dudi161}}

=== ru - Русский - Russian ===
* {{User|AlexSmirnov}}
* {{User|Antonio3}}
* {{User|b2z}}
* {{User|cadko}}
* {{User|Cronolio}}
* {{User|Dosfanat}}
* {{User|Dzandut}}
* {{User|Igor}}
* {{User|Kanta}}
* {{User|Leo240}}
* {{User|Nikitm}}
* {{User|Nikolice}}
* {{User|Serg SSN}}
* {{User|Vyatka}}
* {{User|Yambergaa}}

=== si - සිංහල - Sinhala ===
* {{User|Yasirunilan}}
* {{User|Supun}}

=== sk - Slovenčina - Slovak ===
* {{User|adambako}}

=== yu - Srpski (Latin) - Serbian (Latin) ===
* {{User|novii}}

=== sr - Српски (Ћирилица) - Serbian (Cyrillic) ===
* {{User|novii}}

=== sv - Svenska - Swedish ===
* {{User|Propellerhuvud}}
* {{User|Sgagner}}

=== sw - Kiswahili - Swahili ===
* {{User|Ayeko}}

=== th - ไทย - Thai ===
* {{User|Supachai_chai}}
* {{User|Mrs.siam}}
* {{User|Ariesanywhere}}

=== tr - Türkçe - Turkish ===
* {{User|Ugur}}
* {{User|Umitkenan}}

=== ukr - Українська - Ukrainian ===
* {{User|Olesya6968ak}}
* {{User|sera527}}
* {{User|trv}}

=== ur - ur-PK - اردو - Urdu Pakistan ===
* {{User|hoornayyer}}

=== vec - Veneto - Vèneto ===
* {{User|ino}}

=== vi - Tiếng Việt - Vietnamese ===
* {{User|huyhoa}}

=== zh - 中文 - Chinese ===
* {{User|asika32764}}
* {{User|eyesofkids}}
* {{User|Guozhanfeng}}
* {{User|KellyXYM}}
* {{User|lai32290}}
* {{User|Mori0725ken}}
* {{User|myskies}}
* {{User|Wulijun01234}}
* {{User|Zace}}
* {{User|Zhang19min88}}
* {{User|Zhous98}}

=== zh-tw - 繁體中文 - Traditional Chinese ===
* {{User|Yuhoward}}

==Translation Administrators==

The responsibilities of a Translation Administrator will require slightly more attention to the documents for translation. Translation Administrators should feel comfortable with using wiki markup, made hundreds of contributions to their specific language and assisted others in translation of docs. Administrators will need to check the documentation every few days and perform any required tasks. These tasks include re-marking pages in en-GB with edit changes, tracking language units which need translation and welcoming new translators. Ideally, we should have at least one Translation Administrator who will not be tied to any specific language and when the time comes, one Translation Administrator for active language teams.

===Current Volunteer Translation Administrators===
{{:Special:ListUsers/translationadmins}}

==Common Language Codes==
<div class="small-4 columns"> afr - Afrikaans - Afrikaans
</div><div class="small-4 columns"> ar - عربي - Arabic
</div><div class="small-4 columns"> be - Беларуская - Belarusian
</div><div class="small-4 columns"> bg - Български - Bulgarian
</div><div class="small-4 columns"> bn - বাংলা - Bengali
</div><div class="small-4 columns"> bo - བོད་ཡིག - tibetan
</div><div class="small-4 columns"> ca - Català - Catalan
</div><div class="small-4 columns"> ce - Nohçi - Chechen
</div><div class="small-4 columns"> da - Dansk - Danish
</div><div class="small-4 columns"> de - Deutsch - German
</div><div class="small-4 columns"> es - Español - Spanish
</div><div class="small-4 columns"> fa - فارسی - Persian
</div><div class="small-4 columns"> fi - Suomi - Finnish
</div><div class="small-4 columns"> fr - Français - French
</div><div class="small-4 columns"> hu - Magyar - Hungarian
</div><div class="small-4 columns"> hy - Հայերեն - Armenian
</div><div class="small-4 columns"> id - Bahasa Indonesia - Indonesian
</div><div class="small-4 columns"> is - Íslenska - Icelandic
</div><div class="small-4 columns"> it - Italiano - Italian
</div><div class="small-4 columns"> ja - 日本語 - Japanese
</div><div class="small-4 columns"> ko - 한국어 - Korean
</div><div class="small-4 columns"> lb - Lëtzebuergesch - Luxembourgish
</div><div class="small-4 columns"> min - Baso Minangkabau - Minang
</div><div class="small-4 columns"> ml - liviox alvax - Malayalam
</div><div class="small-4 columns"> mr - मराठी - Marathi
</div><div class="small-4 columns"> ms - Bahasa Melayu - Malay
</div><div class="small-4 columns"> nl - Nederlands - Dutch
</div><div class="small-4 columns"> pl - Polski - Polish
</div><div class="small-4 columns"> pt - Português - Portuguese
</div><div class="small-4 columns"> pt-br - Português do Brasil - Brazilian Portuguese
</div><div class="small-4 columns"> ro - Română - Romanian
</div><div class="small-4 columns"> ru - Русский - Russian
</div><div class="small-4 columns"> sl - Slovenščina - Slovenianjtökók
</div><div class="small-4 columns"> sq - Shqip - Albanian
</div><div class="small-4 columns"> sv - Svenska - Swedish
</div><div class="small-4 columns"> sw - Kiswahili - Swahili
</div><div class="small-4 columns"> ta - தமிழ் - Tamil
</div><div class="small-4 columns"> th - ไทย - Thai
</div><div class="small-4 columns"> tr - Türkçe - Turkish
</div><div class="small-4 columns"> vi - Tiếng Việt - Vietnamese
</div><div class="small-4 columns"> zh - 中文 - Chinese
</div><div class="small-4 columns"> zh-tw - 繁體中文 - Traditional Chinese
</div>

<noinclude>
[[Category:Documentation Wiki Policies and Guidelines]]
[[Category:Documentation Translation]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-24T11:52:25Z

Alphapi:

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group where representatives from the communities of WordPress, Drupal, Umbraco and of course Joomla! are collaborating in privacy.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as much as possible.

'''Important notice'''
You should not solely rely on the information below to design your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and let you improve it based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there any functionality to collect and log consents from users that submit their personal data?'''
##A consent collection and logging system already exists.
##Such a system partially exists (for example there is a consent checkbox but does not store logs)
##There is no consent collection and logging system '''{{rarr}}Recommended Action:''' ''A functionality to inform users regarding the privacy policy (upfront the collection of any personal data) and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality to allow users to withdraw their consent?'''
##A functionality provides to users the ability to withdraw consent.
##There is no functionality to withdraw consent. '''{{rarr}}Recommended Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it is not. '''{{rarr}}Recommended Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will facilitate for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Does your extension allow the generation of additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more).
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommended Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality.
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there is no such functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw their consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice for the webmaster to use such a functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to allow users to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality.
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to the Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to allow users request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##There is, but partially.
##There isn’t. '''{{rarr}}Recommended Action:''' ''A functionality and an easy to use flow should be provided to users to submit deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code to successfully delete all the previous collected users’ data once the Super User decides to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommended Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommended Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under HTTPS (TLS).
##Some of the resources transmit information insecurely.
##All the resources transmit information insecurely. '''{{rarr}}Recommended Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s, you can run a test to ensure the security of the certificate used and configuration of this server. There are many tools and services to help you on that, for example you can use [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##Only part of the data can be stored encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommended Action:''' ''To empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Some of the data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommended Action:''' ''You can use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of all third parties.
##No, there is no list of third parties or the list is not full. '''{{rarr}}Recommended Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension for the Webmasters that will use it to find it easy to sign them? Even if the third party does not collect any personal data, an agreement for that should exist.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommended Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://git.io/fjww3
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://git.io/fjwwG
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team
*Contributors: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-24T11:39:50Z

Alphapi:

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group where representatives from the communities of WordPress, Drupal, Umbraco and of course Joomla! are collaborating in privacy.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as much as possible.

'''Important notice'''
You should not solely rely on the information below to design your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and let you improve it based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there any functionality to collect and log consents from users that submit their personal data?'''
##A consent collection and logging system already exists.
##Such a system partially exists (for example there is a consent checkbox but does not store logs)
##There is no consent collection and logging system '''{{rarr}}Recommended Action:''' ''A functionality to inform users regarding the privacy policy (upfront the collection of any personal data) and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality to allow users to withdraw their consent?'''
##A functionality provides to users the ability to withdraw consent.
##There is no functionality to withdraw consent. '''{{rarr}}Recommended Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it is not. '''{{rarr}}Recommended Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will facilitate for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Does your extension allow the generation of additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more).
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommended Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality.
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there is no such functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw their consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice for the webmaster to use such a functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to allow users to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality.
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to the Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to allow users request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##There is, but partially.
##There isn’t. '''{{rarr}}Recommended Action:''' ''A functionality and an easy to use flow should be provided to users to submit deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code to successfully delete all the previous collected users’ data once the Super User decides to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommended Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommended Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommended Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommended Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommended Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://git.io/fjww3
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://git.io/fjwwG
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team
*Contributors: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-24T11:31:24Z

Alphapi:

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group where representatives from the communities of WordPress, Drupal, Umbraco and of course Joomla! are collaborating in privacy.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as much as possible.

'''Important notice'''
You should not solely rely on the information below to design your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and let you improve it based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there any functionality to collect and log consents from users that submit their personal data?'''
##A consent collection and logging system already exists.
##Such a system partially exists (for example there is a consent checkbox but does not store logs)
##There is no consent collection and logging system '''{{rarr}}Recommended Action:''' ''A functionality to inform users regarding the privacy policy (upfront the collection of any personal data) and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality to allow users to withdraw their consent?'''
##A functionality provides to users the ability to withdraw consent.
##There is no functionality to withdraw consent. '''{{rarr}}Recommended Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it is not. '''{{rarr}}Recommended Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will facilitate for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Does your extension allow the generation of additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more).
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommended Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice in order for the webmaster to use such a functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##But partially.
##There isn’t. '''{{rarr}}Recommended Action:''' ''A functionality and an easy to use flow should be provided to users in order to create deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code in order to successfully delete all the previous collected users’ data the time that the Super User will decide to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommended Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommended Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommended Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommended Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommended Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://git.io/fjww3
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://git.io/fjwwG
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team
*Contributors: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-24T11:21:54Z

Alphapi:

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group where representatives from the communities of WordPress, Drupal, Umbraco and of course Joomla! are collaborating in privacy.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as much as possible.

'''Important notice'''
You should not solely rely on the information below to design your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and let you improve it based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there any functionality to collect and log consents from users that submit their personal data?'''
##A consent collection and logging system already exists.
##Such a system partially exists (for example there is a consent checkbox but doesn’t store logs)
##There is no consent collection and logging system '''{{rarr}}Recommended Action:''' ''A functionality to inform users regarding the privacy policy (upfront the collection of any personal data) and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality that gives the user the ability to withdraw their consent? If yes, to what?'''
##The functional ability to withdraw consent is offered to users.
##There is no functional ability to withdraw consent. '''{{rarr}}Recommended Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it isn’t. '''{{rarr}}Recommended Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will make it easier for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Is there a functionality to generate additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more)
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommended Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice in order for the webmaster to use such a functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##But partially.
##There isn’t. '''{{rarr}}Recommended Action:''' ''A functionality and an easy to use flow should be provided to users in order to create deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code in order to successfully delete all the previous collected users’ data the time that the Super User will decide to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommended Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommended Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommended Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommended Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommended Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://git.io/fjww3
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://git.io/fjwwG
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team
*Contributors: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-23T23:05:00Z

Alphapi:

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group where representatives from the communities of WordPress, Drupal, Umbraco and of course Joomla! are collaborating in privacy.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as possible.

'''Important notice'''
You should not only rely on the information below to design your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and let you improve it based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there functionality to collect and log consents from users that submit their personal data?'''
##A consent collection & logging system exists
##Such a system exists partially (for example there is a consent checkbox but doesn’t store logs)
##There is no consent collection and logging system '''{{rarr}}Recommended Action:''' ''A functionality to up front inform users regarding the privacy policy and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality that gives the user the ability to withdraw their consent? If yes, to what?'''
##The functional ability to withdraw consent is offered to users.
##There is no functional ability to withdraw consent. '''{{rarr}}Recommended Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it isn’t. '''{{rarr}}Recommended Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will make it easier for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Is there a functionality to generate additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more)
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommended Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice in order for the webmaster to use such a functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##But partially.
##There isn’t. '''{{rarr}}Recommended Action:''' ''A functionality and an easy to use flow should be provided to users in order to create deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code in order to successfully delete all the previous collected users’ data the time that the Super User will decide to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommended Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommended Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommended Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommended Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommended Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://git.io/fjww3
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://git.io/fjwwG
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team
*Contributors: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-23T22:57:15Z

Alphapi:

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group where representatives from the communities of WordPress, Drupal, Joomla and Umbraco are collaborating in privacy.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as possible.

'''Important notice'''
You should not only rely on the information below to design your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and let you improve it based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there functionality to collect and log consents from users that submit their personal data?'''
##A consent collection & logging system exists
##Such a system exists partially (for example there is a consent checkbox but doesn’t store logs)
##There is no consent collection and logging system '''{{rarr}}Recommended Action:''' ''A functionality to up front inform users regarding the privacy policy and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality that gives the user the ability to withdraw their consent? If yes, to what?'''
##The functional ability to withdraw consent is offered to users.
##There is no functional ability to withdraw consent. '''{{rarr}}Recommended Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it isn’t. '''{{rarr}}Recommended Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will make it easier for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Is there a functionality to generate additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more)
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommended Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice in order for the webmaster to use such a functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##But partially.
##There isn’t. '''{{rarr}}Recommended Action:''' ''A functionality and an easy to use flow should be provided to users in order to create deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code in order to successfully delete all the previous collected users’ data the time that the Super User will decide to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommended Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommended Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommended Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommended Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommended Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://git.io/fjww3
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://git.io/fjwwG
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team
*Contributors: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-23T14:50:55Z

Alphapi:

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as possible.

'''Important notice'''
You should not only rely on the information below to design your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and let you improve it based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there functionality to collect and log consents from users that submit their personal data?'''
##A consent collection & logging system exists
##Such a system exists partially (for example there is a consent checkbox but doesn’t store logs)
##There is no consent collection and logging system '''{{rarr}}Recommended Action:''' ''A functionality to up front inform users regarding the privacy policy and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality that gives the user the ability to withdraw their consent? If yes, to what?'''
##The functional ability to withdraw consent is offered to users.
##There is no functional ability to withdraw consent. '''{{rarr}}Recommended Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it isn’t. '''{{rarr}}Recommended Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will make it easier for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Is there a functionality to generate additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more)
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommended Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice in order for the webmaster to use such a functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##But partially.
##There isn’t. '''{{rarr}}Recommended Action:''' ''A functionality and an easy to use flow should be provided to users in order to create deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code in order to successfully delete all the previous collected users’ data the time that the Super User will decide to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommended Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommended Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommended Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommended Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommended Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://git.io/fjww3
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://git.io/fjwwG
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team
*Contributors: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-23T09:46:45Z

Alphapi:

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as possible.

'''Important notice'''
You should not only rely on the information below only to complete your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and improve them based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there functionality to collect and log consents from users that submit their personal data?'''
##A consent collection & logging system exists
##Such a system exists partially (for example there is a consent checkbox but doesn’t store logs)
##There is no consent collection and logging system '''{{rarr}}Recommended Action:''' ''A functionality to up front inform users regarding the privacy policy and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality that gives the user the ability to withdraw their consent? If yes, to what?'''
##The functional ability to withdraw consent is offered to users.
##There is no functional ability to withdraw consent. '''{{rarr}}Recommended Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it isn’t. '''{{rarr}}Recommended Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will make it easier for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Is there a functionality to generate additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more)
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommended Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice in order for the webmaster to use such a functionality. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##But partially.
##There isn’t. '''{{rarr}}Recommended Action:''' ''A functionality and an easy to use flow should be provided to users in order to create deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code in order to successfully delete all the previous collected users’ data the time that the Super User will decide to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommended Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommended Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommended Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommended Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommended Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://git.io/fjww3
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://git.io/fjwwG
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team
*Contributors: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-23T09:45:31Z

Alphapi:

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as possible.

'''Important notice'''
You should not only rely on the information below only to complete your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and improve them based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there functionality to collect and log consents from users that submit their personal data?'''
##A consent collection & logging system exists
##Such a system exists partially (for example there is a consent checkbox but doesn’t store logs)
##There is no consent collection and logging system '''{{rarr}}Recommended Action:''' ''A functionality to up front inform users regarding the privacy policy and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality that gives the user the ability to withdraw their consent? If yes, to what?'''
##The functional ability to withdraw consent is offered to users.
##There is no functional ability to withdraw consent. '''{{rarr}}Recommended Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it isn’t. '''{{rarr}}Recommended Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will make it easier for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Is there a functionality to generate additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more)
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommended Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice in order for the webmaster to use such a functionality. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommended Action:''' ''A functionality should exist to provide users with the ability to request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##But partially.
##There isn’t. '''{{rarr}}Recommended Action:''' ''A functionality and an easy to use flow should be provided to users in order to create deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code in order to successfully delete all the previous collected users’ data the time that the Super User will decide to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommended Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommended Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommended Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommended Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommended Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommended Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommended Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://git.io/fjww3
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://git.io/fjwwG
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team
*Contributors: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-23T08:59:02Z

Alphapi: /* Further reading */

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as possible.

'''Important notice'''
You should not only rely on the information below only to complete your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and improve them based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there functionality to collect and log consents from users that submit their personal data?'''
##A consent collection & logging system exists
##Such a system exists partially (for example there is a consent checkbox but doesn’t store logs)
##There is no consent collection and logging system '''{{rarr}}Recommanded Action:''' ''A functionality to up front inform users regarding the privacy policy and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality that gives the user the ability to withdraw their consent? If yes, to what?'''
##The functional ability to withdraw consent is offered to users.
##There is no functional ability to withdraw consent. '''{{rarr}}Recommanded Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it isn’t. '''{{rarr}}Recommanded Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will make it easier for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Is there a functionality to generate additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more)
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommanded Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice in order for the webmaster to use such a functionality. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##But partially.
##There isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality and an easy to use flow should be provided to users in order to create deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code in order to successfully delete all the previous collected users’ data the time that the Super User will decide to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommanded Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommanded Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommanded Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommanded Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommanded Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommanded Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommanded Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://git.io/fjww3
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://git.io/fjwwG
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team
*Contributors: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-22T16:51:14Z

Alphapi: /* Further reading */

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as possible.

'''Important notice'''
You should not only rely on the information below only to complete your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and improve them based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there functionality to collect and log consents from users that submit their personal data?'''
##A consent collection & logging system exists
##Such a system exists partially (for example there is a consent checkbox but doesn’t store logs)
##There is no consent collection and logging system '''{{rarr}}Recommanded Action:''' ''A functionality to up front inform users regarding the privacy policy and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality that gives the user the ability to withdraw their consent? If yes, to what?'''
##The functional ability to withdraw consent is offered to users.
##There is no functional ability to withdraw consent. '''{{rarr}}Recommanded Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it isn’t. '''{{rarr}}Recommanded Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will make it easier for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Is there a functionality to generate additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more)
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommanded Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice in order for the webmaster to use such a functionality. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##But partially.
##There isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality and an easy to use flow should be provided to users in order to create deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code in order to successfully delete all the previous collected users’ data the time that the Super User will decide to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommanded Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommanded Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommanded Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommanded Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommanded Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommanded Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommanded Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://github.com/webdevlaw/open-source-privacy-standards
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: [https://volunteers.joomla.org/joomlers/2399-achilleas-papageorgiou Achilleas Papageorgiou], Team Leader of Compliance Team
*Contributors: [https://volunteers.joomla.org/joomlers/312-luca-marzo Luca Marzo], [https://volunteers.joomla.org/joomlers/60-sander-potjer Sander Potjer], [https://volunteers.joomla.org/joomlers/155-roland-dalmulder Roland Dalmulder]

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-22T16:46:17Z

Alphapi: /* 1. Consent to the use of personal data functionalities */

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as possible.

'''Important notice'''
You should not only rely on the information below only to complete your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and improve them based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there functionality to collect and log consents from users that submit their personal data?'''
##A consent collection & logging system exists
##Such a system exists partially (for example there is a consent checkbox but doesn’t store logs)
##There is no consent collection and logging system '''{{rarr}}Recommanded Action:''' ''A functionality to up front inform users regarding the privacy policy and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality that gives the user the ability to withdraw their consent? If yes, to what?'''
##The functional ability to withdraw consent is offered to users.
##There is no functional ability to withdraw consent. '''{{rarr}}Recommanded Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it isn’t. '''{{rarr}}Recommanded Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will make it easier for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Is there a functionality to generate additional consent functionalities (checkboxes) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more)
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommanded Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice in order for the webmaster to use such a functionality. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##But partially.
##There isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality and an easy to use flow should be provided to users in order to create deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code in order to successfully delete all the previous collected users’ data the time that the Super User will decide to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommanded Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommanded Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommanded Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommanded Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommanded Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommanded Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommanded Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://github.com/webdevlaw/open-source-privacy-standards
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: Achilleas Papageorgiou, Team Leader of Compliance Team
*Contributors: Luca Marzo, Sander Potjer, Roland Dalmulder

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>

Privacy Guidance for Joomla Extensions

2019-06-22T14:32:40Z

Alphapi:

{{Top portal heading|color=white-bkgd|icon=lock|icon-color=#5091cd|size=3x|text-color=#333|title=
Find your extension’s Achilles heel (weakness) in terms of personal data protection
}}
{{-}}

This is a compliance audit template to map the GDPR compliance level of your Joomla! extensions. This workflow is based on the [https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md v1 draft] devised by Achilleas Papageorgiou ([https://volunteers.joomla.org/teams/compliance-team Joomla! Compliance team]) for the cross-CMS privacy working group.

'''Global Recommendation'''
This guide presents possible answers to each question and you can consider that, while there is no score to succeed, your extension should be aligned with the first answer (1.) of each question as possible.

'''Important notice'''
You should not only rely on the information below only to complete your full compliance plan regarding your software tools and business. Nevertheless, it is expected that the following information can provide you a useful and easy way to find your software’s weaknesses and improve them based on GDPR requirements and through the provided link to the how-to Joomla! documentation.
{{-}}

'''Choose the severity group of your extension in terms of privacy:'''

{| class="wikitable sortable" style="width:100%; vertical-align:top; border:1px solid Sienna; background-color:Cornsilk;"
|- style="background-color:Wheat; font-weight:bold; text-align: left;"
!width=20%|Groups
!width=60%|Personal data processing profile
!width=20%|Related questions
|-
| '''Group A'''
| The extension isn't expected to process or store any personal data
| 7 and 8
|-
| '''Group B'''
| The extension is expected to process or store data that can be used to indirectly associate the identity of a person
| 1 to 8
|-
| '''Group C'''
| The extension is expected to process or store personal data that can be used to directly associate the identity of a person
| 1 to 8
|-
| '''Group D'''
| The extension is expected to process or store personal data and also special categories of personal data that can include, but not limited to
*race and ethnic origin,
*religious,
*genetic data,
*health data.
| 1 to 8
|-
| '''Group E'''
| The extension is expected to share personal data with at least one third party service
| 1 to 8
|}

== 1. Consent to the use of personal data functionalities==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e1489-1-1 Articles 4] (Definition 11), [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2254-1-1 13] & [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 32, 42]

#'''Is there functionality to collect and log consents from users that submit their personal data?'''
##A consent collection & logging system exists
##Such a system exists partially (for example there is a consent checkbox but doesn’t store logs)
##There is no consent collection and logging system '''{{rarr}}Recommanded Action:''' ''A functionality to up front inform users regarding the privacy policy and log consents (if not legal basis exists) from users that their personal data are collected and/or processed. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily understand all the appropriate information (that Webmasters should provide) and freely provide their consents.''
#'''Is there a functionality that gives the user the ability to withdraw their consent? If yes, to what?'''
##The functional ability to withdraw consent is offered to users.
##There is no functional ability to withdraw consent. '''{{rarr}}Recommanded Action:''' ''A functionality that users can use to withdraw any already given consent should provided. A special focus should be given regarding the UX of this functionality in order to provide a simple and easy flow to users to easily find an easy way to withdraw.''
#'''Is the consent functionality connected to the Joomla core Privacy Component?'''
##Yes, it is connected to the Joomla core Privacy Component.
##The consent functionality is based on a custom mechanism.
##No, it isn’t. '''{{rarr}}Recommanded Action:''' ''Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. This will make it easier for site creators to setup a clear and proper consent functionality for Joomla websites. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.
#'''Is there a functionality to generate additional consent functionalities (checkboxes?) for the up front consent of the users to the use of personal data in case of marketing, profiling, children data, sensitive data?'''
##Yes, there is such functionality that can be used to generate additional consent mechanisms.
##Yes, there is such functionality but with limited options (i.e. you can only add one more)
##No, there is no functionality to generate additional consent functionalities. '''{{rarr}}Recommanded Action:''' ''A functionality to generate, additional to the 1.1 requirement, consents (if not legal basis exists) from users that need to provide additional consent, such as the processing of special personal data categories that require explicit consent, or to provide their consent for a different scope of processing.''

== 2. Consent for Cookies collecting personal data ==

*'''Group affected: B, C, D, E'''

#'''If your extension uses cookies that process personal data, is there a functionality for the up front consent by the user in case the software installs cookies that are collecting any personal data?'''
##Yes there is such functionality
##No, there is no functionality for cookies, but there is an informational notice in order for the webmaster to use such a functionality
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to upfront the installation consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#If a functionality to collect consents is provided, is there also a functionality for the user/s to withdraw consent?
##Yes, there is such functionality
##No, there is no functionality for that, but there is an informational notice in order for the webmaster to use such a functionality. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to withdraw their already given consent to cookies. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core Privacy Component. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 3. Right to Data Portability ==

*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2753-1-1 Article 20]

#'''Is there a functionality that gives users the ability to request and download their data?'''
##Yes, there is such functionality
##Yes, but partially.
##No, there is no functionality for that. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to request and download their data. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#Is the file that is downloaded in a machine readable format (for example XML, CSV)?
##Yes, it is.
## No it isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality should exist to provide users with the ability to request and download their data to a machine readable format (for example XML, CSV). Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

== 4. Right of Access by the data subject ==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2599-1-1 Article 16]

#'''In case the extension collects personal data, does the extension provides a dashboard to the users with settings to edit their personal data?'''
##Yes, it provides.
##Yes, there is but partially.
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''A view should exist to provide users with the ability to preview and edit their data.''

==5. Right to be Forgotten ==
*'''Group affected: B, C, D, E'''
* Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e2606-1-1 Article 17], Recital [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 65]

#'''Is there a functionality that offers to users the request to remove/delete all of their data?'''
##There is.
##But partially.
##There isn’t. '''{{rarr}}Recommanded Action:''' ''A functionality and an easy to use flow should be provided to users in order to create deletion requests. At the same time a procedure for the Webmasters to manage those requests should exists at the administration side of their websites. Empower your compliance efforts by connecting your extension’s functions to Joomla’s core API. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''
#'''Does the extension include an uninstall operation to your extensions code in order to successfully delete all the previous collected users’ data the time that the Super User will decide to uninstall it?'''
##Yes, this operation is included.
##No, there isn’t. '''{{rarr}}Recommanded Action:''' ''You should use the proposed steps [[S:MyLanguage/J3.2:Developing_an_MVC_Component/Adding_an_install-uninstall-update_script_file|here]] to successfully include the uninstall operation and also include any code and files needed based on the Joomla MVC to succeed the complete deletion. Don’t forget to include database tables with users’ data to the uninstall process.''

==6. Privacy by Default==
*'''Group affected: B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3063-1-1 Article 25]

#'''Does the software have all the settings set to the most private possible due to its scope?'''
##Yes, the default settings are in the most private.
##No, the default settings are not in the most private. '''{{rarr}}Recommanded Action:''' ''All the settings regarding the personal data collection/processing/storage should be set to the most private possible due to its scope of processing.''
#'''Is the extension collecting personal data that is not needed/being used currently?'''
##Yes, the extension collects only the minimum needed to offer to Super Users and users the expected functionalities.
##The extension collects by default additional information that could potentially be used by Super Users. '''{{rarr}}Recommanded Action:''' ''The extension should, by default, collect only the strictly needed users data that are mandatory to be functional based on its description. Any additional features that result to data collection (for example the IP collection) should be by default set OFF. the extension should provide a dashboard to let administrators manage those settings based on their needs and Privacy policies.''

==7. Security Measures==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3383-1-1 Article 32], [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 6 and 78]

#'''Is there secure transmission for all the resources used by the functionality?'''
##Yes, all the requests are under https (TLS).
##Some of the resources are transmit information insecurely.
##All the resources are transmit information insecurely. '''{{rarr}}Recommanded Action:''' ''All the used resources, local or called via a third party host, should transmit data only through encrypted connections.You could inspect the HTTP requests through your browser or even use a tool for that like [https://www.screamingfrog.co.uk/seo-spider/ Screaming Frog]. You should always use well configured certificates on your web servers to ensure secure transmission. In case your extension requests from or transmits data to a web server/s you can run a security test to ensure the certificate and configuration of this server. There are many tools and services to help you on that, for example you can you this [https://www.ssllabs.com/ssltest/ SSL Server Test]. ''
#'''If your extension will be used to store special personal data categories (like those described in Group D), is the data stored encrypted?'''
##Yes, data can be stored encrypted.
##The data partially are encrypted.
##No, no data are encrypted by the extension. '''{{rarr}}Recommanded Action:''' ''In order to empower the compliance level of your extension you could use encryption functions to encrypt the data in the database. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. View on [https://github.com/joomla/joomla-cms/tree/staging/libraries/src/Crypt GitHub] to learn how you can make it happen.''
#'''If there is a need to apply anonymization techniques are they applied?'''
##Yes, data can be anonymized.
##Yes, data can be partially anonymized.
##No, there is no ability to anonymize data. '''{{rarr}}Recommanded Action:''' ''In order to empower the compliance level of your extension you could use anonymization functions for the collected data. This will make your extension more suitable to be used by websites that want to apply and prove strict security measures. Read [[S:MyLanguage/J3.x:Integrate_Extensions_with_the_Privacy_Component|here]] how you can make it happen.''

==8. (In case of) Third parties/Sub-processors==
*'''Group affected: A, B, C, D, E'''
*Legal requirement on GDPR: [https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e40-1-1 Recitals 58 and 78]

#'''In case you use third parties to provide a service or a functionality, have you included it to your third parties or sub-processors list?'''
##Yes, there is a list of the third parties.
##No, there is no list of third parties. '''{{rarr}}Recommanded Action:''' ''You should provide a list with all the third party services used by your extension in order to make easier for the Webmasters to also include them to their Processors list in their websites Privacy Policy.''
#'''In case you use third parties, do you provide a notice including a link to the Data Protection Agreement/Addendum (DPA) of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them? Even the third party does not collect any personal data, an agreement for that should exists.'''
##Yes, with all the third parties.
##Yes, with some of the third parties.
##No, there is no DPA signed. '''{{rarr}}Recommanded Action:''' ''You should provide a notice including a link to the Data Protection Agreements/Addendums of the third parties used by your extension in order to for the Webmasters that will use it to find it easy to sign them. This will help them review, audit and provide information to their users regarding the compliance of those third parties. ''

==Further reading==

*Secure coding guidelines, Joomla Documentation https://docs.joomla.org/Secure_coding_guidelines
*Compliance audit template to map the GDPR compliance level of your software extension, Cross-CMS Coalition Online at: https://github.com/joomla/cross-cms-compliance/blob/master/audit-your-software-extension.md
*Papageorgiou A., Strigkos M., Politou E., Alepis E., Solanas S., Patsakis C., Security and privacy analysis of mobile health applications: The alarming state of practice, online at: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8272037. This work was supported by the European Commission under the Horizon 2020 Programme (H2020), as part of the OPERANDO project (Grant Agreement no. 653704) and the CRYPTACUS COST action (COST Action IC1403).
*Open Source Privacy Standards, by Heather Burns (webdevlaw), online at: https://github.com/webdevlaw/open-source-privacy-standards
*Nutricati A. and Papageorgiou A., GDPR Overview: Decrypting the regulation in series, online at: https://magazine.joomla.org/issues/issue-feb-2018/item/3306-gdpr-overview-decrypting-the-regulation-in-series
*Papageorgiou A., GDPR Awareness: From privacy risks to the need for countermeasures, online at: https://magazine.joomla.org/issues/issue-mar-2018/item/3314-gdpr-awareness-from-privacy-risks-to-the-need-for-countermeasures
*Koho R., Privacy by default and GDPR, examples and best practises, online at: https://magazine.joomla.org/issues/issue-apr-2018/item/3318-privacy-by-default-and-gdpr-examples-and-best-practises
*GDPR – A Practical Guide for Developers, BOZHO'S TECH BLOG, online at: https://techblog.bozho.net/gdpr-practical-guide-developers/

'''Contributors'''
*Author: Achilleas Papageorgiou, Team Leader of Compliance Team
*Contributors: Luca Marzo, Sander Potjer, Roland Dalmulder

<noinclude>
[[Category:Privacy{{#translation:}}]]
[[Category:Components{{#translation:}}]]
[[Category:Plugins{{#translation:}}]]
[[Category:Modules{{#translation:}}]]
[[Category:Tutorials{{#translation:}}]]
[[Category:Extension_development{{#translation:}}]]
[[Category:Extensions{{#translation:}}]]
</noinclude>