Working towards GDPR compliance
Since writing this post, elmah.io is now 100% GDPR compliant. Check out Security and GDPR Commitment for details.
You may have heard about GDPR or the General Data Protection Regulation. It's a new set of directives that every company dealing with EU citizens needs to follow. We are working with an external law firm to make sure that we comply with the new set of rules and guidelines.
We are currently looking at the last technical issues and started documenting a range of things as prescribed by GDPR. As usual, we want to be 100% transparent. You can follow the work and get under the hood on our new elmah.io GDPR Wiki. Documentation is added as we write it. Also, make sure to follow the elmah.io Security page for details. We are planning a redesign of this page as well as extended information about GDPR.
Please notice that the GDPR wiki no longer represents the most recent documentation. All of the content on the wiki has been baked into our legal documents available on the elmah.io website.
As a user of elmah.io, our work against GDPR compliance doesn't make a whole lot of difference. We are already following best practices for security and handling personal data. If you need it, GDPR provides you with a better insight into the personal details we collect about you, which cookies we use, etc. As a data processor (a GDPR term for an entity processing people's personal data), we will create a Data Processor Agreement (DPA), that you will be able to download to ensure your own GDPR compliance. When the DPA is finished, it will be available for anyone requesting it.
Feel free to reach out if you have any questions regarding GDPR, security, or our procedures for handling your data.