- Issue created by @jurgenhaas
- 🇦🇹Austria Grienauer Vienna
just a note.
PII stands for: Personally Identifiable Information
The submodules fields and task in the GDPR → module provide functionality that's required for the advanced privacy recipe in Drupal CMS. Those 2 submodules have been developed and maintained by @yanniboi, and he is on board with the idea of extracting them from GDPR and turning them into an independent suite of modules that can be used for Drupal CMS but also elsewhere and for other purposes if needed.
There should be an API module, which allows site builders to define entity fields or even full entities as containing sensitive data that belongs to a specific user. This API module should also allow the configuration of what should happen with their content when certain actions (reporting, exporting, deleting, etc.) will be performed. This configuration should be module-agnostic, i.e. this configuration should be abstracted away from the use cases that we currently have in mind.
Two other use cases should go into separate modules that require the above API module. Either both of those use cases get addressed together in one module, or one module for each. This needs to be discussed. The use cases are:
Both of those not only require some CTAs, confirmation forms, and rendered pages to interact with the user, they also require some task management, maybe review steps, and persistent logging to be reported to the authorities if needed.
Active
Track: Privacy
just a note.
PII stands for: Personally Identifiable Information