Rocket.Chat is GDPR compliant
Rocket.Chat has implemented various updates and changes to its codebase in preparation for GDPR enforcement on May 25th 2018.
A summary of Rocket.Chat’s overall GDPR readiness strategy for this project can be found below:
Our public statement can also be found on GitHub.
The following are some of the more recent GDPR updates that are now part of the core codebase:
Right of Access
Right to be forgotten/erased
Other rights for the data subjects are either covered by features already built into our codebase, or outside the scope of the open source software project, including:
Right to Rectification
The codebase can be configured to support user modification/correction/rectification of any data supplied (entered) by the user.
Right to restriction of processing
This is outside the scope of the open source software project, and is up to the controller ( administrator / deployer / operator of the the server system) to enforce.
Right to Object
This is outside the scope of the open source software project, and is up to the controller ( administrator / deployer / operator of the server system) to enforce.
The above will allow our community members to build and deploy GDPR compliant systems and services. We know and understand that all of you have custom installation, configuration and deployment environments and that you are working to ensure your own deployment of Rocket.Chat is compliant with GDPR if necessary.
Meanwhile, we would welcome any advice, input, or questions you may have regarding Rocket.Chat’s GDPR readiness. Please help us by emailing your thoughts to firstname.lastname@example.org.
The Rocket.Chat Team