Basically you should always use VIMP in the most current version, as the exact requirements for software products with regard to the GDPR will certainly change again and again over the course of time via precedents. With the latest version we will continuously implement the necessary measures with regard to Privacy by Default and Privacy by Design.
The requirements for data security differ depending on the operation purpose of VIMP. Please contact your legal department or data protection officer for more information.
In the following we list functions that are available in VIMP for the protection of data privacy:
Age verification:
If it is necessary for the purpose of your platform to integrate an age query, you can add this to the registration using a hidden custom user field.
Declarations of consent:
The same applies to obtaining consent in the registration process. This can also be added via a hidden custom user field. Hidden field means that the field appears in the forms (registration, edit user), but is not visible to others in the user profile.
User deletion:
A user deletion removes all user data from the platform. In the first step, the user is only set to the "deleted" status and can be restored by the administrator at any time. In the second step, the user is permanently deleted from the system. This means all his data is physically removed from the hard disk and from the database.
IP anonymization:
VIMP automatically anonymizes all IP addresses that are stored in the database. If this is not necessary for your application, you can deactivate the function in the configuration.
IP anonymization for Google Analytics can be set separately under the Google Analytics configuration item.
Google Analytics:
Be sure to activate IP anonymization under Configuration -> Google Analytics. Furthermore, from version 4.0.2 VIMP contains the required opt-out code as required for the GDPR by default.
