How LoginPress work with GDPR to make your sites compliant?

What is GDPR?

Both international laws and social media platforms require apps to feature a Privacy Policy.

Other than the GDPR, the primary laws that the social site owners have to contend with are California's Online Privacy Protection Act (CalOPPA) which arrived in the European Union in 2018.

California's law technically applies to California, but the nature of the internet means all companies must comply because Californians will surely be accessing their sites.

Greater privacy protections arrived in the European Union in 2018 with the GDPR.

Why do EU and California laws apply to your company? Because the nature of social media means that you will inevitably find users from the state of California or one of the European Union's 28 member states.

Once those laws apply, so do the enforcement and punishment measures associated with them. That means you're liable for lawsuits and fines.

Regardless of international law, you'll need to provide a Privacy Policy URL whenever you utilize social logins because this is part of the Terms and Conditions of using such features.

You'll learn more about Facebook, Google, Twitter, and LinkedIn's Privacy Policy requirements in each respective section below.

Requirement of Social Platform with GDPR?

We'll show you what the four big social platform players request from developers and give a few examples for each login system.

Generally, the biggest social media players want three things:

  • They want to see the Privacy Policy front and center, ideally, before users connect the two profiles.
  • They want the Privacy Policy to be compliant with CalOPPA, the GDPR, and any relevant legislation.
  • They want you to follow the guidelines you write in your own policy.

If you add social login to your Website or App, you should also update your Privacy Policy to reflect this and send out an appropriate Privacy Policy update notice.

Let users know what kinds of data get shared to the social media site and whether users have control over it. The social media site will also let users know via a prompt based on information provided to the site during development and when you add the login button.

Both the law and social platforms require you to ask for permission to access the user's data when they log in to your app with their application’s credentials.

When the user grants the authority, it gives your app seamless access to the requested data items like usernames, profile photos, and friends lists.

Where does your Privacy Policy come into play?

Any Social Login platform wants a Privacy Policy that meets the following requirements:

  • Publicly available
  • Easily accessible
  • Explains what data you collect
  • Describes how you use the data
  • Remains consistent with the platform policy

Additionally, Social Platform requires that you:

  • Add your Privacy Policy URL to the App Dashboard
  • Include a link in any app store listings where your app is available
  • Operate by your Privacy Policy

After setting up the Social Login for the application, a user comes to your site/s and tries to log in. 

On the very first login: The user is asked by the platform that it wants to access the user’s information like email and profile picture, etc.

On each log in the user is checked to see if

If it exists on the site as a registered user, it gets logged in.

If it doesn’t exist then it gets registered on the site first and then logs in to the user.

LoginPress only checks the availability of the user on-site and acts on the response given by the platform the rest is managed by the social platforms.

LoginPress and Information from Social Platforms

LoginPress has four mainstream social platforms to be used as a login to your sites.

All these platforms require the following things from a user’s social account who tries to signup or log in using the social platform with LoginPress.

  1. Username - To set the username inside the site.
  2. Email - To set the email address which is compulsory.
  3. Profile Picture/Avatar ( Which is only saved temporarily )

This information is compulsory to add a user to a site, which is why LoginPress only takes these parameters and adds the user to the site.

Conclusion

LoginPress’s Social Login complies with GDPR and CalOPPA.

Rather than using third-party integrations it provides and uses the four main social platforms which are Facebook, Google, LinkedIn, and Twitter which provide and comply with the GDPR standards.

Leave a comment

Your email address will not be published.