Privacy issue: Not showing the users on the Web portal #298
Comments
|
Related to that. A user can create an "Organization". Then in the "Members" section, users can add to their organization any other user of the system. They even get suggestions of all users in the system simply by typing two letters. A user is added to another's user organization without giving consent. Finally, a user can view the details of all other users he has added to his organization. |
|
Yes, exactly. This is not really compliant with GDPR. To come back to my initial question, is it scheduled to change this behavior? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For a given application, is it possible to hide the authorized users of this application on the Web portal of Keyrock?
The rationale behind this question is to be fully compliant within the privacy, in particular the GDPR. Normally, a user connected to the Web portal of Keyrock should not know the name and the email address of the other users authorized for this application, considering that the username and his email address are personal data.
The text was updated successfully, but these errors were encountered: