I’d be really keen to host a lemmy instance but just wondering with GDPR and everything, if there is anything else to consider outside of the technical setup and provisioning of hardware?

Lemmy is storing users data so is there any requirement to do anything GDPR wise?

Hope this is the right place for this - But seen a lot of posts interested in hosting their own lemmy instance, and this is an extension of that

    • poVoq@slrpnk.net
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      1 year ago

      No, public websites are explicitly not covered by this exemption even if no profit motive is involved.

    • tk338@lemmy.oneOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Interesting - The Wiki article seems to make it out to be less about commercial that the actual links to the articles provided. I’ll keep reading, thank you

    • RoyalEngineering@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yes I think you’re right, but also IANAL. From what I learned in a mandatory class at work, I think the GDPR only covers commercial activity. GDPR is supposed to protect citizens when engaging in commerce:

      an entity or more precisely an “enterprise” has to be engaged in “economic activity” to be covered by the GDPR.

      Lemmy doesn’t charge a subscription fee or sell ads (yet), so it’s acting as a kind of personal messaging system for communicating between people. The GDPR explicitly says it doesn’t regulate personal messaging systems like email. I think Lemmy would fall under that exemption clause.