Hey, just went through a few different checklists, and discovered that Lemmy does not meet GDPR requirements for notifying users for how servers handle the data. I’ve brought up this request on github, and I hope to get it fixed soon, but in the meantime I’ve compiled a list of EU address blocks and intend to add them to my firewall. Just thought you all should know.
There is also not a “cookie accept” when you first visit the site that is now standard convention.
That’s because Lemmy does not use tracking cookies! Lemmy only uses one authentication cookie, cookies such as these do not require user consent (at least under the GDPR). More info: https://gdpr.eu/cookies/
I was told by the owner of Beehaw that login cookies are excluded from the cookie dialog requirement, and Lemmy doesn’t use tracking cookies which are subject to the requirement.