The Pork Chop Platoon (PCP) is a gaming community for older gamers on the Xbox console. This website (http://18.104.22.168) serves as our outward “face” if you will. Our primary site is a web forum that is accessible by members-only. This site consists of general information and a blog. By accessing or using the site you are bound by our TOU. We are pretty simple around here, just clean up after yourself, don’t be hateful to people, and do not use anything hosted on the site for anything other than educational or informational purposes.
While the site is publicly hosted, it is the physical and intellectual property of our members and owners. Any activity we deem as inappropriate can lead to termination of use by several means to include: requests to cease and desist to IP blocking or greater as required.
What is the CAN-SPAM Act?
The CAN-SPAM act is a law that was passed back in 2003. The acronym stands for “Controlling the Assault of Non-Solicited Pornography and Marketing.” This means marketers should not be deceptive when sending commercial electronic messages. It also requires that you provide a way to opt out and act on those requests within ten days. This applies to email marketing, as well as to any other form of digital communication. The CAN-SPAM Act is meant to protect consumers, they don’t get bombarded with commercial emails or messages they have no interest in.
To adhere to the CAN-SPAM best practices, businesses should do the following:
- Don’t lie in your email’s header
- Keep your subject line consistent with your email’s content
- Make sure your clear that your email is an ad
- Include your company’s address with every email
- Every email needs to have an unsubscribe option
- Customers need to be unsubscribed within 10 days of their request
- Any emails sent under your brand are your responsibility
The good news for you as a user of this website is that we are not digital marketers! PCP does not monetize this site in any way. The only funding provided to the organization right now is through private LAN attendance fees, the occasional tee-shirt sale, and through the generosity of its members via donations.
We also do not have blog subscription options at this time. This is a planned activity, but any options we choose for email subscription will be automated (but monitored) and will include an option to unsubscribe. All of our content and website information is straightforward and contains no nefariousness. No spam here!
What is GDPR?
The General Data Protection Regulation is a European Union law that was implemented May 25, 2018, and requires organizations to safeguard personal data and uphold the privacy rights of anyone in EU territory. The regulation includes seven principles of data protection that must be implemented and eight privacy rights that must be facilitated. It also empowers member state-level data protection authorities to enforce the GDPR with sanctions and fines. The GDPR replaced the 1995 Data Protection Directive, which created a country-by-country patchwork of data protection laws. The GDPR, passed in European Parliament by overwhelming majority, unifies the EU under a single data protection regime.
Who has to comply with GDPR?
Any organization that processes the personal data of people in the EU must comply with the GDPR. “Processing” is a broad term that covers just about anything you can do with data: collection, storage, transmission, analysis, etc. “Personal data” is any information that relates to a person, such as names, email addresses, IP addresses, eye color, political affiliation, and so on. Even if an organization is not connected to the EU itself, if it processes the personal data of people in the EU (via tracking on its website, for instance), it must comply. The GDPR is also not limited to for-profit companies.
Well, this one is a little more complicated for PCP than CAN-SPAM. We have members and visitors from all over the world, and we definitely have EU members. The GDPR allows the data protection authorities in each country to issue sanctions and fines to organizations it finds in violation. The maximum penalty is €20 million or 4% of global revenue, whichever is higher. Data protection authorities can also issue sanctions, such as bans on data processing or public reprimands.
I don’t know about you, but that is some serious scratch in my opinion! Here’s how we protect your and our interests and data.
There is a lot to GDPR compliance, so we will break it down into buckets for you:
Lawful Basis and Transparency
- The law requires that establishments of over 250 employees perform site audits. We only have a handful of volunteers working here, but we do restrict access to anything data-driven to chosen few.
- We do not collect data ourselves, short of a few pieces of info to establish accounts for the WordPress staff and some admins. Accounts are not required for readers. We have turned off commenting, so no accounts are required there either. For the data our plugins use, we restrict access to that information to as few staffers as possible (we address this later.)
- Our legal justification to collect or access data via third-party plugins is to better determine how our content and site should be structured and general demographics of our readers in order to tailor content. We do not sell anything or host advertising whatsoever. There is more about the third party plugins below.
- We take data security and our members’ and users’ safety (and anonymity in some cases) seriously. That’s why we collect the bare minimum for what we need to have accounts established for the staff and authors and nothing more. We are also fortunate enough to be a gaming community, so Gamertags are used instead of real names whenever possible.
- As stated above, only specified admins and staffers are authorized to access certain data collected by third-party plugins, ensuring additional data security.
- For data breach security, we have multiple safeguards. Our website is secured via https, our site and plugins are regularly updated, and we have minimal logins. In the event a plugin is rendered unsecure, we will just stop its use or patch it as one becomes available. PCP has no internal data collected on users, therefore members will be alerted as soon as possible to change passwords or emails. Members or staffers with accounts will have their data provided to them immediately if any choose to discontinue their work on the site. Accounts will then be deleted from the website. (Published intellectual property remains the property of PCP in this instance.)
Accountability and Governance
- The PCP owners are the primary caretakers of policy and compliance within PCP. These policies are maintained by the primary WordPress manager with oversight by senior admins. All staffers and admins agree to be bound by these requirements per staff and member policy.
- At least one of the senior admins/community overseers resides in and is an EU citizen and will make determinations and recommendations on policy and GDPR compliance as necessary.
- Our “customers” are the readers and users of the information on this site. No information is collected on them by PCP, only third-party plugins used by the site. A list of these plugins and their web addresses are listed below. Third-party compliance is not in our scope of control and users will have to contact those developers on their own in order to request their data or user information. PCP does not act on those developers behalf via any proxy relationship and are not considered employees of those developers by using these plug-ins.
- Users requesting for PCP to stop using their data via third-party plug-in will have to stop using the website. We have no control over the data collected by or the policies of third-party developers. In the event that a plug-in becomes an issue or does not comply with GDPR practices, we will take in under consideration to cease the use of that plug-in on the PCP website.
- The following plug-ins and web elements are currently used on the PCP website. The plug-in websites are not included but can be found by searching for these names in the WordPress Plugin Directory at https://wordpress.org/plugins/ or via web search to learn about their individual GDPR practices:
- Brooklyn Theme by United Themes
- Akismet Anti-Spam
- All In One SEO Pack
- Better Search Replace
- Brooklyn Page Builder (Visual Composer)
- Contact Form 7
- Duplicate Page
- Google Analytics for WordPress by MonsterInsights
- Jetpack by WordPress.com
- Portfolio Management by United Themes
- Shortcodes by United Themes
- Smart Slider 3
- Plug-ins previously used during the design of the PCP website can be made available upon request at the discretion of the site admins using the “chat” Discord above.