Option to disable gravatar support- Potential GDPR issue
Sebastian shared this idea 1 year ago
Dear blesta team!
currently some parts of blesta such as the ticket system make use of gravatar to display user imags. This sends user data (from the http-request) as well as more sensitive user information (email address) to a third party without the users consent or a way to opt-out.
As such may be seen as a GDPR issue. (Similar to the google fonts thing here: https://thehackernews.com/2022/01/german-court-rules-websites-embedding.html )
I'm suggesting an option to set a static "staff" and "client" image. (with a potential override for staff via my-info) as a potential solution.
I'd like to see the ability to set staff photos and store locally- Maybe have a blank template with the option to upload for clients! I think that's a superb idea
I've created this task, feel free to comment here with any thoughts. https://dev.blesta.com/browse/CORE-4686
As Sgraf says, I think choices are the best idea here personally! Maybe locally store staff images OR Gravatar
For clients, At scale nobody really wants to store everyone's pics! Maybe allow us to make Gravatar opt-in or support a url to image?
+ "Disable Avatar" option plz
Comments have been locked on this page!