Requests | Blesta

Requests

Option to disable gravatar support- Potential GDPR issue

Sebastian shared this idea 9 months ago
Planned

Dear blesta team!

currently some parts of blesta such as the ticket system make use of gravatar to display user imags. This sends user data (from the http-request) as well as more sensitive user information (email address) to a third party without the users consent or a way to opt-out.

As such may be seen as a GDPR issue. (Similar to the google fonts thing here: https://thehackernews.com/2022/01/german-court-rules-websites-embedding.html )

I'm suggesting an option to set a static "staff" and "client" image. (with a potential override for staff via my-info) as a potential solution.

regards

Comments (4)

photo
1

I'd like to see the ability to set staff photos and store locally- Maybe have a blank template with the option to upload for clients! I think that's a superb idea

photo
1

I've created this task, feel free to comment here with any thoughts. https://dev.blesta.com/browse/CORE-4686

photo
1

Any news on this Paul?

photo
photo
1

As Sgraf says, I think choices are the best idea here personally! Maybe locally store staff images OR Gravatar

For clients, At scale nobody really wants to store everyone's pics! Maybe allow us to make Gravatar opt-in or support a url to image?