There are numerous topics around GDPR on discuss - too many for me to list here, but GDPR is still very much the elephant in the room for those of us who run communities within the EU - or indeed entertain access from clients originating from the EU.
Sadly, it seems that Flarum has yet to adopt what I'd consider a critical extension in order to remain compliant in terms of GDPR. Previously, myself, @luceos, @katos embarked on a journey to see what could be accomplished here, and I'm also aware that @luceos created a base framework which was a step in the right direction. However, this project seems to have gone cold in the sense that it lost momentum. GDPR is a contentious subject, but anyone hosting a forum is in scope if they handle or process data pertaining to EU residents.
For clarity, I'm a security/privacy expert by trade, and the lack of a functional GDPR extension concerns me greatly. Flarum is fantastic, and I'm happy to support and foster it's growth (as I actively do as a backer, extension contributor, and payment for extension updates) - I also adopt several premium extensions as a means of providing financial support for the project, and it's developers.
The issue I have here is one of privacy and compliance. I'm happy to fund the initial (and probably ongoing) development of an extension for GDPR - not one that simply ticks boxes, but allows the user to perform a download of all his/her data, allows for corrections, and just about everything else which is considered a base requirement of GDPR. My take here is that Discourse has something in place, so why not Flarum? I know it's been discussed previously, but little action has been taken to actually address with a dedicated extension.
My position sadly means that without this fundamental extension, I cannot continue to use Flarum for any project where data of EU residents is in scope with no means of addressing the compliance side.
Again - I'm happy to fund extension development, and also happy to engage in discussion (probably via Discord) as to how this should work etc. A lack of a basic GDPR framework could well render Flarum's uptake in the EU dead, and this is something I personally do not want to see happen.
All devs - let's do something about this - please !