We are currently on OJS 188.8.131.52 and I’ve been trying to find information on how to provide our users with information on the data we process in case someone makes use of their Right of Access (see GDPR article 15 https://gdpr-info.eu/art-15-gdpr/). I tried searching the forum for information on DB-queries others might have come up with to comply with GDPR article 15, but did not find anything with keywords such as “right of access” or “gdpr user data”.
Ideally I would like to get all user related data from the database and the logfiles or any other place user data might be stored. The GDPR Guidebook at https://docs.pkp.sfu.ca/gdpr/en/ lists things such as User Registration Data, but not how to access those in the most thorough way. Also logfiles don’t seem to be mentioned?
I found this recommendation: “Understand what personal data you process: what it is, how it’s stored, and how it can be accessed, modified and erased;” (https://docs.pkp.sfu.ca/gdpr/en/whats-the-deal) But I am wondering if really every project should do this from scratch for themselves? Couldn’t this be done in a more collaborative way?