GDPR

Introduction
On may the 25th of 2018 the new EU General Data Protection Regulation (GDPR) will be enforced. This page is a growing page, collecting the research done on the consequences of the GDPR for XMPP and the XSF. There are three fields where the GDPR probably will have an impact and that will be of concert to the XSF:
 * 1) The public (federating) XMPP network
 * 2) The XSF run XMPP server
 * 3) The functioning of the XSF, like the membership applications and the voting

Methodology
We decided to roughly follow the lines of the Data Protection Impact Assessment (DPIA) as mandated by the GDPR: Collaboration with IETF was mentioned during previous board meeting that started this ad-hoc group. Who is working on it, (how) should we collaborate with them?
 * 1) Check if the GDPR is applicable (jurisdiction)
 * 2) List what data is processed
 * 3) List what processing is done
 * 4) List legal grounds for the processing
 * 5) Analyse possible consequences

ToDo's

 * 1) Link with IETF and other projects with similar issues.

Contributors:
Ge0rG, jonasw, pep., peter.waher & winfried