What the actual fuck ?! Why are you able to do this? Why WOULD you give the ability to do this?

If it was pre filled they are violating GDPR if targeting europeans.

Pre filled consent are by law invalid and prohibited, you have to explicitly check the box for it to be a valid consent.

They can however require consent to continue, but you still have to manually check the box so they cannot sneak it past.

@Voxera I checked it. Maybe I should have done a red circle around the credentials checkbox ^^

@hypervtechnics Then I guess they have been doing it to sell to make money and now they are just open about it :)

That was one of the goals of GDPR to require all such practices to e in the open so you can decide if its worth it.

@Voxera they are advertising that they are gdpr compliant xD

@hypervtechnics If they ask permission they are ;)

At least on some parts.

I think the issue here is the 'send these credentials by email' option not whether it's GDPR compliant.

@DeadInside as stated

Is there a "print my credentials on a billboard close to the administrator's house" option? If so, leave that unchecked. (Or uncheck it if it's been pre-checked in direct violation of GDPR law 😉 )

@hypervtechnics Yes, that point seemed to be lost on @Voxera

That also suggests to me the passwords are stored as plain text otherwise how could they send them to you 🤔

You could send the credentials before hashing the password?

@korrat Yeah good point, did wonder if that's what they were doing. Still though seems a massive security hole.

@DeadInside actually yes, I missed that one ;)

Have been swamped with GDPR questions for weeks.