GDPR Compliance
Note
This section provides general information only and does not constitute legal advice. No responsibility or liability is assumed for how this information is used.Certificate
To satisfy GDPR security expectations for protecting personal data in transit, the site should be served over HTTPS using a valid TLS certificate. Ocelot-Cloud provides built-in certificate generation to enable this.
User invites
The link generated in the previous section contains no password, only a temporary token. With short validity, one-time use, and HTTPS protection, transmission of such links is considered GDPR-compliant. Administrators may send the link through encrypted or unencrypted channels, including:
- Signal (most secure)
- E-mail (most common)
- Telegram
- SMS