GDPR law - Seafile ready?

@daniel.pan I’d really appreciate it if admin had option to disable all tracking (IP, user agent etc)
Also I think that the Storage Encryption Backend would also be available on the CE.


Or at least - and much more important - to delete his Information from the audit log (IP, metadata) after the user is deleted (as an extra option) and as @DerDanilo said it should be easy to do.

Maybe an option to disable the tracking for just some users but you’d still have the web server logs, so i don’t think this is needed as long as the user is using this system he needs to know that such things will be logged - But can easily be removed if he doesn’t use it anymore.

And a feature to export all that information about one user in the seafile system would help too, since the customer/user has the right to know which data is collected, so if the admin can click just one button and will receive a ZIP with all the Information about that user (like Google does it too).



As found in another forum:

The TL:DR for GDPR is that if you use personally identifiable information about a citizen of the EU you need to comply with it completely by May 25th 2018.

There needs to be a valid legal basis for processing personally identifiable informaion. Systems have to protect the rights of data subjects, Privacy notices must be adequate. Security of data and backups needs to be clearly documented and privacy and data protection should be by design. To my mind this rules out a lot of current cloud solution providers. It rules out backups being convenently dumped in cloud storage (unless encrypted). It rules out using dropbox or google cloud storage or AWS or icloud to store personally identifiable information. It is important therefore to act on GDPR now. Even if one EU citizen uses your product or service the product or service must comply with GDPR.


This feature will be added in the next release.


what about general setting for admins that would allow them to delete whole logging/limit it. I would really appreciate that. Also I think that would bring some users that have privacy as number 1 priority



I noticed that someone posted an interesting feature request on termes and conditons that may be related to this discusson on GDPR.


1 Like

Hi @daniel.pan
Has the feature already been added?
Maybe only in the Pro Version?

It will be included in the next release 6.3.

Do you know how long we will have to wait for the new Version?

The new version will be ready within a few weeks.

By law Software needs to be compliant by the 25th may 2018.
We have to shut down Seafile theoretically until there is a solution in place.
A few weeks from now is not good enough. This was known for a long time already. I don’t get why it was not implemented earlier.


1 Like

The login log of the user can be removed from database manually via SQL. So in theory, you don’t break the law if you manually delete it if the user request.


I’m in the US, so I’m not as familiar with the law, but I’m certain at some point, a similar law will be passed here.

So, my question is this. Does the law also apply to an individual that hosts their own data? What about an individual that runs Seafile out of their home but has a couple of friends that use it? What about non-profit organizations? Where is that line in the sand between private and public?

1 Like

@wthess, you might want to have a look at

In short: GDPR directly pertains to data collection, therefore both non-profit and charitable organizations have exactly the same obligation to abide by GDPR as any other corporation. However, its scope excludes data processed by natural persons for purely personal reasons.
Please note, though, that IANAL and you should always double-check statements.


How could we/I add some policy or terms of usage to the Seafile website?
So that if people get on the website, that they can see our terms and conditions.

1 Like

There a serveral APIs in the manual, with them you can create a custom login.

Cool, can I ask which API you used and how?

We need something like this in the Seafile Admin Interface. Be able to search for specific objects, IPs etc. in the DB. No fiddeling with the DB should be required. :slight_smile:


I agree


1 Like

Very good idea. Almost forgot. This can break one’s neck in certain situations.

It should be possible to set a custom url to one’s terms and conditions in the admin panel/config files.

@daniel.pan Could you please add this option and add the link for it to the footer of the Seafile Web UI!? Should be a simple change as it’s mostly adjustment in the theme files.