I’m currently working on a small social platform and I’m trying to make sure I handle notifications correctly before opening it up to more users.

Right now users can send friend requests and room invitations, and I’m considering adding email notifications so people don’t miss them when they’re offline.

My question is: if I send emails for things like friend requests, room invites, and account-related notifications, do I need to explicitly mention that in my Terms of Service or Privacy Policy? Are there any common mistakes I should avoid when implementing this?

I’m also interested in general feedback about the platform itself. I’m still actively improving it, so honest criticism is welcome.

Link: The Hideout

A few things I’d especially like feedback on:

  • First impressions
  • Account creation and onboarding
  • UI/UX
  • Social features
  • Anything confusing or frustrating
  • Features you think are missing

I’m looking for real feedback rather than promotion, so don’t hold back if something needs improvement.

  • RonSijm@programming.dev
    4·
    7 days ago

    Yes. If you’re operating in the EU, if you send GDPR related data to a third party (like an email service) - it should be mentioned in a DPA

  • RightHandOfIkaros@lemmy.worldEnglish
    3·
    7 days ago

    You should talk to lawyers familiar with personal data related laws in the regions you plan to support in your application. They will give you better information than anyone here.