I am slowly building a new web app for industry in EVE and I am now worried about it’s compliance with GDPR. In general the only data I collect is the one manually entered by users - various settings and presets for blueprints. No personal accounts are created and no e-mails collected. All users are authorized via ESI and a uuid token is generated to identify the session. So, no cookies either.
In this situation - should I convert my app from a web server to standalone off-line tool as the only way to avoid this GDPR headache?
Would be nice to have legal team from CCP to provide some guidelines/advice on what to do and do not with the 3rd party apps for those who are not so good in EU legal issues.