we’re wondering why there’s no opt-in checkbox or even a double opt-in process when asking people to provide their potentially private e-mail adress for password recovery. Following dataprotection regulartions you may need users consent to use a provate email address.
In any case there should be a link to your dataprotection information.
how to add at least a link to imprint and GDPR information?
how to add a checkbox to get concent, even better: how to get double opt in to use this address?
thanx in advance,