The Dashboard is used at events and for some courses. We should investigate if it complies with any GDPR requirements we might have. Note that users sign up to the Dashboard using their Wikimedia credentials.
Additionally on a Wikipedia camp leader meetup in December, we talked about Dashboard, and a couple of privacy arguments were brought up against it. Since we sometimes use Dashboard at events, it might be something we want to look into (unless we have already).
Examples that were brought up
From the page Private information
"For logged in users: OAuth credentials that allow partial access to to your Wikimedia account, including making edits on your behalf"
From the page Cloud Services Terms of use
"information shared with the Cloud Services Project, including usernames and passwords, will be made available to volunteer administrators and may not be treated confidentially."