Hi, sorry, I and others are currently working on a Minecraft server and we just realized that this plugin collects past IP addresses for every user (/dynmap ips-for-id <user>).

Considering that we are based in Germany and have to adhere to the DGSVO and GDPR (as well as because I do not really understand why dynmap should collect such data to begin with), as well as it being more morally correct, despite it being possible to collect IPs through other means, I think that it may be a more sane default to just not collect it at all unless if explicitly enabled, rather than the other way around. I am really not sure how I would justify this as "legitimate interest" in comparison to, say, chat/security logs (where the total list of IPs is also only relatively easily accessible to people with shell access), and lots of data being accessible by different sets of people bothers me a little bit.

This is more of an expression of a concern rather than a substantiated argument, and I have not done any of this in a while and may be overlooking a couple of other details or "the greater picture", so feel free to call me out if I am wrong.

As far as I know that data is solely shown and stored on your server and not sent to 3rd parties or whatever, the function is needed for the webchat to show usernames instead of IPS, cus the webchat doesn't know which user is typing initially

Because they need it to link an id to an ip, if using multiple proxies for example.

I am not sure why a moderator should be able to access it in-game so easily, however.

they need it

Why?

Because sometimes dynmap doesn't correctly link a uuid to an ip, which the moderator then has to fix.