Should Mods be able to view IPs?

We almost never IP ban. Only in extreme cases

To all admin, you are potentially violating the law. As stated by GDPR experts:

In the General Data Protection Regulation (“GDPR”) that IP addresses should be considered as personal data as the text includes “online identifier”, in the definition of “personal data”.

Who has created this place truly did not look at european rules much?

By visiting any website, you consent to have your IP stored automatically. By making an account, you consent to have it associated with your account details.

Not really. Even visiting website a company needs to state clearly and visibly what the digital rights policy is and needs to prove that the access to personal data including IP is strictly controlled. If mod and admin can indiscriminately look at an IP it is a violation of GDPR.

Replit Ask uses Replit for authentication. So yes, they do state it very clearly.

This is not what is meant. The policy needs to be public and always accessible (not to mention respect the minimum age, but let’s get that slip for a second) and need to cover the case of MODs (which are not employees or so looks like) accessing the IPs
Again looks like here the philosophy is like live and let live, while most go for avoid and remove any possible doubt.

This is why there are only 2 moderators. Both of which are very trustworthy.

Mods and admins on Ask would be considered “staff” in your scenario. Minimum age isn’t the problem of Replit if ToS clearly states you must be over 13 or have permission from a parent/guardian unless you are legally independent. Discourse also logs the actions of mods here on the forum.

Oh well. I wish them luck, but again they are still small in the grand scheme of things and not European enough to be looked at. Next would be where is all data stored especially of french users.

Us mods and admins (Matt and I) are not staff and we only get free hacker. As for this I will ask the head of Trust and Safety to look at this.

Better safe than sorry. I do know enough people who received letters from GDPR sharks …

I can shed a bit of light into this. Yes, the GDPR and similar laws do in general limit platforms from collecting personally identifiable information, however there are exceptions to this, such as obtaining the user’s consent, or if collection is essential to providing the service. In Replit’s case our privacy policy goes into a lot of detail about what information we collect, our purpose for doing so, and our legal basis for doing so. IP addresses are included in this but we rarely consult the IP address records that we collect except in cases of abuse.