on 24-05-2018 20:30
on 24-05-2018 20:30
I'm not complaining about the tightening of the law but had enough of the e-mails and TV coverage, have you?
on 24-05-2018 22:20
on 24-05-2018 22:20
@Shaun-2018 wrote:so, if you decided to opt out of marketing or other subs as per GDPR. how do you know, 1) that relevant data that needs deletig IS deleted? and in case 2), assuming you have actually opted INTO a mailig lst or whatever, how do you verify that the data you supply is properly and securely stored?. more often than not personal data is stored over multiple "partner" services affiliated with the company or organization you are dealing with directly. add to that, there are some exemptions to GDPR compliance for data erasure and retention. while the GFPR serves a valid purpose, I can see scope for abuse of theese regulations.
You can ask for a Subject Access Request (SAR) at the first level and the company has to comply within 30 days then the ICO can be involved but not before - sound familiar with OFCOM? This is free of charge which also includes CCTV footage though if the request is complex then a reasonable charge may be applied.
By what I've discovered over a couple of courses recently, these 3rd parties that have the info are part of the process - there are two roles: a data controller and a data processor. Say o2 gave your data to a 3rd party then o2 are the 'data controller' and the 3rd party the 'data processor' of which o2 are responsible for. In essence both parties are liable for any breach.
There should be a defined document on how long data is held for and in the case of a data processor, only kept for as long as necessary for the purpose then must be deleted. Ditto for the controller though there is the slightly ambiguous term "legitimate interest" and there is a legal aspect that comes into play here for example HRMC have their requirements that can span years.
Though in the first year or so, don't expect much legal activity for non-compliance as its a brand new and untested law so companies are going to have to work out a lot of things as they happen in regards to the process. Key point is that if a company is in breach and are ignorant with no GDPR process in place then they will be hauled up rather quickly than one is pro-active.
As for me, its the issues of what "identifiable data" is and how inadvertently easy it can be classed as a data breach. An example I was given last week was a rota in a public area with peoples names on it! Taking it a bit further, I'm having to remove a wifi semi-public access point purely on the fact that the MAC address is logged and with a CCTV in place, that is someone who can be easily identified thus subject to a SAR (oh the irony...). It really is easier to remove things to remove any risk of breaching GDPR and incurring fines.
on 24-05-2018 22:29
on 24-05-2018 22:29
@Bambino wrote:The BBC have done a short quiz. How good is your knowledge about GDPR? I only got 6/9
http://www.bbc.com/news/technology-44224802
So did I but then again, BBC quizzes are pretty dumb intending to make sure you are wrong due to wording. The quiz on "We can guess your age from your taste in music" sadly got it completely wrong by about 20 years
Oh well back to unsubscribing from multiple lists which is no bad thing really. BTW, seeing a lot of logging out and re-acceptance of cookies appearing over the last couple of days in the run-up to the 25th.
on 24-05-2018 22:34
on 24-05-2018 22:34
I’ve hardly had any emails, only 107 of the things.
what I’ve even had is couple of them saying if you don’t respond we take it you don’t want us to contact you again.
Yep that’s correct I thought.
then I get another email saying are you sure
yep yep I am.
can it all go quiet now please. I would like to stop getting 8 emails a day. If I want you I’ll call you.
old saying. Don’t call me, I will call you lol
on 24-05-2018 23:00
on 24-05-2018 23:00
The deadline is tomorrow, so it will quiet down.....I hope. To be honest, I haven't minded all the emails. It means that most companies are complying, and there are lots of things I subscribed to long ago that I'm not interested in any more, so it's reminded me to opt out if I choose to, rather than me ignoring it and it filling up my inbox or just deleting the mail.
on 25-05-2018 01:44
on 25-05-2018 01:44
I've been inundated with them too but why have they all left it so near to the deadline to comply? Must all be consulting their lawyers. I'm amazed at the number I've had from long-forgotten websites that I don't think I ever signed up to. Never heard of half of them!!
on 25-05-2018 06:47
on 25-05-2018 06:47