Hacker News new | ask | show | jobs
by yetanother1980 3061 days ago
Why are you storing and processing their data if not for profit?
1 comments
x0x0 3061 days ago
personal data in the GDPR has a very expansive definition, and definitely includes things like IP. Processing likewise has an expansive definition, including collection and recording. Lots of sites will be processing and storing this data for internal analytics.
link
guitarbill 3061 days ago
> Lots of sites will be processing and storing this data for internal analytics.

Just because you can doesn't mean you should. And not asking that questions has got us where we are today.

link
yetanother1980 3061 days ago
Did your customers consent to what is effectively someone following them round the store with a clipboard?
link
bjl 3061 days ago
So just don't do internal analytics. Or, if you feel you must, ask consent first. Easy peasy.
link