|
|
|
|
|
|
by athrowaway3z
3061 days ago
|
|
|
https://www.eugdpr.org/key-changes.html Apart from the fine and the notification of the breach. Equifax would have been different because of. - Consent : " companies will no longer be able to use long illegible terms and conditions full of legalese "
- Right to Access : " Further, the controller shall provide a copy of the personal data, free of charge, in an electronic format. "
- Right to be Forgotten
- Data Portability
- Data Protection Officers But Europe ( the countries that i know about ) have different requirements rules for credit bureaus all together. So AFAIK there is little incentive for Equifax to hold European data at all. |
|
|
So that people don't rely on your lack of understanding of the gdpr:
* consent isn't required; it's merely one basis to permit processing
* since consent isn't required, it will be an extraordinary stretch to exercise a right to be forgotten. In fact, credit reports are probably one of the canonical cases where LI override most rights of the data subject.
* data access is not new; see DPA
* Equifax does, in fact, have an EU business; it is in the UK. And has offered £2 access to credit reports since 2010-ish. I recognize 2 > 0, but it is not significantly different.