|
|
|
|
|
|
by zeveb
2949 days ago
|
|
|
> What could they possibly be doing that makes not abusing a handful of user's privacy an insurmountable issue? Storing their HTTP logs on archived CD-ROMS would be a violation of the GDPR, unless that same mom-and-pop operation offered users a way to request that CDs be replaced with new versions at will. I don't think that counts as an abuse of privacy, but it is a violation of the GDPR, which makes immutable logs which contain IP addresses illegal. |
|
|
The GDPR give a number of reasons where the right to be forgotten does not apply, including for archival purposes, or when the controller was not relying on consent for the processing.