|
|
|
|
|
|
by blensor
2939 days ago
|
|
|
The point is that if you are exercising the law to it's maximum extent then it is next to impossible not to collect personal data, even if you have no intention to. For example, some hosting providers in Europe now automatically disable webserver logs unless the customer explicitly activates them to make sure they don't accidentally collect user data. Now you might say, well if you run your own virtual server where you control all the services and know for a fact that no personal information is collected you won't run into that problem. But then you might still collide with the law because some network monitoring of the hosting provider might store connection logs. And it is on you to make sure that the companies you use for your business are compliant with the GPDR. You even need to have a contract with every single one of them with which you instruct them to process your users data and that they have to comply with the GPDR when doing so. And even if you think everything you are doing is correct there are still some law firms that try to extort money from you by claiming some violation. In Germany this game of cat and mouse has already begun (and I don't mean the well known cases against Google, Facebook et. al) |
|
|
This isn't the US. You can't sue for GDPR non compliance, only complain to the authorities