|
|
|
|
|
|
by zaarn
2715 days ago
|
|
|
IP Addresses are Personal Data. I think the easy way to check is to ask yourself if the data can directly link to someone's IRL identity. If no, ask yourself if the police could identify them if they demanded and got the data. If still no, ask yourself if the data is of a protected category (gender, religion, sexuality, etc.). If you need any of this data, minimize your need first (ie this means storing IPs only for a limited timespan, german authorities have IIRC recommended 7 days as normal). If you can't reduce your need, find another way to do what you do that has less need. If all else fails, cover under legitimate interest and hope you're not Adtech. |
|
|