Is this comment and that website [0] sarcasm? What exactly are you automating? The theft of my PII or the opposite? On this matter your privacy policy[1] confuse me.
Certainly seems like theft to me. Just because computers spew ridiculous amounts of PII does not mean company xyz llc has a right to collect that information or to use it for anything without educated and explicit opt in disclosure that verbosely enumerates every single instance in which said PII will be used between the time of collection and the heat death of the universe.
'server logs' fails to account for how that data is used which should explicitly defined. Failures to do so is misappropriation. A good litigation firm couls retire by challenging reckless companies on these grounds.
>does not mean company xyz llc has a right to collect that information or to use it for anything...
I guess this is where our opinions differ. In order for them to be absent the right to collect it you must force them to forget. That's where it doesn't seem like your information, after all they need to erase it. I'm all for legislation to regulate it's use.
Yeah, that’s a grey area actually. It’s why Google Analytics has the option of chopping off the last byte of IP addresses, for example.
Better to assume all PII and PI even if not identifying, belongs to the user. GDPR is explicit on some of this and not on others. Shared information, or that deemed necessary, won’t be deleted on request for say Uber/Lyft. There is a financial transaction and a driver etc, they won’t delete. They could sever the link to your profile though. Facebook offers something like this, but don’t do it. You will never be able to authenticate yourself again, and they will keep building the “anonymous” profile. It’s complicated for users out there...
>Better to assume all PII and PI even if not identifying, belongs to the user.
I agree from a liability standpoint, from a company's perspective. From a user perspective, better to assume all information that can be captured will be, it will eventually be available to all humanity and it doesn't belong to you.
Not sarcasm, we issue GDPR requests from an app on device, and you can request data (back to your device and not through us unless stated). Deletion requests are done as well. Data brokers, as a group, are obviously very anti-consumer, and getting them to comply in CA has been a huge headache (most simply do not). Prop 24 should help, so it’s going to be a long burn for consumers to take control. CCPA made hiring an agent (like us) explicit, but almost no one accepts that at the moment.
Alright, that's good, because I would really love for there to be a service that would streamline the way I request data from service providers or request the deletion of data connected to my account, as well as the account itself.
However, your site says:
>> We import and analyze all of your data across your online accounts and give you an audit and a plan of action.
Doesn't that mean that apart from all the, possibly bad, actors out there that have gotten their hands on my activities _you_ are now also in possession of PII connected to me? How does that improve things for me?
No, you are. Which has been a pain on our side to not have possession of the data, and also why it is an app for desktop if you want to have a copy of your data. It can be really large for a mobile device, and processing in the background is generally not available on mobile. Trying to get some things on mobile though -- deletion is easier than copies of data.
And yeah, we don't want to become a honeypot for what is the largest profile on you -- the combination of all the others.
Please consider referring to it as spying over theft and PII about you, as opposed to your PII?
Part of the server logs may be about you but are not yours per say.