|
|
|
|
|
|
by seabass-labrax
1036 days ago
|
|
|
Even when accepting users' choice to submit personal data as a justification for retaining the data (which is illegal in more than just the EU, by the way), you may still receive personal data about someone which was not submitted by them voluntarily. This can happen in situations ranging from the normal course of business to customers actively attempting to use your product illegally. You have a duty to deal with a situation like that, and since the GDPR already makes provision for third-party processing of personal data, there is little reason not to go one small step further and extend your process for personal data deletion to users directly. |
|
|