|
|
|
|
|
|
by Propelloni
1004 days ago
|
|
|
No, that's not correct. The GDPR is a surprisingly sensible set of rules, e.g. it allows collection and storage of data under certain circumstances. The salient point here is probably that it is allowed to collect and store all data required to fullfil a contractual obligation, e.g your home address, or if you are shopping at a pharmacy your prescriptions. The important part is not what type of data* is collected, but that the collector is restricted to use that is required to fullfil the obligations. If you want to use it for something different (say direct marketing) you have to ask for permission. This extends to many areas, including e-mail, if they are required to deliver your services you may just save them. However, you may not use the e-mail to send newsletters. Of course, you want to double opt-in e-mails in any case unless you don't mind false or malicious entries and being labeled as a spammer. But that has nothing to do with the GDPR. * the type of data is of importance when we are talking about data breaches and fines. Losing e-mail addresses is bad, losing prescriptions is much worse. |
|
|