|
|
|
|
|
|
by troupo
502 days ago
|
|
|
> So in essence, it disallows logging IP address for any purpose, be it security, debugging, rate-limiting etc. because you can't give consent in advance for this, and no other sentence in Art. 6.1 applies. No, it doesn't. Subsections b, c, and f roughly cover this. On top of that, no one is going to come at you with fines for doing regular business things as long as you don't store this data indefinitely long, sell it to third parties, or use it for tracking. As laid out in Article 1.1. On top of that, for many businesses existing laws override GDPR. E.g. banks have to keep personal records around for many years. |
|
|
Sounds vague to me, which was the original point.