|
|
|
|
|
|
by rglullis
159 days ago
|
|
|
Basically we are in agreement: IP addresses, by themselves, are not PII, only when they are linked to other information (a cookie, a request log) then it consitutes processing. So, apologies if I was not precise on my comment, but I still stand by the idea: you don't need to a consent screen that says "we collect your IP address", if that's all you do. |
|
|
The misconception is that you need explicit consent for any kind of processing of PII. That is not the case. The law gives you alternatives to consent, if you can justify them. Some will confuse this with “must mean IPs aren’t PII”, which is not the case.