Day 3!?/snip
Only on day 3 of my training course though so may be mistaken.
AFAIK, GDPR only applies to personal data, so things like name, address, DOB, email etc. So yes, you could request those details but that's all we store....
I think people will be able to request all information held about them. As that could be in any post I think OCUK will be unable to comply.I was more referring to the forums. Which are full of personal data. It might not seem so, but if you pull together, disconnected posts from the same user you could build up a decent profile of someone.
If you are an IT person working with databases, you will be used to doing this. I assume hackers and social engineering would be even more skilled at it.
Even easier, we have the feature available on everyone's profile -I was more referring to the forums. Which are full of personal data. It might not seem so, but if you pull together, disconnected posts from the same user you could build up a decent profile of someone.
If you are an IT person working with databases, you will be used to doing this. I assume hackers and social engineering would be even more skilled at it.
Technically, the changes to the privacy policy don't need to be sent to you. Those emails asking if they can still email you are quite risky, because if they don't already have consent to email you, they can't send you an email asking if they can email you. The alternative, however, is that if they don't have your confirmed consent then they have to delete you, so many companies are taking the risk. If they have been super forward thinking and have been using your data for legitimate business interests and only market to people whose consent they have, then they don't need to email you about anything.
I would have thought that given anything in posts is being placed into the public domain voluntarily by the user, OcUK won't have any obligations relating to that data.I think people will be able to request all information held about them. As that could be in any post I think OCUK will be unable to comply.
I think people will be able to request that all data on the forum about them be deleted. I think OCUK will be unable to comply.
There's also a question of how long posts should be stored on the forum for. The wrong answer is indefinitely. The right answer is probably 1 year.
That would be my take on it too.I would have thought that given anything in posts is being placed into the public domain voluntarily by the user, OcUK won't have any obligations relating to that data.
Anything the forum is holding behind the scenes, be that emails or usernotes or whatever else that's personal to a user will be a different matter.
I would have thought that given anything in posts is being placed into the public domain voluntarily by the user, OcUK won't have any obligations relating to that data.
[excludes where] processing relates to personal data which are manifestly made public by the data subject
It's not about the right to erasure, aka the right to be forgotten.
Because it's a tricky thing to do. For example I could post something and it could be quoted.What makes you think there will be any difficulties in deleting all of your data?
Because it's a tricky thing to do. For example I could post something and it could be quoted.
Happy for someone to settle it by saying "yes you can request your data be deleted and it works".