[Board] GPDR

Ben Caradoc-Davies ben at transient.nz
Mon Jul 16 15:15:06 PDT 2018


I think you are right (but I am not a lawyer). There seems to be a 
misconception that GDPR requires new consents (see the annoying flood of 
emails and popups) but the EU authorities seem to say that it usually 
does not. Our problem is that we are storing all this identity 
information and need to discard anything no longer needed, be prepared 
to handle requests for correction or erasure, and, worst of all, need to 
be able to assess when we should refuse such requests because the 
personal information is required to defend copyright. This last point 
could be quite time consuming.

On 17/07/18 09:45, Basques, Bob (CI-StPaul) wrote:
> Item a.  - The data subject has given consent by participating in the OSGeo discussion by signing up for a list (on his own I might add, have we already been in compliance?)

-- 
Ben Caradoc-Davies <ben at transient.nz>
Director
Transient Software Limited <https://transient.nz/>
New Zealand



More information about the Board mailing list