My host announced they are now compliant... so that takes care of me being liable for the way my host stores data even though I don't store sensitive or identifiable user data.
My only other point of interest is Adsense, and Google's recent email inferrs they are/will be compliant as well and if they aren't ready in time, it easy to suspend ads until they are.
Travis
10:10 am on Apr 24, 2018 (gmt 0)
I run my own server, I think that I am compliant and ready. I spent a whole year (I work alone) working on the subject, and studying all details, and that I think that "in my case", all is fine. And yes, the only thing I am waiting after is Adsense.
I am also at media.net, even if I don't use them*, and they never answered my emails about GDPR, their cookie and tracking usage. So I guess that I am not going to try using them.
* like a lot of testimonies I read, when I joined media.net it worked great for some weeks, then totally collapsed. At first they were answering all emails in a matter or minutes or an hour at worse, but no more. so I am puzzled about media.net.
Mark_A
12:30 pm on Apr 24, 2018 (gmt 0)
I heard a radio program mention it this morning. One might think if one has perhaps a B2B business without much contact with the general public that we aren't going to get too many SARs, but as the deadline approaches there will be more and more publicity and I think a lot of people are going to know that they can demand a copy of all the information a company has on them.
And who can say, how many of them will demand it?
Travis
12:59 pm on Apr 24, 2018 (gmt 0)
And who can say, how many of them will demand it?
Yes. And with 500 millions (?) EU citizens, you can guess that some will use their rights :)
Travis
10:07 am on Apr 25, 2018 (gmt 0)
Only 7 percent of businesses GDPR-compliant as deadline looms, data privacy gains prominence [tmcnet.com...]
Mark_A
12:34 pm on Apr 25, 2018 (gmt 0)
Yes. And with 500 millions (?) EU citizens, you can guess that some will use their rights :)
I am fine with, once they are identified, providing name address email add and phone number which we may have on them, but it will be some work to produce all emails someone may have exchanged with us and to redact detail that may be other people's private information, and then there is server logs. Even if they can prove they were on an IP on a range of dates, unless it is a fixed IP, other people could have also been on that IP .... how do I know which records are the subjects? I think that is a mess honestly.
I would prefer to delete the final octet of the IP address from all logs and then decline to produce internet logs because they have in fact been anonymised.
