Ask Lemmy
A Fediverse community for open-ended, thought provoking questions
Rules: (interactive)
1) Be nice and; have fun
Doxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them
2) All posts must end with a '?'
This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?
3) No spam
Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.
4) NSFW is okay, within reason
Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com.
NSFW comments should be restricted to posts tagged [NSFW].
5) This is not a support community.
It is not a place for 'how do I?', type questions.
If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.
Reminder: The terms of service apply here too.
Partnered Communities:
Logo design credit goes to: tubbadu
view the rest of the comments
Reposting what I posted here a while ago.
Companies abiding by the GDPR are not required to delete your account or content at all, only Personally Identifiable Information (PII). Lemmy instances are unlikely to ask for info such as real name, phone number, postal address, etc; the only PII I can think of is the email that some (not all) instances request. Since it’s not a required field on all instances, I’m going to guess that the value of this field does not travel to other instances.
Therefore, if you invoked the GDPR to request your PII to be deleted, all that would need to happen is for the admin of your instance to overwrite the email field of your account with something random, and it would all be in compliance. Or they could also choose the delete your account, if they prefer.
Source: I’m a software engineer who was tasked at some point with aligning multi-billion-dollar businesses to the GDPR, who had hundreds of millions of dollars in liability if they did it wrong and therefore took it very seriously. I am not a lawyer or a compliance officer, but we took our directions from them directly and across several companies, that’s what they all told us.
That's a Usamerican point of view, and when we are talking about the EU's GDPR, it is wrong.
You need to talk about all data that is, or can be, related to a person.
If I've got it right it's anything that can directly or indirectly identify you. I would've thought most things here wouldn't fall under gdpr except maybe email addresses or if they've specifically mentioned something identifiable in comments or posts. One other thing I think that might be a problem is the data on pictures from a phones camera might indicate where and when it was taken which could narrow down that users location. I know some hosting sites strip this data but some might keep it.
No.
Anything that is related to you as a person. This is more than the things that identify you. For example things that you have done, places where you have been ... comments that you have written.... You could say: all that your stalker wants to know about you.
All things here fall under the GDPR, but maybe not all things must be deleted on user's request. That is a different question then! For example, one could argue that by posting an article or a comment, the user has agreed that it gets published here and then it cannot be taken back.