• Akasazh@feddit.nl
    link
    fedilink
    English
    arrow-up
    2
    ·
    9 months ago

    GDPR is opt out, so you wouldn’t get any benefit until you complain. Plus:

    Not really I must consent to an unambigious statement before data may be processed.

    https://gdpr.eu/gdpr-consent-requirements/

    (GDPR) excludes “pseudonymised” data

    Thats a bit too broad of a statement:

    Anonymization and pseudonymization are still considered as “data processing” under the GDPR—therefore, companies must still comply with Article 5(1)(b)’s “purpose limitation” before attempting either data minimization technique.

    While truly “anonymized” data does not, by definition, fall within the scope of the GDPR, complying with the definition is so rigorous that a data controller should be extremely cautious before attempting to use anonymization as a way to circumvent the GDPR completely.

    Source: https://www.morganlewis.com/pubs/2019/12/the-edata-guide-to-gdpr-anonymization-and-pseudonymization-under-the-gdpr