originally posted by: BlueAjah
a reply to: studio500
I believe that when we first created our profiles we accepted the Terms and Conditions as part of the sign up process. It was a long time ago when I
signed up, but I am pretty sure that counts as a legal opt-in.
Your scenario above about removing all posts is not actually something that would be required under GDPR. Posted material is not personally
identifying information as defined by the law. However, UserIDs or identifiers are considered personal information. So, if a user requested that their
personal information be removed, I think perhaps ATS could get around that by removing all info in the profile and changing the UserID to something
Under GDPR all previous assumed compliance or so called opt ins are no longer valid.
Post GDPR implementation date the user must be given the ability to provide explicit consent which should not be in the form of implied consent or pre
As for forum posts, yes, some information can be retained as you state, but any identifying information must be removed.
The problem here is who would want to search through thousands of posts or replies to identify such data.
I know I wouldn't.
Let me once again reiterate that I was only trying to be helpful here.
I'm certainly not banging any drums saying to anyone I'm right, you're wrong etc etc.
I posted firstly to give ATS the heads up and secondly to help avoid any problems to the management.
I run my own Architectural forum, it doesn't sell anything. is non commercial and in many ways is much like ATS and I'm doing everything possible to
cover my legal obligations as required by the GDPR legislation.
I am however, located in the EU and that is a big difference.
ATS have made their stance clear and I am acutely aware that if i try to provide any further insight or assistance in this matter through genuine
concern for a community that I love and appreciate, that my comments may not be viewed in the helpful way they are intended.
I have no intention of getting into a verbal disagreement with anyone over a matter that doesn't really affect me, other than denying me and other EU
nationals of certain data and privacy rights that the GDPR provides.
I can live with that though. It doesn't really change anything for me and I'm sure ATS keeps all our data safe as responsible forum site owners.
In relation to GDPR in general though and moving away from ATS.
One of the biggest misconceptions here is the idea that the GDPR relates only to businesses when in fact it relates to any website storing personal
information belonging to EU nationals. That's is where many websites will fall foul of this legislation.
Personal data don't forget, can be as minute as an ip address or Username.
But for me personally, that's the end of my input and may I thank management for their response.
Have a great day everyone