GDPR (niche thread)


#181

The opt in emails are my favourite thing.


#182

so, SO many now


#183

The weird thing with the last one I got was that I could see everyone else that it had been sent to. Doesn’t seem to be in the spirit of things.


#184

jesus. this is what happens when companies that don’t have digital staff need to do something unexpected :///


#185

A reply-all-pocalypse is just what GDPR needs.


#186

the biggest nightmare on my side has been making sure our creaky old database can actually stand up to scrutiny in being secure. it’s been fun, i tells ya


#187

It was from an artbook company!


#188

He won’t be posting much if you give him that much responsibility


#189

I’m mainly using GDPR as a way to trim the flow of spammy rubbish I’ve signed up to over the years.


#190

Free bananas in the kitchen, ideally. (OK it’s internal but if you haven’t seen this, trust me you want to).


#191

Today my employers GDPR project manager who was in the middle of a fairly crucial stakeholder presentation, had a pop up Lotus Notes reminder appear on his screen saying “buy Slayer tickets.” The meeting digressed for ten minutes while the insights director played Reign In Blood so everyone could get up to speed on who Slayer are. It was a moment of surreal respite in the middle of what has been an absolute horror show to get through.


#192

#193

You’re giving me one last chance to RE-subscribe to something that I actively unsubscribed to a while back? Gee thanks guys.

image


#194

Holy shittttt that’s a definite no-no. Reply and tell them you’re sending it to the ICO, really shit them up.


#195

wow.


#196

My feeling is that most companies wouldn’t be able to evidence their previous versions of consent to the ICO if they ever existed in the first place and so are re-sending all of these emails so that they can document it if required. For a lot of these marketing emails I suspect that consent is the only one of the six legal grounds that applies.

The potential GDPR fines are so large once it comes into force that businesses would probably rather commit a technical breach of the law today before GDPR comes into force by re-seeking consent that they can evidence rather than either losing their existing mailing lists entirely or risking continuing to process existing personal data on the basis of shonky/unclear prior consent.

Also, there’s so much guidance circulating and so much of it’s contradictory, very technical or unclear that I’m not surprised it’s being interpreted in very different ways. I’m the DPO for my practice and have had wildly different advice from various parties about how we can legally text appointment reminders to our patients under GDPR. It’s just going to come down to interpretation and documenting steps we took to assure ourselves of the legal basis for it I think.


#197

this. i’ve had so many dickhead colleagues sending me that fucking guardian article triumphantly, as if it renders the process completely null and void. FUCK OFF.


#198

Some good replies here (if you’re into LC!)


#199

I help out a couple of bands and while I’m still clueless as to whether new consent really had to be sought, I’ve used it as an excuse to get them both onto Mailchimp.


#200

Having to do an online course on this boring bollocks

Jesus Christ…