logoalt Hacker News

guaxtoday at 6:34 PM2 repliesview on HN

That is not how gdpr works. If you have a legitimate reason to hold the data. You can. Ensuring people have access to purchases is a very legitimate reason.


Replies

computomatictoday at 6:39 PM

Is there evidence that European courts have sided with that? “We’re holding onto all your data indefinitely just in case you log in again several years from now” seems to be the antithesis of GDPR and I can’t discern the difference between that and what you’re suggesting.

I believe EU has dug their own hole here. And the best move would be to pass more legislation to explicitly require the retention (and transfer, ideally) of purchased digital goods.

show 3 replies
cccbbbaaatoday at 6:53 PM

And that data must be held for a limited amount of time under GDPR article 5(1)e. Sony’s policy is very much a consequence of this.