Discussion Forums  >  BT.com Website, Account Questions

Replies: 7    Views: 212

Bonzo
Apple Fan
Profile
Posts: 756
Reg: Jan 30, 2012
Hampshire, ENGL...
13,260
05/23/18 09:00 AM (4 months ago)

Are Buzztouch conforming to new european GDPR law effective 25th May

I've been receiving emails galore for all companies that i have my data registered with as they start to conform with the new European law.

I've not received anything from Buzztouch yet. Are they aware of this new law effective this friday?
 
SmugWimp
Smugger than thou...
Profile
Posts: 6310
Reg: Nov 07, 2012
Tamuning, GU
81,350
like
05/23/18 07:25 PM (4 months ago)
Buzztouch was or maybe still is a US Company. It may have changed 'head office' locations since Kaybee obtained it, and that would be Australia, I suspect.

That said, I think Tomas was doing a BT Europe, and maybe he can answer. But I'm not certain if US companies are obliged to conform to the new European law.

I'm pleased with the new law, by the way. I'd rather they ask me if I want to stay in, rather than assume.

Cheers!

-- Smug
 
MacApple
Apple Fan
Profile
Posts: 4640
Reg: Oct 25, 2010
USA
60,800
like
05/24/18 03:39 PM (4 months ago)
Thomas is and always will be a cretinous clown. I wouldn’t trust him to walk my dog.
 
MadRod
Aspiring developer
Profile
Posts: 1842
Reg: Apr 12, 2012
Lisbon
27,820
like
05/25/18 03:26 AM (4 months ago)
hey Guys, it doens't matter if the company is US or Australian or whatever, it has to do if you company leads with EU users. If any company has info on EU citizens they must oblige to the new law.
So Buzztouch much do so as well.

If they need help, I can help them sort it out.
 
krompa
Lost but trying
Profile
Posts: 257
Reg: Jun 14, 2013
Bristol
8,820
like
05/26/18 05:19 AM (4 months ago)
If, through the distribution of your apps/websites, you hold any personal data of EU residents, then GDPR is also relevant to you and you will need to take appropriate action in line with the policies set out in GDPR.

https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en
 
tb
buzztouch Evangelist
Profile
Posts: 2049
Reg: Nov 03, 2011
uk
32,290
like
05/27/18 07:50 AM (4 months ago)
I can only echo what has been said above. GDPR applies to all personal data held against EU citizens, whether or not the company holding the information is based within the EU or not. This will apply to the privacy policies in all our apps too, as well as Buzztouch itself.

Here's a good simple explainer video I've been referring people to lately:
http://www.bbc.co.uk/news/av/technology-44006602/what-is-gdpr-technology-explained

As far as I can see, I wouldn't think that Buzztouch is in any breach of this, as they would have had to comply to the previous Data Protection Act anyway, which isn't too dissimilar. It would be worth @Kaybee investigating this though, as the last thing I want is for buzztouch, or indeed any company, to be faced with a large fine.

However be careful to make sure to comply to this in your apps too, if you hold data about any people. The link @krompa provided above is excellent for this... thank you for finding this!

Also consider there are similar data laws around the world too.
 
MacApple
Apple Fan
Profile
Posts: 4640
Reg: Oct 25, 2010
USA
60,800
like
05/31/18 03:37 PM (4 months ago)
Bonzo - email me?
 
tompos
Veteran developer
Profile
Posts: 96
Reg: Oct 19, 2013
Wrzburg
7,060
like
06/25/18 03:21 AM (3 months ago)
Hi... a late reaction ;-).

Here are some comments – beyond what has been said before.

1) In a naive interpretation you may think of "personal data" as your (email) addresses, phone numbers, family members, hobbies, political preferences, etc. But even an IP address is regarded as "personal data" because it may allow to identify your online behavior.

2) So the BT related question is: Does the BT backend on buzztouch.com or on your self hosted server store a list of IP addresses? If so, the fun begins: Each app developer would need a "Data processing agreement (DPA)" with Buzztouch. The background is that Buzztouch processes these personal data on behalf of the app developer. Such a DPA would clarify how long these IP addresses (and other data?) would be stored, how an app user might initiate a process to delete these data... etc. I guess that BT would not be prepared to provide such procedures... and such a DPA.

For the same reason, many web design companies remove Google Font Api calls from the websites of their clients. Google's business model is very interesting: They let website owners use their fonts for free. But each time a website is opened in a browser, Google gets the IP address of the user and in this way Google can track the surfing habits of us all... Thus the tiny IP information is in the focus of GDPR as well. (BTW, the solution for these websites is to load the Google fonts directly to the web server and to avoid the API calls).

3) Back to BT: There still remains the problem that the BT servers are outside the EU. Having non-EU companies process personal data is a specific issue...

4) While the link of krompa is fine, I guess we need BT (@Kaybee) to clarify the mentioned issues. I completely agree that while GDPR is very restrictive, it may not be too different to other regulations and it seemed to me that the FTC is following a similar path.

5) Finally... Europe. I hope that you are talking about another Thomas ;-). If it is related to the german version of BT at http://www.buzztouch.de you will see things have not changed too much since Mario set up & translated the backend (https://www.buzztouch.de/forum/). I would not expect too much help in this respect from a European BT initiative.

In general, I welcome many aspects of GDPR. However, BT might be a typical example that privacy policy laws, that are intended for Facebook, Amazon, etc. will hit smaller companies severely. In May I took a great review of all the companies that process personal data of my clients (web hosting, webinars, CRM, payment processing, cloud services, ...). I was surprised how many companies are involved. And of course... I had to substitute companies that are not able or willing to provide such DPAs with those that do.

While BT has a hard time to position itself anyway... a non-reaction to this GDPR problem would be a major challenge.

Best wishes
Thomas
 

Login + Screen Name Required to Post

pointerLogin to participate so you can start earning points. Once you're logged in (and have a screen name entered in your profile), you can subscribe to topics, follow users, and start learning how to make apps like the pros.