Purging personal info per UKGDPR #misc


Bob Bellizzi
 

Mark I received an unsubscribe today from a UK person who requested me to remove all personal information per the UK GDPR.
Luckily, she unsubscribed prior to any posting.
But after removing her from a welcome message I am still stuck with a Past Members' record.
Technically, the Past Member Record should be purged.
Do you know if it's safe to just leave it or does a change have to be made to the system to handle this.
Bob
--

Bob Bellizzi
FuchsFriends@groups.io online  support  group for corneal dystrophy patients & caregivers
The Corneal Dystrophy Foundation 


 

What personal info is in her member record?

On Sun, Oct 10, 2021 at 8:08 PM Bob Bellizzi <cdfexec@...> wrote:
Mark I received an unsubscribe today from a UK person who requested me to remove all personal information per the UK GDPR.
Luckily, she unsubscribed prior to any posting.
But after removing her from a welcome message I am still stuck with a Past Members' record.
Technically, the Past Member Record should be purged.
Do you know if it's safe to just leave it or does a change have to be made to the system to handle this.
Bob
--

Bob Bellizzi
FuchsFriends@groups.io online  support  group for corneal dystrophy patients & caregivers
The Corneal Dystrophy Foundation 


--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


Bob Bellizzi
 

I've wiped her except for her email address as one who left and 6 activity notes w/her email address in them.
I'm pretty sure that an email address is personal but I don't think even a group owner can delete that record.

--

Bob Bellizzi
FuchsFriends@groups.io online  support  group for corneal dystrophy patients & caregivers
The Corneal Dystrophy Foundation 


Bob Bellizzi
 

Forget it for tonight.  I've just scanned a relevant part of that GDPR and it seems to go in circles.
Another day; another viewpoint.  thanks for asking,
bob
--

Bob Bellizzi
FuchsFriends@groups.io online  support  group for corneal dystrophy patients & caregivers
The Corneal Dystrophy Foundation 


 

I wonder whether the simple existence of an email address on a site can be considered personal information, especially if not linked somehow to a real name.


On Oct 10, 2021, at 8:35 PM, Bob Bellizzi <cdfexec@...> wrote:

Forget it for tonight.  I've just scanned a relevant part of that GDPR and it seems to go in circles.
Another day; another viewpoint.  thanks for asking,
bob
--

Bob Bellizzi
FuchsFriends@groups.io online  support  group for corneal dystrophy patients & caregivers
The Corneal Dystrophy Foundation 


--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


Steve Hayes
 

On 10 Oct 2021 at 20:41, J_Catlady wrote:

I wonder whether the simple existence of an email address on a site can be
considered personal information, especially if not linked somehow to a real
name.
If it were, wouldn't that make telephone directories illegal?

Are there plans to have a book burning of all old telephone directories held
in libraries?



--
Steve Hayes
E-mail: shayes@dunelm.org.uk
Blog: https://methodius.blogspot.com/
Web: http://www.khanya.org.za/stevesig.htm
Phone: 083-342-3563 or 012-333-6727
Fax: 086-548-2525


 

Work email addresses are considered personal info, since they contain the person’s full name and place of employment. So I guess those need to be scrubbed? IANAL

On Oct 10, 2021, at 9:54 PM, Steve Hayes <hayesstw@telkomsa.net> wrote:

On 10 Oct 2021 at 20:41, J_Catlady wrote:

I wonder whether the simple existence of an email address on a site can be
considered personal information, especially if not linked somehow to a real
name.
If it were, wouldn't that make telephone directories illegal?

Are there plans to have a book burning of all old telephone directories held
in libraries?



--
Steve Hayes
E-mail: shayes@dunelm.org.uk
Blog: https://methodius.blogspot.com/
Web: http://www.khanya.org.za/stevesig.htm
Phone: 083-342-3563 or 012-333-6727
Fax: 086-548-2525






--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


Dave Wade
 

Steve,

You have had the option to opt out of the phone directory for as long as I
can remember.
Do libraries still have paper copies? Don't they send you to a computer
terminal? I don't even know if a paper directory is still produced.
E-mail addresses are personal information.
GDPR is a total mess. "Informed Consent" is only one reason to hold data.

Dave

-----Original Message-----
From: main@beta.groups.io <main@beta.groups.io> On Behalf Of Steve
Hayes
Sent: 11 October 2021 05:54
To: main@beta.groups.io
Subject: Re: [beta] Purging personal info per UKGDPR #misc

On 10 Oct 2021 at 20:41, J_Catlady wrote:

I wonder whether the simple existence of an email address on a site
can be considered personal information, especially if not linked
somehow to a real name.
If it were, wouldn't that make telephone directories illegal?

Are there plans to have a book burning of all old telephone directories
held in
libraries?



--
Steve Hayes
E-mail: shayes@dunelm.org.uk
Blog: https://methodius.blogspot.com/
Web: http://www.khanya.org.za/stevesig.htm
Phone: 083-342-3563 or 012-333-6727
Fax: 086-548-2525






Malcolm Austen
 

On Mon, 11 Oct 2021 04:05:33 +0100, Bob Bellizzi <cdfexec@...> wrote:

Technically, the Past Member Record should be purged.

IANAL but I don't believe that is the case Bob. GDPR allows you to keep a record that you previously had a working relationship with a person. As GIO identifies by email address, then that address can remain in a past member record.

You are, of course, allowed to keep a record of the GDPR request and your actions on it.

Malcolm.

--
Malcolm Austen - email: malcolm.austen@...


Bruce Bowman
 


Andy Wedge
 

On Mon, Oct 11, 2021 at 07:10 AM, J_Catlady wrote:
Work email addresses are considered personal info,
Any data or combinations of different data that allow you to identify someone can come under the category of personal data. The name 'Mark Fletcher' may not be considered as personally identifiable as there are probably lots of Mark Fletchers in the world but if you combine that with Groups.io then it identifies just one person. See https://gdpr.eu/eu-gdpr-personal-data/ if you want to read a bit more.

@Bob, as Bruce pointed to the Compliance page, one thing you can get you ex-member to do is to delete her Groups.io account.

Andy


 

Hi All,

According to the GDPR lawyers I worked with, we don't have to remove that information (and we also don't have to remove any messages the person posted to the group).

Cheers,
Mark


 

On Mon, Oct 11, 2021 at 07:35 AM, Mark Fletcher wrote:
we also don't have to remove any messages the person posted to the group
That always made sense to me. I thought GDPR info referred to info *about* the person, not info posted *by them*.  I remember a former discussion about this here.
 
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


Noel Leaver
 

> That always made sense to me. I thought GDPR info referred to info *about* the person, not info posted *by them*.  I remember a former discussion about this here.
 
I had a problem that when I proposed migrating from Yahoo to groups.io one person said they refused permission for their messages to be copied/moved. Which is a rather different issue.

 

Noel


Bob Bellizzi
 

Thank you, Mark, for that answer.

We've had hundreds of people join our group from the UK during our more than 20 years of operation  her and on Yahoo and never had a person formally request conformance.
An  only 3 day member doing this raises my hackles.  Is this her new career, bugging the Colonials?
(Remember yahoo?  They snatched defeat from the jaws of victory.)
How many remember who that phrase was first applied to in the computer biz and when?
--

Bob Bellizzi
FuchsFriends@groups.io online  support  group for corneal dystrophy patients & caregivers
The Corneal Dystrophy Foundation 


Bob Bellizzi
 

However, since we require a fairly comprehensive Join Form from applicants I did delete her record from that database.
--

Bob Bellizzi
FuchsFriends@groups.io online  support  group for corneal dystrophy patients & caregivers
The Corneal Dystrophy Foundation