Thread: Who goes when
View Single Post
Old 19 Jun 19, 11:20 PM  
Link to this Post
#10
pad406
VIP Dibber
 
pad406's Avatar
 
Join Date: Apr 10
Location: Dublin

pad406's Reviews
Hotel Reviews: 2
Restaurant Reviews: 4

theDIBB Guidebook
Pages Created: 5
Originally Posted by Nimbus View Post
It doesn’t bothered me as such no. I just found it strange that collecting and presenting the information one way is not allowed but it is allowed if you collect and present exactly the same information a different way.

I always thought GDPR was about data protection and privacy of data, not on the details regarding the software methods used to collect info. Apologies for the incorrect assumption.
GDPR is about more than the protection and privacy. An awful lot of the regulations are more to do with
a) Have you the right to hold the data
b) How are you using it, can you justify having the data for the use you claim and is the subject of the data 100% clear on that use.
The actual rules regarding protecting it and ensuring it was secure changed very little, other than the fines for doing it wrong, which change a LOT, huge increase in what could be imposed.

As Stu had mentioned earlier, it was/is very difficult to get a straight and definitive answer from anybody in authority about what a data processor or data controller (lovely vague terms which are also hard to get them to nail down in respect of individual/company functions) has to do in order to protect themselves. Therefor a lot, particularly smaller companies, didn't bother, they just got rid of the data as much as possible, which I guess, understandably is what theDibb did.

As to the fact that people are posting their dates and other information in an open forum, that is their choice, no responsibility would fall on theDibb for that. It's similar to the way that they have a duty of care to protect my credit card information when I pay for Passholder, but none if I decide to type my card number into a post for all to see.

The concept and aim of GDPR is very noble, and was much needed in my opinion. But I do believe that they tried to make a rule book to fit all sizes and types of companies. While most Data Protection commissioners have clearly stated that they are not after the local sports club or society, technically the rules for them are the exact same as for Facebook, Linkedin, Twitter etc, which is a little mad

I know of many small companies that use our software which were quoted anything from €20k to €50k for a GDPR 'consultant' to give them advice, and having spoken to many of them myself, the advice was always that, they would never stand over it and give a 'rubber stamp' stating that if you followed their recommendations and processes you would be compliant.
__________________


Christmas 2018/New Year 2019 (19N) BC - RPR - BC
Christmas 2016/New Year 2017 (18N). SF, LA, Disneyland & SD
Christmas 2014/New Year 2015 (21N). BWI, Hard Rock, Beach Club
April 2012 (21N). New York, Beach Club
Christmas 2010/New Year 2011 (15N). Polynesian & AKL
Edited at 11:26 PM.
pad406 is offline Boy Mouse Click to view Members Trip Plans Add Member to Ignore List
Another Disney Christmas ?
Reply With Quote