Hey! Can anyone assist me in adding the fact that my micro.blog now exists and where it is hosted to my gdpr data privavy notice?! I think i‘m requiref to add it - but i‘m not sure :-/ (german citizen here)
@fschuttkowski Hi Florian. Welcome to Micro.blog. I added this post to our Discover feed, and hopefully some other German microbloggers will know the answer and reply.
@vincent awesome thank you! 🙏 Do you know where I can post bugs? I am unable to upload a test image from my iPhone :-/
There is an error, unfortunately I cannot attach a screenshot 😅
@vincent yes i am. Okay, what should i submit? The screenshot and which additional information? In the meantime it works, only for some images it doesn’t. Could be the iCloud thing you mentioned
@vincent @fschuttkowski First the obligatory disclaimer, IANAL. 😅 Now, regarding:
You don’t need a GDPR notice if you’re not a business.
It depends. There are exemptions for natural persons when it comes to processing personal data as part of a purely private activity, like adding contact information to your address book.
But that exemption may not apply if you decide to publish your address book to a large audience on, for example, your blog.
Source: The purposes and scope of GDPR.
So, to be on the safe side, you should talk to a lawyer. Or, you know, just not post personal data like names, addresses, or photographs of identifiable (and alive) EU citizens on your blog. 😊 If there’s no personal data, GDPR does not apply.
Another thing that may impact you, as a German, is the Impressumspflicht. Here’s an overview on the IndieWeb wiki.
@vincent hehe, there’s still time to change your original reply and have me look like an idiot, quoting stuff that’s not there. 😅 I would have loved not to have delved so deeply into the intricacies of GDPR, but a significant portion of my clients has historically comprised government agencies, municipalities, and the like, and they (or rather, their lawyers) are very nervous and care a lot about the regulations. (Which is a good thing!)
So, it was more or less unavoidable; I had to learn waaaaay more about GDPR than I would have otherwise to be able to do a good job.