On Tue, 28 Jan 2020 at 00:04, Benjamin TERRIER <[email protected]> wrote: >> >> I know, but since there's no free right to download binaries, GDPR >> >> doesn't prevent getting explicit consent before allowing >> >> a download. Would you like me to give people more ideas? :) >> > GDPR states that data collection shall be "limited to what is necessary". >> > Requiring explicit consent for the user to provide data is not enough to >> > be GDPR compliant. >> > The required data has to be "necessary". >> >> That is one of six lawful bases for processing data. There are five >> others. GDPR doesn't require all six >> to apply, it requires at least one. > > > I believe you are talking about article 6, I am talking about article 5 which > does not have this "at least one" clause.
Correct. Necessary for specific purpose seems to be what article 5 requires, and then you get explicit consent for that specific purpose, and GDPR's articles 5 and 6 are covered (of course the rest of article 5's requirements need to be covered). You're not necessarily going to like that specific purpose (or the outcome of all this, including the consent query), but GDPR requirements don't seem too difficult to fulfil, and there's nothing particular in the new offering that would instantly and obviously go even close to violating GDPR, based on my layman reading of it. I don't think GDPR will change the course of the offering, so if you want to change that course, I think you need a different avenue of argumentation. _______________________________________________ Development mailing list [email protected] https://lists.qt-project.org/listinfo/development
