> "Adrian" == Adrian Bunk writes:
Adrian> If I send an email requesting all data Debian has about me to
Adrian> data-protect...@debian.org, will I receive a complete reply within
the
Adrian> expected time, including all data members of delegations like the
Adrian> Debian Ac
On Fri, Apr 05, 2024 at 04:38:57PM +0200, Andreas Tille wrote:
> Hi Adrian,
Hi Andreas,
> Am Fri, Apr 05, 2024 at 12:41:17AM +0300 schrieb Adrian Bunk:
>...
> > Many parts of Debians Privacy Policy look questionable.
> >
> > For example the rights are not stated, and in addition to this being a
On 05/04/24 03:11, Adrian Bunk wrote:
Hi,
this email has two parts:
A short question where I would appreciate a "yes" or "no" answer from
all candidates, and a longer explanation what and why I am asking.
Question:
If elected, will you commit to have a lawyer specialized in that area
review
Hi Adrian,
Am Fri, Apr 05, 2024 at 12:41:17AM +0300 schrieb Adrian Bunk:
> this email has two parts:
> A short question where I would appreciate a "yes" or "no" answer from
> all candidates, and a longer explanation what and why I am asking.
>
>
> Question:
>
> If elected, will you commit to h
Hi,
this email has two parts:
A short question where I would appreciate a "yes" or "no" answer from
all candidates, and a longer explanation what and why I am asking.
Question:
If elected, will you commit to have a lawyer specialized in that area
review policies and practices around handling o
On Sat, Apr 02, 2022 at 12:21:24PM +0200, Christian Kastner wrote:
> On 2022-04-02 10:55, Adrian Bunk wrote:
> > Where does our Privacy Policy[1] describe personal data where Debian and
> > the community team are joint controllers?
>
> > Where does our Privacy Policy describe personal data where
Hi Adrian,
On Fri, 2022-04-01 at 23:48 +0300, Adrian Bunk wrote:
> Will this handwritten note be available through
> contributors.debian.org?
>
> If the personal information in the handwritten note did not come
> directly from the person, who at Debian is responsible to ensure that
> the person
On 2022-04-02 10:55, Adrian Bunk wrote:
> Where does our Privacy Policy[1] describe personal data where Debian and
> the community team are joint controllers?
> Where does our Privacy Policy describe personal data where Debian and
> DAM are joint controllers?
Has it been established yet that Deb
On Fri, Apr 01, 2022 at 09:25:46PM +0200, Jonathan Carter wrote:
> On 2022/04/01 20:28, Adrian Bunk wrote:
> > Would you commit to something more specific, like that our Data
> > Protection team will reply to debian-project within 3 months discussing
> > all issues mentioned in the discussion at [1
On Fri, Apr 01, 2022 at 04:57:38PM -0600, Sam Hartman wrote:
> > "Adrian" == Adrian Bunk writes:
> Adrian> Your "services" approach does not work for the non-trivial
> Adrian> cases where Debian might be a (joint) controller of personal
> Adrian> data.
>
> Adrian> The Debian C
On Fri, 1 Apr 2022 22:16:55 +0300
Adrian Bunk wrote:
> One option would be to outsource this work to our paid GDPR lawyer.
Is there any option to cooperate with other FLOSS organizations?
They would have the same issue and we may be able to share it and
costs ;)
--
Hideki Yamane
> "Adrian" == Adrian Bunk writes:
Adrian> Your "services" approach does not work for the non-trivial
Adrian> cases where Debian might be a (joint) controller of personal
Adrian> data.
Adrian> The Debian Community Team promises confidentiality regarding
Adrian> personal inf
On Fri, Apr 01, 2022 at 09:18:53PM +0200, Tollef Fog Heen wrote:
> ]] Adrian Bunk
>
> > Who will fulfill the request within the legal limit of one month if
> > a person sends an email to data-protect...@debian.org asking whether
> > Debian is a (joint) controller of any data about this person, an
On 2022/04/01 20:28, Adrian Bunk wrote:
Would you commit to something more specific, like that our Data
Protection team will reply to debian-project within 3 months discussing
all issues mentioned in the discussion at [1] so far, and with their
reply having been proof-read by our GDPR lawyer?
On Fri, Apr 01, 2022 at 08:46:42PM +0200, Tollef Fog Heen wrote:
> ]] Adrian Bunk
>
> > Would you commit to something more specific, like that our Data
> > Protection team will reply to debian-project within 3 months discussing
> > all issues mentioned in the discussion at [1] so far, and with
On Fri, Apr 01, 2022 at 07:40:02PM +0200, Tollef Fog Heen wrote:
>...
> This isn't the role of the data protection team, though, any more than
> owner@bugs is responsible for fixing all the bugs in all the packages.
> I'm quite happy to act as a redirector (as per the first part of the
> delegation
]] Adrian Bunk
> Who will fulfill the request within the legal limit of one month if
> a person sends an email to data-protect...@debian.org asking whether
> Debian is a (joint) controller of any data about this person, and
> if yes requests a copy of all data?
To make this easier for services a
On Fri, Apr 01, 2022 at 09:28:53PM +0300, Adrian Bunk wrote:
> Would you commit to something more specific, like that our Data
> Protection team will reply to debian-project within 3 months discussing
> all issues mentioned in the discussion at [1] so far, and with their
> reply having been pro
On Fri, Apr 01, 2022 at 07:02:15PM +0200, Jonathan Carter wrote:
> Hi Adrian
Hi Jonathan,
>...
> I'm not sure bringing in the lawyer as a first step is optimal, they are
> expensive and will probably tell us a lot of things we already know. IMHO
> it's better to do some initial groundwork, compil
]] Adrian Bunk
> Would you commit to something more specific, like that our Data
> Protection team will reply to debian-project within 3 months discussing
> all issues mentioned in the discussion at [1] so far, and with their
> reply having been proof-read by our GDPR lawyer?
I don't think th
]] Jonathan Carter
> So, I would appreciate it if the data protection team could look into
> all of the issues we know of in Debian, but I'd also like there to be
> a process where people can file issues with the data protection
> team. I'll admit I had to search a bit to find the data-protection
Hi Adrian
(I'm including the data-protection team, perhaps they can expand on your
question or comment on my feedback)
On 2022/03/31 22:08, Adrian Bunk wrote:
The discussion starting in [1] is about privacy in Debian with a focus
on the GDPR of the European Union.
It started with the GDPR,
Hi,
On Thu, 31 Mar 2022 23:08:41 +0300
Adrian Bunk wrote:
> If elected, will you ask our Data Protection team and our GDPR lawyer to
> jointly do a review of all handling of personal data in Debian regarding
> GDPR compliance,
Yes.
> and make the results of the review available to all
> dev
Hi Adrian,
On Thu, Mar 31, 2022 at 1:24 PM Adrian Bunk wrote:
>
> The discussion starting in [1] is about privacy in Debian with a focus
> on the GDPR of the European Union.
>
> There seems to be a general agreement that privacy in Debian falls
> short of the legal minimum requirements at least i
The discussion starting in [1] is about privacy in Debian with a focus
on the GDPR of the European Union.
There seems to be a general agreement that privacy in Debian falls
short of the legal minimum requirements at least in the EU.
Even the exact scope of the problem is not clear.
Question to
25 matches
Mail list logo
