@wemmick: As I've said, I've been working on GDPR compliance myself for the past month, and it was a lot of work (more than I expected), so I also understand that this must be very frustrating and cost a lot of developer time that could be spend on improving the site in different ways. I know it feels unfair and I know a lot of people will agree with you when you say that ads require cookies and GiantBomb requires ads to pay the bills, but the law is pretty strict to when you're allowed to use my (and other European's) data without asking explicit information and serving ads is not one of the reasons. Article 6 of the GDPR (Lawfulness of processing) gives you the 6 legal reasons to collect personal data:
- When you have explicit consent (opt-in)
- When you need to use my data to fulfil a contract I have with you
- When there is a legal obligation to collect my data
- When my life, or that of someone else is at stake
- When my data is needed for a task carried out in the public interest
- When my data is needed for a legitimate interest; which is pretty limited. You can for instance collect some information to prevent fraud.
Even if the language of the privacy policy is/was standard, the GDPR actually wants people to read those policies, so they need to be easy to read and not full of legalese.
I understand that everything takes time, and I hope GiantBomb will manage to be GDPR compliant in the future.
Log in to comment