To be eligible for things like a GDPR Data deletion request etc, is it enough that I am a citizen or must I be a resident? ty :)

  • paysrenttobirds
    link
    fedilink
    arrow-up
    13
    ·
    1 year ago

    In a practical sense, I can tell you that in mobile apps, some parts of gdpr are implemented based on phone language settings or in the case of websites, the domain suffix of the page (.fr or .de, etc). I’m guessing this is an interpretation of the section described here:

    strong indications that a non-EU business is intentionally offering goods or services to data subjects in the EU and may therefore be subject to the GDPR:

    • Use of the language of an EU Member State (if the language is different than the language of the business’ home state);4
    • Use of the currency of an EU Member State (if the currency is different than the currency of the business’ home state);
    • Use of a top-level domain name of an EU Member State;
    • Mentions of customers based in an EU Member State; or
    • Targeted advertising to consumers in an EU Member State.

    Most people seem to be leaning toward just applying them to anyone as that’s the way things are headed and once you’ve figure out how to do it technically it’s easier to just do it all the same way. Also, the EU is doing it’s best to set precedent for a broad interpretation.

    • Hyperreality@kbin.social
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      This is why the EU is sometimes called a regulatory super power. Because the market is so large and important, the rest of the world often adopts EU regulations. Whether it’s GDPR or environmental standards, it’s cheaper to make one EU compliant version of your product or part than different versions for different markets.

      Not any other kind of super power though, we’re far too busy squabbling amongst ourselves. Some still haven’t learnt the lessons of the last two world wars.