- Have any questions? info@10duke.com - Developer? developer.10duke.com
The Real Cost of GDPR: Christmas will have to be cancelled
How traditional software licensing solutions are slowly killing your business…
18th February 2018
What is a floating software licence?
19th March 2018
Christmas 2018 is going to have to be cancelled.
It brings us no joy to have to tell you this, believe you me. Nevertheless, the harsh reality is unavoidable.
GDPR, in essence, involves two checkboxes. If any organisation checks both boxes, then there are two consequences. Although it pains me to do so, let’s work through this process for “Santa’s Workshop Inc”:
- If an organisation collects, stores or processes information on EU nationals, GDPR applies. It doesn’t matter where the organisation itself is based. Santa’ workshop may be based in Canada, northern Finland or Russia, but it doesn’t matter. Santa’s list involves quite a few EU citizens.
GDPR applies to Santa.
- Is the data ‘personal’? Well, this is pretty obvious – Santa provides perhaps the most tailored gift-giving service in the world (sorry Mr. Bezos…) so if he’s not working off a list that holds personal data then water is clearly not wet.
Santa works with personal data of EU citizens.
- If an organisation holds personal information on an EU citizen, that person is able to ask the organisation what information is held on them and the organisation must comply with the request. Now, seriously, has anyone among us, at any point, sent a letter to Santa’s workshop and actually gotten a reply? No, thought not…this is strike 1 for Santa.
- Related to point 3, the person should also be able to request that the personal data held on them by the company is deleted. I’m not sure why anyone would want to do this, but nevertheless, Santa’s Workshop Inc. isn’t known for its customer support channel and accordingly Santa is unable to comply with any delete request. Strike 2.
That’s it – Santa is clearly not GDPR compliant.
Share:
