Jump to content

One more question


Recommended Posts

Ask your DPO ;)

Which areas have you ticked off:

  • Breach Notification
  • Customer Consent
  • Data Protection Officer
  • Data Portability
  • Data Requests
  • Increased Territorial Scope
  • Privacy by Design
  • Right to Access
  • Right to be Forgotten
  • Terms of Service

As a first step write up a "Data Protection Plan" with these as headings, detail your processes involved in each - and how they relate to your services and partnerships.  Seek third party expertise as appropriate.  Reference and review regularly so it becomes cultural and part of every process.

Link to comment
Share on other sites

5 hours ago, mazoku said:

By the way you are happy to be in Canada. Just block the EU and thats it.

No need to block the EU. For companies outside of the EU, GDPR only applies if the company targets EU residents. For example, if your game provides European translations, or your IAPs allow the user to specify price in EU currencies, or if your site is a co.uk domain, or if you directly advertise or promote to EU residents, etc, etc. If there is nothing about your game or site that can be construed as targeting EU residents, and you have no presence in the EU, then you can ignore GDPR.

Link to comment
Share on other sites

Ignoring GDPR might be ok for non-EU markets in the short term.  But if gaming is a global market with a global audience why delay?  The GDPR regulations represent good practice (and what Generation-Z expect, EU or otherwise) - and a process-oriented small business will already be (mostly?) compliant.  I think the commercial incentive will become more apparent over the next 6-12 months, as dealing with non-EU parties in non-EU territories will soon stipulate GDPR compliance for their vendors (a trickle-down effect).  Entrepreneurs, you're now a DPO :)

Link to comment
Share on other sites

I want to ignore it but we are in EU. Mostly for the bad stuff. Never for the good stuff.

Now you have to ask the visitor - do you like to watch ads and he can choose no. If yes - you ask again - do you like to watch personalized ads? Who will choose yes? So it looks we are working for free already. 

Simple cookie consent is not enough and is not compliant.

And I don't see how this stuff is good. Its disaster for businesses. Especially for small ones. Facebook for example won't have a problem, its users are stupid enough. 

Link to comment
Share on other sites

1 hour ago, mazoku said:

Facebook for example won't have a problem, its users are stupid enough. 

This is an extremely glib statement. FB track users in a myriad of ways, all of which must now be exposed to users, that is extremely beneficial to users of any product.

Whether it actually has an effect or not is not yet known, but most companies are tracking how users respond to their tracking preferences (which, in itself, is interesting). The point is that providers are now required to give end users more information about what their product does, this puts these issues in the minds of the end users, which is a good thing as many people are not tech savvy and have little understanding what the implications are for them. Most ignore it completely as they don't understand it, but the point is that many will now start questioning what these things mean for them and that is a wholly good thing.

GDPR also covers things like the right to be forgotten (for free) and the subject access request (for free) as well as a host of other things. Whilst annoying for companies and developers most are already compliant with many of the regulations and its a great thing for users.

I don't know how it impacts advertising but isn't tracking consent enough? So long as you explain why you are using cookies (or other persistence) and what you are tracking the advertising video bit becomes irrelevant no?

Link to comment
Share on other sites

Because of this stuff I am unpublishing most of my apps on my personal android account. They are old and not making much but I don't want to risk. My company apps need update but I am not sure with Admob what I need to add to them. 

Link to comment
Share on other sites

12 hours ago, mazoku said:

And one more question. When you record the positive consent of a user, what data for the user you record?

Very little, and nothing that could be construed as PII.

Could literally be a single key/value pair in local storage: `consentAll: true`. You must then use that value in subsequent visits to the site to control behaviour (in your case this could be used to turn Admob on or off).

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...