Companies need to justify why they are retaining personal information
And the justification is “this person holds a perpetual software license with us and we need to be able to grant them access unless they tell us otherwise”. Case closed.
It’s totally easy to check if an account has a digital software purchase on it or not. That’s just one database query. Sony is totally able to solve that.
Easy on a technical level, yes, but also harder to define in a legal document level.
A game counts - obvious. Does a game demo count? Does one piece of microtransaction DLC count in a F2P game? How does a legal document define those things?
Now that scrutiny is on it, it seems like people would’ve preferred they define this granularly. But at the time, I’m going to guess they decided it wasn’t worth legal risk of having people they did not reserve the right to delete, but also needed to delete for GDPR.
BS. You only have to prove it for the individual account. They obviously don’t have to delete my data because
you have no software purchases on your account.
I’ve honestly had it with all the anti GDPR fearmongering and propaganda. It’s not some eldritch horror that will eat your company if it notices you. It’s a powerful and at the same time pretty reasonable customer protection tool. As long as companies don’t take more data than they need to do the business the customer actually came to them for and make sure only people who need to work with the data can acces it they are in the clear 100% of the time.
And the justification is “this person holds a perpetual software license with us and we need to be able to grant them access unless they tell us otherwise”. Case closed.
Do they?
Please prove that every single PSN account has digital software purchases on it. EVERY single one.
If you fail, you’re liable for GDPR and are holding customer data past its use!
It’s totally easy to check if an account has a digital software purchase on it or not. That’s just one database query. Sony is totally able to solve that.
Easy on a technical level, yes, but also harder to define in a legal document level.
A game counts - obvious. Does a game demo count? Does one piece of microtransaction DLC count in a F2P game? How does a legal document define those things?
Now that scrutiny is on it, it seems like people would’ve preferred they define this granularly. But at the time, I’m going to guess they decided it wasn’t worth legal risk of having people they did not reserve the right to delete, but also needed to delete for GDPR.
BS. You only have to prove it for the individual account. They obviously don’t have to delete my data because you have no software purchases on your account.
I’ve honestly had it with all the anti GDPR fearmongering and propaganda. It’s not some eldritch horror that will eat your company if it notices you. It’s a powerful and at the same time pretty reasonable customer protection tool. As long as companies don’t take more data than they need to do the business the customer actually came to them for and make sure only people who need to work with the data can acces it they are in the clear 100% of the time.