WingNews logo WingNews
top | item 37348008

(no title)

grabeh | 2 years ago

GDPR and indeed any data protection laws may well be completely irrelevant in the context of Microsoft's services. Even if relevant, consent is unlikely to be a relevant as a processing basis under GDPR in the context of usage of MS services. Performance of contract or legitimate interests much more likely to be relevant...

discuss

order

cientifico|2 years ago

I'm my experience GDPR is relevant.

I need to inform my customers what I do with their personal data. That includes to which companies I share that data with.

Having an excel with customer data is providing that data to Microsoft. So I need, as responsible of the data, to know how they will use it. Any use case that isn't obvious have to be cleared stated in the data privacy agreement. Including moving data outside EU into other countries like America (where US government can request that data without even informing us) or using their data to train AI.

Come'on. If we need to inform that we used chatgpt (just in case they provide PI), why we will not need to inform about Microsoft.

grabeh|2 years ago

Key word is "may" be completely irrelevant! Of course, if you're providing an Excel of customer data, it will be relevant if the user is in the EU. But still, consent won't be relevant in that context.

User content may include personal data but may also not...so in some senses, better to include totality of use cases in a non-data protection related document.