UK citizen and 23andMe customer here. How likely is the sale of UK/EU customer data, or is it worth submitting a GDPR deletion request anyway? Get my data deleted before it's sold.
Whatever you do, do it soon, because it doesn’t sound like they’re long for this (corporate) world, before they sell all that data to (probably) much more nefarious vultures that are circling
gdpr might help you with data in a web database or data warehouse but if they have anything outside of that you're still screwed. I doubt a failing company has the time, energy, or resources to comprehensively clean up your data everywhere. Definitely submit the request but don't expect it to prevent your info from being resold
GDPR covers all personal data, that would include any DNA. It also includes the prevention of creating profiles without your consent.
But as 23andme is an US company, it is not under the jurisdiction of the GDPR. The legal situation isn't clear, the EU would claim some jurisdiction, but I (IANAL) think it's more like you go to the US, walk into a Walgreen and give up your data.
It depends on the ToS they had at the time, when they started they explicitly had protections (privacy, data handling) only for US customers pointing to some local law, no details on how the data and samples from outside the us would have been handled. And that's why I never used they service. I think the GDPR road is well worth a try, good luck.
EasyMark|1 year ago
EDEdDNEdDYFaN|1 year ago
KingOfCoders|1 year ago
But as 23andme is an US company, it is not under the jurisdiction of the GDPR. The legal situation isn't clear, the EU would claim some jurisdiction, but I (IANAL) think it's more like you go to the US, walk into a Walgreen and give up your data.
yoaviram|1 year ago
Copenjin|1 year ago
hedora|1 year ago
https://techcrunch.com/2023/12/04/23andme-confirms-hackers-s...