The mancityfans.net football forum

[Mase]

with GDPR the club can send an email to say “if you object to us holding your data then please make us aware, otherwise it will continue to be stored” or something similar. And most people won’t even read the email so they’ll just keep the data. It would be the fan opting out rather than the club asking them to opt in, because at one point they would have opted in. Or City will have reduced the amount of personal data they held, and just kept their support number attached to an email or home address.

[BlueinBosnia]

with GDPR the club can send an email to say “if you object to us holding your data then please make us aware, otherwise it will continue to be stored” or something similar. And most people won’t even read the email so they’ll just keep the data. It would be the fan opting out rather than the club asking them to opt in, because at one point they would have opted in. Or City will have reduced the amount of personal data they held, and just kept their support number attached to an email or home address.

How I understand it, the GDPR makes things opt-in, and if you didn't opt in in the past in a method that's GDPR-compliant, then you need to opt in in a GDPR-compliant method, or the data can no longer be stored. Like I said, this will only affect a minority of people who a) got their supporter number before 2018, b) haven't been to a game in a few years, c) haven't provided the club with up-to-date contact details, and d) don't know their supporter number. While it will be a minority of attendees, the number in gross terms won't be insignificant.

[Mase]

Where you enter into a contract with us (such as for the purchase of goods or services) we will generally keep your information for six years after the end of our contract with you.

So it would be anyone pre-2015 that’s not made a purchase using their supporter number. But again, City can get around that by deleting most of the customers personal information and just keeping a supporters number attached to an email. They’ve taken all “reasonable steps” to limit the amount of personal information stored.

GDPR isn’t about deleting personal information, it’s about reducing what is stored and only keeping what is necessary.

[BlueinBosnia]

Where you enter into a contract with us (such as for the purchase of goods or services) we will generally keep your information for six years after the end of our contract with you.

So it would be anyone pre-2015 that’s not made a purchase using their supporter number. But again, City can get around that by deleting most of the customers personal information and just keeping a supporters number attached to an email. They’ve taken all “reasonable steps” to limit the amount of personal information stored.

GDPR isn’t about deleting personal information, it’s about reducing what is stored and only keeping what is necessary.

That's the policy that came in in 2018 (https://www.mancity.com/privacy-policy). It's only applicable to data that was obtained after that date. What, how and whether data obtained before that date (and not updated after it) is stored is a different issue.

[Mase]

Where you enter into a contract with us (such as for the purchase of goods or services) we will generally keep your information for six years after the end of our contract with you.

So it would be anyone pre-2015 that’s not made a purchase using their supporter number. But again, City can get around that by deleting most of the customers personal information and just keeping a supporters number attached to an email. They’ve taken all “reasonable steps” to limit the amount of personal information stored.

GDPR isn’t about deleting personal information, it’s about reducing what is stored and only keeping what is necessary.

That's the policy that came in in 2018 (https://www.mancity.com/privacy-policy). It's only applicable to data that was obtained after that date. What, how and whether data obtained before that date (and not updated after it) is stored is a different issue.

I had to study GDPR for 2 years as my old companies GDPR “Champion” and run workshops on it throughout 27 different businesses, but it sounds like you’re more clued up on it and have more experience than me BiB.

[BlueinBosnia]

Where you enter into a contract with us (such as for the purchase of goods or services) we will generally keep your information for six years after the end of our contract with you.

So it would be anyone pre-2015 that’s not made a purchase using their supporter number. But again, City can get around that by deleting most of the customers personal information and just keeping a supporters number attached to an email. They’ve taken all “reasonable steps” to limit the amount of personal information stored.

GDPR isn’t about deleting personal information, it’s about reducing what is stored and only keeping what is necessary.

That's the policy that came in in 2018 (https://www.mancity.com/privacy-policy). It's only applicable to data that was obtained after that date. What, how and whether data obtained before that date (and not updated after it) is stored is a different issue.

I had to study GDPR for 2 years as my old companies GDPR “Champion” and run workshops on it throughout 27 different businesses, but it sounds like you’re more clued up on it and have more experience than me BiB.

Yeah, I've had to fact-check several books on the GDPR for three different publishers, including one specifically relating to archived data compiled before the GDPR came into effect and the impact of the 'right to be forgotten' upon this, and another on national-level laws implementing the GDPR affecting the connectability of databases of Holocaust and Porajmos victims between EU and non-EU member states, considering victims can no longer give consent to their data being stored, modified (to regulate different spellings of names), transferred and accessed, so I'm pretty clued up on it. That's beside my 'bread-and-butter' work that largely consisted of translating GDPR policies for around 100 companies over a four-month period when the grace period was about to expire, and the few dozen academic papers relating to the GDPR that I've proofread.

[Mase]

Thanks Andrew.

[carl_feedthegoat]

Where you enter into a contract with us (such as for the purchase of goods or services) we will generally keep your information for six years after the end of our contract with you.

So it would be anyone pre-2015 that’s not made a purchase using their supporter number. But again, City can get around that by deleting most of the customers personal information and just keeping a supporters number attached to an email. They’ve taken all “reasonable steps” to limit the amount of personal information stored.

GDPR isn’t about deleting personal information, it’s about reducing what is stored and only keeping what is necessary.

That's the policy that came in in 2018 (https://www.mancity.com/privacy-policy). It's only applicable to data that was obtained after that date. What, how and whether data obtained before that date (and not updated after it) is stored is a different issue.

I had to study GDPR for 2 years as my old companies GDPR “Champion” and run workshops on it throughout 27 different businesses, but it sounds like you’re more clued up on it and have more experience than me BiB.

Yeah, I've had to fact-check several books on the GDPR for three different publishers, including one specifically relating to archived data compiled before the GDPR came into effect and the impact of the 'right to be forgotten' upon this, and another on national-level laws implementing the GDPR affecting the connectability of databases of Holocaust and Porajmos victims between EU and non-EU member states, considering victims can no longer give consent to their data being stored, modified (to regulate different spellings of names), transferred and accessed, so I'm pretty clued up on it. That's beside my 'bread-and-butter' work that largely consisted of translating GDPR policies for around 100 companies over a four-month period when the grace period was about to expire, and the few dozen academic papers relating to the GDPR that I've proofread.

A simple 'you were right and I was wrong' would have sufficed.

[Nigels Tackle]

fuck me. this is quite literally the most boring thread ever. and it has stiff competitzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

[City64]

Thread is very informative for the many misinformed or a few thick cunts who thought they were smart .