Absconditus.6804 Posted October 22, 2018 Share Posted October 22, 2018 Even though they supposedly confirmed the deletion of all collected data, including my name, e-mail address and account data, they managed to send me a promotional e-mail today. ~~Thanks, ArenaNet, for putting me in touch with complete liars, not just borderline scammers. I guess I'll have to take this up further with legal authorities since these clowns straight up lied and failed to adhere to the GDPR.~~ Edit: Seems the other company involved, LevelUp, haven't processed their request, while Popdeem has. Popdeem got back to me really quickly and said they'd escalate it further to LevelUp. I guess I can wait, but this is pretty annoying after this stupid promotion. Link to comment Share on other sites More sharing options...
Danikat.8537 Posted October 22, 2018 Share Posted October 22, 2018 Me too. Both Kung Fu Tea and Popdeem (who run their app) are supposed to have deleted all my data, but not only have they still got it, I'm still on their mailing list apparently. I'm not actually sure what the next step is as I've not had to deal with this before, but since this is illegal under EU law I'm definitely going to be taking it further. Link to comment Share on other sites More sharing options...
Just a flesh wound.3589 Posted October 22, 2018 Share Posted October 22, 2018 Is the KFT covered by that law? If they don’t have sites in Europe they might not. A google search turned up this opinion. >“Does the GDPR apply to every business with EU ties? >It depends. The GDPR will affect all companies, individuals, corporations, public authorities or other entities that offer goods or services to individuals in the EU or that monitor their behavior there.” Link to comment Share on other sites More sharing options...
Danikat.8537 Posted October 22, 2018 Share Posted October 22, 2018 It's based on where the customer is. (Or whoever the individual is whose data you've got - they don't have to be a customer.) Doesn't matter where the company is based, or where they're registered, if they have EU customers then they have to comply with GDPR. Admittedly it's slightly tricky for KFT in that they apparently didn't intend to include anyone except US residents in their promotion but they...in place of what I'd like to write lets just say they 'made a mistake'. But that doesn't change the fact that they advertised this promotion to people all around the world, allowed them to patriciate and in the process took their data. And honestly if it was all a big mistake and they never wanted to do that (as opposed to a lazy way of reducing traffic to their app by changing the terms of a promotion part way through) they really should have removed EU citizens from their mailing lists anyway. We're useless to them as customers even without the huge loss of good will because they don't sell their actual products over here. Edit: Here's an article which explains it in clearer language than the official site: https://www.forbes.com/sites/forbestechcouncil/2017/12/04/yes-the-gdpr-will-affect-your-u-s-based-business/#e3f5eeb6ff26 Link to comment Share on other sites More sharing options...
Absconditus.6804 Posted October 22, 2018 Author Share Posted October 22, 2018 Edited my post, I got a swift reply from Popdeem when I sent a complaint. Multiple companies are involved with the data, it was collected and processed not just by a company called Popdeem, but also LevelUp, hopefully not additional ones. Upon looking at the mail a bit closer, LevelUp sent the mail, and in the response I got from Popdeem, they said LevelUp must not yet have gotten around to deleting the data, although they themselves could confirm having deleted all collected data. Popdeem said they would forward the request again to LevelUp. I guess LevelUp technically could have close to two weeks to confirm deletion too, it depends on when my request were forwarded from Popdeem to them initially. > @"Just a flesh wound.3589" said: > Is the KFT covered by that law? If they don’t have sites in Europe they might not. > > A google search turned up this opinion. > >“Does the GDPR apply to every business with EU ties? > >It depends. The GDPR will affect all companies, individuals, corporations, public authorities or other entities that offer goods or services to individuals in the EU or that monitor their behavior there.” The GDPR affects anyone collecting data on any EU citizens, it doesn't matter where the company is located in the world. If they collect data on someone within the EU, they are bound by the GDPR. That's what the GDPR stipulates. "Monitoring behavior" would fall under collecting data for use in say advertising. Link to comment Share on other sites More sharing options...
Ayrilana.1396 Posted October 22, 2018 Share Posted October 22, 2018 One of the reasons why I used a fake profile. Link to comment Share on other sites More sharing options...
Manasa Devi.7958 Posted October 22, 2018 Share Posted October 22, 2018 > @"Just a flesh wound.3589" said: > Is the KFT covered by that law? If they don’t have sites in Europe they might not. > > A google search turned up this opinion. > >“Does the GDPR apply to every business with EU ties? > >It depends. The GDPR will affect all companies, individuals, corporations, public authorities or other entities that offer goods or services to individuals in the EU or that monitor their behavior there.” I could install their app from the Google Playstore and use it without any apparent restrictions, without faking my location. That to me counts as them offering a service in the EU, to a EU citizen. Link to comment Share on other sites More sharing options...
Recommended Posts