Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

can you explain why? I mean a company ignoring common and simple rules of law... why you want to "protect" that?


You really think mom & pop business that have limited IT skills have 5k laying around for some minor violation like not deleting an older email?


Mom and pop businesses with limited IT skills are not collecting emails and private information. At worst they’d be using some external service (e.g. Mailchimp) which does it for them, and those have an obligation to be familiar with the law.


> Mom and pop businesses with limited IT skills are not collecting emails

They absolutely are!


The GDPR really isn't that hard to follow, for a "mom & pop" business, it really comes down to:

  * Limit data retention — Don't keep personal data longer than necessary
  * Honor data subject rights — Allow individuals to access, correct, delete, or port their personal data

Simply, don't collect personal information if you don't need it. If you do need it, add a delete button.


They will not get that fine for a looooooooong time


" simple rules of law..." - sadly, EU regulations in their totality are far from simple


Please elaborate, what's so complicated about it?


Which ones? I've had no problems - especially with gdpr.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: