Git is not even that convoluted, as all the history is stored in the .git folder within the repo. Unless there is some convoluted structure built on top, they would only need to move the repo folder to a trash disk, waiting to be formated.
That being said, GDPR is somewhat poorly enforced at the moment, unfortunately. I don’t know if you can sue the company and expect some result within couple of years.
I am not a expert or a lawyer, but I believe user actually hold the right to completely erase personal data:
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay
I don’t think that addresses my point. Is my opinion on the new Star Wars movies that I post online or some lines of code I suggest “personal data”? I thought personal data had a specific definition under GDPR
You’re totally right, the content of your posts is not considered personal data (because it isn’t)
It’s more about profiling data that can be connected back to your actual person
I think you are right, user generated content doesn’t seem to be protected. This is surprising to me, as user should hold the right to their content, which in my mind should enjoy stronger protection than personal data.
Technically, they could retain posts from users if they are irreversibly anonymized. However, ensuring with 100% certainty that none of your posts ever contained any personal data that could lead to the identification of you as an individual is challenging. The safest option is therefore to also delete your posts.
User should have the right to delete their data stored by the company.
Would that kind of provision allow me to have my code removed from a git repository history, if that git repository is hosted by a company?
As long as you didn’t give those rights by signing a CLA or a copyleft license. Never sign a CLA unless you’re fully compensated.
I am not a lawyer, but I believe in general, yes.
Git is not even that convoluted, as all the history is stored in the
.git
folder within the repo. Unless there is some convoluted structure built on top, they would only need to move the repo folder to a trash disk, waiting to be formated.That being said, GDPR is somewhat poorly enforced at the moment, unfortunately. I don’t know if you can sue the company and expect some result within couple of years.
No because user generated content is not protected.
Doesn’t that just mean the data would have to be anonymized ?
I am not a expert or a lawyer, but I believe user actually hold the right to completely erase personal data:
https://gdpr.eu/right-to-be-forgotten/
Note the word “erasure” as opposed to “anonymize”
I don’t think that addresses my point. Is my opinion on the new Star Wars movies that I post online or some lines of code I suggest “personal data”? I thought personal data had a specific definition under GDPR
You’re totally right, the content of your posts is not considered personal data (because it isn’t) It’s more about profiling data that can be connected back to your actual person
I think you are right, user generated content doesn’t seem to be protected. This is surprising to me, as user should hold the right to their content, which in my mind should enjoy stronger protection than personal data.
Technically, they could retain posts from users if they are irreversibly anonymized. However, ensuring with 100% certainty that none of your posts ever contained any personal data that could lead to the identification of you as an individual is challenging. The safest option is therefore to also delete your posts.
That only applies to personal data.