On 03/22/2018 09:44 PM, Carole wrote:
For GDPR we are required to ensure compliance with any 3rd parties who store personal data on our behalf
Once GDPR goes into effect, there are going to be administrative
changes. What those changes are, depends upon what the courts decide.
Mailing lists owned by a private individual are an edge case. The
current assumption is that adherence to the entirety of the GDPR is
required. (Personal Rolodex cards fell into the scope of a similar,
albeit weaker measure, that passed about twenty years ago. This is why
those of us whose contact list looks like an expanded edition of _The
Mackay 66_ are also going to have to comply with GDPR, if anybody living
in Europe, or from Europe is in the list.)
The main concern is whether data is stored on servers inside or outside the EU.
Going by traceroute, it looks like the servers are in the United States.
However, that is a question best answered by Mark.
So my question is does Groups.io have servers inside the EU for those of us in Europe?
A. Storing and using data via third parties
e.g. sharing documents (Google Drive),
Unless Google has clearly stated that everything on Google Drive will
adhere to GDPR, regardless of physical location, the only storage that
will be compliant, is accounts that either originated in Europe, or for
individuals currently resident in Europe. (And yes, Google knows your
home address, even if you never told them.)
I am not a lawyer. This is not legal advice.
jonathon
