Creating an online BMI calculator that'll store details like email, height, current weight, goal weight, age, sex on a server.
What exactly are my GDPR/Legal obligations with regards to this information? The idea is that the user receives a BMI reading from their details along with a spamspamspamspam plan.
I will of course have the user tick a box to receive marketing messages. They'll be able to unsubscribe and will have access to a privacy policy and terms of service for the site.
thanks,
You've obviously determined that none of the data mentioned is classed as sensitive personal data before giving that advice?You main checklist items are included here. As long as you everything safe, allow data subjects access to it and set a limit on the retention of the data you should be ok.
So long as you have explicit consent, and the collection / processing of the data is necessary to fulfill your obligations, etc...You'll be grand with any kind of sensitive data
It wasn't very clear to me in your post.Most of the 'specific circumstances' that you allude to are exactly what I mentioned.
ou have to laugh though, fairness that a regional German data protection authority fines a computer retailer €10.4m for using CCTV to monitor staff but we decided to fine Twitter €300k for not adhering to breach reporting requirements.
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?