[GNC] GDPR and data held in GnuCash
Maf. King
maf at chilwell.net
Tue Apr 10 08:54:16 EDT 2018
On Tuesday, 10 April 2018 13:24:55 BST Colin Law wrote:
> However I believe that any data that is required for 'contractual'
> reasons is not covered. When one sells anything there is an implicit
> (or explicit) contract so I assume (though I have no qualifications in
> this area) that customer data required for invoices and so on would
> not be covered. However if I were a business with customer data I
> would be asking my legal guy about this.
>
That is basically what I've been advised. If you sell stuff, then you are
able to hold invoice & delivery details for the purposes of that transaction
(and future transactions too) Also, in the case of the invoice address, there
is no "right to be forgotten" as it is statutory info that you have to hold
for the tax authorities to inspect (should they wish to).
What you can't do for example, is use the delivery data to send a marketing
mailshot without prior, documented, explicit consent for that use, and even
then, only is sofar as you have said you would in the privacy policy.
IANAL, but I don't think this is an issue for GC - indeed, for many years it
was remarkably hard to get customer details out of GC to use for other
purposes!
Maf.
More information about the gnucash-user
mailing list