Am I the only one that wants to know what kind of information Jumpshot has on me? I've sent a request for information to them as I have the right to do under GDPR but no response. I'm going to wait 30 days and then sue them to get the information, the fine for not complying is quite steep. And if Jumpshot shuts down I'm going after AVAST.
you may want to know that if data is anonymised GDPR does not apply
I was wondering how long it would before someone would realise/mention this.
well, Im not so sure. It is especially hard since we dont know what was in the data that Avast pulled from our computers, but about 5 minutes of digging gives that GDPR goes pretty far here, Article 4, §1 clearly specifies:
"‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;"
Moving on to Avast, in the privacy policy, Avast specifies that they collect:
"Email address - To send you communications regarding your license and support
Username - To manage your account and facilitate your login into the service
Subscription renewal date - To tell us until when the account is valid
Trial User - To add a trial period before the account is charged"
Especially Email Address and Username looks to me like they would be what one would call "Online identifiers".
Furthermore, Avast privacy policy also states that these bits of information are collected:
"Product Data includes two sub-categories:
Device Data includes information about the operating system; hardware; city/country of device; error logs; browser; network; applications running on the device, including the Avast products; and
Service Data includes information about the Avast product usage and events relating to use of our product by you such as malware samples and detections, information concerning URLs of websites, usage statistics (activation, crashes, scans, errors), IP address."
IP address and city/country will most probably also fall under what GDPR considers "personal data", wouldnt you agree?
For reference:
----------------
Avast privacy policy:
https://www.avast.com/privacy-policyGDPR official legal text, Article 4:
https://gdpr-info.eu/art-4-gdpr/