PureBasic Forums - English

Lord wrote:

DarkDragon wrote:

Lord wrote:The grace period ended in may 2018. GPRD was already over one year an applicable law.
The now upcoming problems only show how lazy everyone was in respect to the new law,
because they had a grace period.

Never heard of GDPR before then. In which newspaper did you read about it two years ago? What do you need to pay to whom to get information which you need?

I read this in the german magazin c't months ago.
Right now I'm on holidays, so I cant' verify this.
But here is a Link (in german): https://www.sage.com/de-de/blog/wann-tr ... -in-kraft/

That is months ago, but that is when I also heard about it and too late. It was announced 2 years ago and I haven't read about it then.

Dude wrote:

Kuron wrote:Personally, as long as my server is located in the USA, I will NEVER adhere to any EU law as they do not apply to me.

I hear you, but if we sell to EU customers, then GDRP does apply to us, whether we like it or not. It doesn't matter where we're geographically located. That's the problem.

However, and this is not legal advice (use it at your own risk), it only applies to personal data of the customer. In my case, I can get around this because I don't collect any personal data from the customer, except from what PayPal provides to me, ie. their email address and real address. If they want me to delete that info (a GDRP right for a customer), then fine, I'll delete it and they'll cease to be my customer and not get any updates anymore because they have chosen to sever ties with me. No refunds and not my problem; I'll refer the customer to GDRP law as the reason, and stick this in my EULA as well.

Another GDRP issue is that EU members must by law hire a data compliance officer. I don't know if Fred can afford to hire one, but he must (it cannot be himself). I assume it can be a friend on a salary of $1 per year.

Not everyone needs a data compliance officer. And the GDPR not only applies to customer data, it also applies to employee data. Also the processing of the data has to be documented as if it was money, that means a bit more complicated than financial accounting (there you don't need to reason everything by stating a paragraph in the law).

DarkDragon wrote:Not everyone needs a data compliance officer.

Upon re-reading, I think you're right:

"Article 35 requires that certain companies appoint data protection officers. Specifically, any company that processes data revealing a subject’s genetic data, health, racial or ethnic origin, religious beliefs, etc. must designate a data protection officer..."

Previous articles that I read simply mentioned DPOs without why; now I see it relates specifically to the data listed in my quote in this post.

Dude wrote:

DarkDragon wrote:Not everyone needs a data compliance officer.

Upon re-reading, I think you're right:

"Article 35 requires that certain companies appoint data protection officers. Specifically, any company that processes data revealing a subject’s genetic data, health, racial or ethnic origin, religious beliefs, etc. must designate a data protection officer..."

Previous articles that I read simply mentioned DPOs without why; now I see it relates specifically to the data listed in my quote in this post.

IIRC it also applies for companies that have >= 10 employees.

Dude wrote:I hear you, but if we sell to EU customers, then GDRP does apply to us, whether we like it or not. It doesn't matter where we're geographically located. That's the problem.

However, and this is not legal advice (use it at your own risk), it only applies to personal data of the customer. In my case, I can get around this because I don't collect any personal data from the customer, except from what PayPal provides to me, ie. their email address and real address.

This is why so many are just blocking IPs. But, to me, it seems unfair to block the citizens when the government is at "fault", and that should only be done a last resort. Depending on the host you use, you may not even have the capability to block IPs.

Like you, I use PayPal. Third-party ordering. I do not (at least, not at this time) directly fulfill my orders. That is automagically done. My email from PayPal does not even come onto my server, my email is through Proton Mail, so my emails are on a server in the EU.

PayPal has moved to be compliant on their end. Even many web hosting services have implemented a "mandatory cookie awareness warning" (for lack of a better term) that is forced on their hosted sites, to make the hosted sites (and them as the host) compliant.

I am not in control of any information that needs to be controlled.

DarkDragon wrote:

Lord wrote:

DarkDragon wrote:

Lord wrote:The grace period ended in may 2018. GPRD was already over one year an applicable law.
The now upcoming problems only show how lazy everyone was in respect to the new law,
because they had a grace period.

Never heard of GDPR before then. In which newspaper did you read about it two years ago? What do you need to pay to whom to get information which you need?

I read this in the german magazin c't months ago.
Right now I'm on holidays, so I cant' verify this.
But here is a Link (in german): https://www.sage.com/de-de/blog/wann-tr ... -in-kraft/

That is months ago, but that is when I also heard about it and too late. It was announced 2 years ago and I haven't read about it then.
...

18 o3 23 month are also month ago. There was enough time to react.
There is an old saying in Germany: "Unwissenhheit schützt vor Strafe nicht.",
Deepl translates to: "ignorance does not protect against punishment".
It's always the lazyness which yields words like "I didn't see...", "I didn't hear...",
"I didn't know...", ....
The Dollars-signs in the eyes sometimes filter out the important things.
Protecting personal rights is more important than making money!

Just my two cents.

Deepl translates to: "ignorance does not protect against punishment".

Here, we say "Ignorance of the law is no excuse for breaking the law."

Lord wrote:

DarkDragon wrote:

Lord wrote:

DarkDragon wrote:

Lord wrote:The grace period ended in may 2018. GPRD was already over one year an applicable law.
The now upcoming problems only show how lazy everyone was in respect to the new law,
because they had a grace period.

Never heard of GDPR before then. In which newspaper did you read about it two years ago? What do you need to pay to whom to get information which you need?

I read this in the german magazin c't months ago.
Right now I'm on holidays, so I cant' verify this.
But here is a Link (in german): https://www.sage.com/de-de/blog/wann-tr ... -in-kraft/

That is months ago, but that is when I also heard about it and too late. It was announced 2 years ago and I haven't read about it then.
...

18 o3 23 month are also month ago.

Yes, but even if you know about it 18 or 23 months ago, no lawyer will know about it, yet. You have to get a lawyer, you cannot do it yourself, completely. And when lawyers finally know about it, you go to them and they have no time until 1 month after the date.

Lord wrote:There was enough time to react.
There is an old saying in Germany: "Unwissenhheit schützt vor Strafe nicht.",
Deepl translates to: "ignorance does not protect against punishment".

Here in Germany we have exactly the same saying. Still, how would you cover all laws as a sole proprietorship? You have no chance in getting all the information at the right time. I personally watch the local (German) law. I do not watch the European law, because in 99% the EU just recommends the local laws to do something and then it takes some time until they really do it. They usually do not force all countries to agree in one law at a real point in time.

Lord wrote:It's always the lazyness which yields words like "I didn't see...", "I didn't hear...",
"I didn't know...", ....
The Dollars-signs in the eyes sometimes filter out the important things.
Protecting personal rights is more important than making money!

I'm usually on your side, but as a reader of such information on a companies website, I'd like to be able to understand what they write. I do not want to read privacy policies which are 100% overcomplicated by stating every little detail. For a user of a website it is just important to be able to agree or decline the contract to collect information and to see what information is collected. I do not want to read which fucking paragraph is used where and why and whatsoever. This is just another lawyer's method to punish small sole proprietorships and to encourage large monopols.

Most founders are not your "dollar-sign-in-eye" people. They are just as simple as you. And the more they increase the difficulty to found a company, the less ideas will be realized and the more large monopols and oligopols will benefit from it. I for my point of view always think new ideas are better than being afraid of stolen information.

Many privacy activists are somewhat blinded by just repeating what some expert has said years ago over and over again without distinguishing the single situations. I even think the lobbyists are actively using them to earn more money. They combine laws, such that the privacy activists are happy and monopols benefit from it such that the lobbyists get their money.

Without money, you'll get not food and you'll eventually starve. Loosing your information maybe leads to death, but not every time. In London everyone is watched since decades and there has been almost no serious problem with it, yet.

Btw. did you know, that if you release a free app on Google Play or in iTunes, you'll still have to pay about 1000€ per language for each privacy policy, even if you're not doing this as a company? These costs are recurring as law changes from time to time.

DarkDragon wrote:Btw. did you know, that if you release a free app on Google Play or in iTunes, you'll still have to pay about 1000€ per language for each privacy policy, even if you're not doing this as a company?

If people want privacy, they should not be using the internet. Laws passed by bureaucrats who have no idea how the internet works, only makes matters worse and hurts commerce. Businesses have more difficulty selling and customers have more difficulty buying. The only people who make out are the bureaucrats who are being paid by lobbyists to pass legislation.

DarkDragon wrote:did you know, that if you release a free app on Google Play or in iTunes, you'll still have to pay about 1000€ per language for each privacy policy, even if you're not doing this as a company?

Citation needed, as I've never seen that. Or is it a new GDPR thing?

Dude wrote:

DarkDragon wrote:did you know, that if you release a free app on Google Play or in iTunes, you'll still have to pay about 1000€ per language for each privacy policy, even if you're not doing this as a company?

Citation needed, as I've never seen that. Or is it a new GDPR thing?

First of all: I haven't read any real evidence that the GDPR only applies to juristic persons (companies/organizations/...). There are many private blogs which are afraid of the GDPR, especially wordpress users.

Every app has the possibility to collect personal information and there is no way around it. The e-mail address is being sent to the owner when sending a bug report and this also counts as collecting private information.

Another point is: Google doesn't allow you to have no privacy policy anymore.

Additionally there is the TMG and the new version of the BDSG (part of DSAnpUG-EU) in Germany and IIRC they also don't distinguish between natural and juristic persons.

Didn't you hear about facebook fanpage problems, yet?

There has always been law changes like this which at first worry people and smaller businesses a lot. I bet with you that in 6 month there is a simply solution where people just pay a small monthly fee to comply with it. I assume something like 2 lawyers, 3 secretaries and a software developer will offer to cover the whole thing for a small monthly fee and in return you get specific directions what to do and how to handle things in the future. Within 6 month this whole "big issue" will be solved like that and large site hosters will offer it as part of their common business.

The same happened repeatedly in the past when at first the uncertainty and potential harm seemed huge. Have a little trust in the system - there will be a simple affordable solution for smaller businesses. Within a year we will likely all just pay a small monthly fee like 1 dollar to a huge hosting company and they will cover all this stuff for you, because there are much stronger interests to have this solved then there are interests to wipe out the bottom segment of businesses. It will not be as hazardous as it might look right now. Give it 6 to 12 months to settle down with a few court decisions to clarify the specific details of what is required.

Just my opinion after many years in business.

Bitblazer wrote:There has always been law changes like this which at first worry people and smaller businesses a lot. I bet with you that in 6 month there is a simply solution where people just pay a small monthly fee to comply with it. I assume something like 2 lawyers, 3 secretaries and a software developer will offer to cover the whole thing for a small monthly fee and in return you get specific directions what to do and how to handle things in the future. Within 6 month this whole "big issue" will be solved like that and large site hosters will offer it as part of their common business.

The same happened repeatedly in the past when at first the uncertainty and potential harm seemed huge. Have a little trust in the system - there will be a simple affordable solution for smaller businesses. Within a year we will likely all just pay a small monthly fee like 1 dollar to a huge hosting company and they will cover all this stuff for you, because there are much stronger interests to have this solved then there are interests to wipe out the bottom segment of businesses. It will not be as hazardous as it might look right now. Give it 6 to 12 months to settle down with a few court decisions to clarify the specific details of what is required.

Just my opinion after many years in business.

It already exists (iubenda and e-recht24), but they are not liable. I also had this thought, but the price is higher than a lawyer at the end.

DarkDragon wrote:Didn't you hear about facebook fanpage problems, yet?

After reading that, I will be refusing all orders from the EU and I will block EU IPs. Truly seems to be the ONLY solution that is guaranteed to be FULLY compliant.

I've tried many BASICs over the years and none have spoken to be as easily as PureBasic.

Has anyone here had the pleasure of working with this particular dialect?

A short examination of the language reference was a mind numbing experience for me with no valuable perspective. We're very fortunate to have such easy to navigate CHM files.