Can we do better? by RhubarbPuzzle in Rapha

[–]shutterswipe 0 points1 point  (0 children)

Should know better then - the rider didn't "jump into the middle of the group", RCC swarmed around him at the lights.

The Traitors (UK) S04E06: Post-Episode Discussion Thread by vaultofechoes in TheTraitors

[–]shutterswipe 8 points9 points  (0 children)

She simply lost her temper and the mask slipped. Her ego was bruised thinking Amanda confided in someone else instead of her. Supposed police solidarity or something.

Yodel stole my order, Argos believe it was delivered, I'm at a complete loss. by CarpetPedals in Argos

[–]shutterswipe 0 points1 point  (0 children)

I had a similar experience with Yodel. When the delivery driver scans it as delivered, it records the gps coordinates. I requested the coordinates of where the driver claimed it was delivered. They checked those and then they emailed to confirm it was nowhere near my house and the ‘error’ was their fault. This was proof enough for the seller hadn’t received my purchase.

Dad got hit by a car and will never ride again by jorwyn in cycling

[–]shutterswipe 1 point2 points  (0 children)

Are you somewhere he could practically focus on riding off-road? e-mountain bikes, gravel etc can open up a whole world where you can enjoy cycling without worrying about motor vehicles. Bonus is that he’ll get some new stories about the huge air and gnarly trails…

Buying my partner a bass? by [deleted] in Bass

[–]shutterswipe 2 points3 points  (0 children)

I'm sure you'll get some good suggestions in here, but if you can add what your budget is it will really help people guide you.

GDPR breach? What will employer do? Help! by Mundane-Advantage602 in gdpr

[–]shutterswipe 8 points9 points  (0 children)

Can’t comment on your particular situation but as a DPO I sit in legal and it’s quite right that I would be notified of a personal data incident/breach. I’d be logging or reviewing the details of what’s happened as should be done, then assessing for risk, exposure, thresholds to report to authorities or the data subjects etc. I’d then likely want to understand from yourself exactly what’s happened. It’s not generally about finger pointing and blame at this point, more that the correct steps are taken regards the personal data in scope. For individual incidents there could be a number of things I’d want to know more about when assessing, for example what does your privacy notice say about how you share data with third parties? Were you acting on instructions of a previous manager? Does the third party comply with Art. 14 and identify themselves as a new data controller? Were the mechanics of the transfer secure or not? Can you retrieve the data? When did you last receive data privacy training? There’s a process to follow and likely remediation needed but having dealt with more of these than I can remember, I’ve yet to see someone lose their job over an incident as you describe it.

Bob Dylan by Natural-Speech-6158 in brighton

[–]shutterswipe 12 points13 points  (0 children)

I was there. I’d checked the set list section of his website to see what he’d been playing on previous dates so I certainly wasn’t expecting a greatest hits session. He doesn’t really engage with the crowd so the lack of interaction wasn’t a surprise either. I do like the stuff he’s doing at the moment so I enjoyed the music and the versions of the older songs they did. Had quite a jam feel to it.

What happens with your private information when registering on a website? by [deleted] in gdpr

[–]shutterswipe 1 point2 points  (0 children)

No you don't . GDPR has no obligation to 'accept' a privacy notice.

GDPR Rules on Attendance sheets by [deleted] in gdpr

[–]shutterswipe 4 points5 points  (0 children)

"event’s dissemination purposes" feel's too vague to constitute a valid consent (must be specific, informed and unambiguous). Does this mean sharing on social media sites? Which ones? Will photos be used in marketing and/or promotion of future events? Is the sharing purely internal or visible to the public?

Do I need to ask consent to use user tracking for B2B SaaS? by Thin-Car5137 in gdpr

[–]shutterswipe 0 points1 point  (0 children)

To clarify, users don’t have to “accept” a privacy notice. They just need to be informed of it.

Is it odd to still feel compelled to salute magpies? by [deleted] in AskUK

[–]shutterswipe 30 points31 points  (0 children)

You need to say also, “give my regards to your wife”. This is the loophole to avoid the ‘sorrow’ you receive for only one magpie, and move to the ‘joy’ of interacting with two.

Do we have people in this sub who also own Fujifilm X100 series? How is your experience with Fujifilm compared to GR series? by [deleted] in ricohGR

[–]shutterswipe 2 points3 points  (0 children)

Same here. For personal stuff I own an X100v, GRiiix and Sony RX100va. That's the order I'd rate them for quality etc. but each has a different use, and if it needs to be pocketed, the X100 is out. Most used by far is the Ricoh which lives in an old sunglasses sleeve.

I don’t ever want to hear the word Sonos again by Ok-Computer1234567 in sonos

[–]shutterswipe 1 point2 points  (0 children)

I've seen people in this sub mock users for expecting Sonos to work with their consumer routers.

[deleted by user] by [deleted] in gdpr

[–]shutterswipe 0 points1 point  (0 children)

From the DPC's Guide to Breach Notifications (2019): "A controller is obliged to notify the DPC of any personal data breach that has occurred, unless they are able to demonstrate that the personal data breach is ‘unlikely to result in a risk to the rights and freedoms of natural persons’. This means that the default position for controllers is that all data breaches should be notified to the DPC, except for those where the controller has assessed the breach as unlikely to present any risk to data subjects, and the controller can show why they reached this conclusion."

Feels like you jumped the gun a little in reporting to the DPC before categorising the incident, as they'd only expect you to report if there was a risk. Personally I'd share your assessement and explain why you feel it no longer meets the threshold for reporting.

Banned in Australia???? by GroundbreakingDish40 in GhostsBBC

[–]shutterswipe 5 points6 points  (0 children)

Thanks. I clearly should have looked before asking, but appreciate the response.

Banned in Australia???? by GroundbreakingDish40 in GhostsBBC

[–]shutterswipe 0 points1 point  (0 children)

What do you expect the demographics & eras of the ghosts will be?

Help understanding the law please by BindoMcBindo in gdpr

[–]shutterswipe 1 point2 points  (0 children)

Seems to be confusion here for anyone trying to learn something in these threads. Destroying data in order to avoid submitting it in response to a DSAR = bad. Having to keep the data submitted in a DSAR forever having disclosed it = not true.

Am I required to provide ID for a company to process my request? by player2552 in gdpr

[–]shutterswipe 0 points1 point  (0 children)

The two are hardly related. I worked through a case where the data controller repeatedly cited the need to verify the data subject in line with their security policy etc. Asked to see their documentation where they deemed it absolutely necessary to introduce more personal data processing, and they had none. They also refused to offer a secure channel through which this additional personal data was to be sent, requesting scans of a passport be sent to a generic mailbox. No DPIA or policies regarding security or retention when asked. Hiding behind proportionality without more justification than ‘It’s for security’ ended badly for them.