INFORMATION FOR PERSONS SUBJECT TO EU DATA PROTECTION LAW
While customers who are located in the European Union (“EU”), European Economic Area (“EEA”) or the Channel Islands, or other locations subject to EU data protection law (collectively, “Europe”) are customers of our Panamian entity, we recognize and, to the extent applicable to us, adhere to relevant EU data protection laws. For purposes of this section, “personal data” has the meaning provided in the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
RandLabs is obliged by law to communicate to the European Privacy Regulator (DPO) the data breach it has had and what the modalities have been.
I would like to know from them if they have complied. European law is very harsh in these cases.
I doubt they collect any personal data according the the regulation…
The personal data is defined as anything that can identify you as a person. For more generic dataset like ip or account address, they would have to store/show both things.
Btw when you say that you agree to to the consent, there should be quite good description what they collect, how they store it, and if the data goes away from the EU area…
I believe that statement is there for legislation purpose so that you are informed that they know about the GDPR law, and because they do not request you to accept anything they do not collect any sensitive data.
This is not true. Personal data is not defined as that. According to most legal articles on the topic, a blockchain public key or address is considered ‘personal data’. Using an account to authenticate or otherwise requiring the address to leave the computer should be accompanied by a GDPR compliance warning and active consent from the user.