Re: Question to all candidates: GDPR compliance review
On 2022-04-02 10:55, Adrian Bunk wrote:
> Where does our Privacy Policy[1] describe personal data where Debian and
> the community team are joint controllers?
> Where does our Privacy Policy describe personal data where Debian and
> DAM are joint controllers?
Has it been established yet that Debian fits the definition of a
controller as per Article 4 lit. 7 GDPR?
I can see DAM, or CT, or the DPL possibly being controllers. But
without some form of officially recognized organization, I don't see how
Debian could be one. "Debian" doesn't even have an address, you couldn't
even determine which data protection authority has jurisdiction.
This is just one of the things that, I think, would be a lot simpler if
Debian would register as an organization, hence my question [1] to the
candidates.
[1] https://lists.debian.org/debian-vote/2022/03/msg00135.html
Reply to: