[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Question to all candidates: GDPR compliance review

On 2022-04-02 10:55, Adrian Bunk wrote:
> Where does our Privacy Policy[1] describe personal data where Debian and 
> the community team are joint controllers?

> Where does our Privacy Policy describe personal data where Debian and
> DAM are joint controllers?

Has it been established yet that Debian fits the definition of a
controller as per Article 4 lit. 7 GDPR?

I can see DAM, or CT, or the DPL possibly being controllers. But
without some form of officially recognized organization, I don't see how
Debian could be one. "Debian" doesn't even have an address, you couldn't
even determine which data protection authority has jurisdiction.

This is just one of the things that, I think, would be a lot simpler if
Debian would register as an organization, hence my question [1] to the

[1] https://lists.debian.org/debian-vote/2022/03/msg00135.html

Reply to: