pdlouche-
Yes.
I'm still not totally sure of what my obligations are, or the legal ramifications from failing to fulfil them, or the requirements of a data officer WRT to GDPR.
So... just holding no data whatsoever outside of that which you can access via the public website and API... that's an excellent position to be in.
The only possible thing I can anticipate that might be problematic in future is if someone requests data, but does not have any way to prove that they have the right to it. As in... we purely identify based on email address and have no other means at all, and if you have lost access to an email address but wish to make a data request then there is no way that I could ever fulfil that as you'd need to prove you were the individual who owns the email address for me to release data to you... and you wouldn't be able to produce such proof that could convince me if you didn't still have access to the email address (as just saying "but the email is my name" is not a strong assertion that you once had ownership of the email).
You are reading a single comment by @pdlouche and its replies.
Click here to read the full conversation.
Velocio
Inactive member wanting data from pre migration to microcosm. Genuine request it seems.