datarequests.org

@datarequestsorg
620 Followers
7 Following
76 Posts

We are Datenanfragen.de e. V., a registered non-profit from Germany. We have made it our mission to help you exercise your right to privacy.

Toots by @baltpeter (^b) and @zner0L (^z).

Legal notice: https://www.datarequests.org/contact

Websitehttps://www.datarequests.org
German accounthttps://mastodon.social/@datenanfragende
Show threaddatarequests.orgDec 8, 2022
If, after your admonition, the companies still didn’t react, you can make use of your right to complain as guaranteed by Art. 77 GDPR. To do so, you have to argue in what way the controller misbehaved — but don’t worry, we automated that too. With the new complaint generator, we can generate the arguments out of the previous messages to the company that you can then send to the responsible authorities.
^z 5/6
Show threaddatarequests.orgDec 8, 2022
And even then, we don‘t leave you alone. Often, companies never answer or they try to block your request with additional requirements. With our new admonition generator, we now help you assess whether a reply was legitimate and if not, you can reinforce your request by sending the admonition we generate for you. In order for you not to get confused with all the requests and admonitions, we combine them in the new request overview.
^z 3/6
Show threaddatarequests.orgDec 8, 2022
We cleaned up our homepage and now directly link to the request generator. Instead of a single overwhelming page, we split the request generation process into several steps. We take you by your hand and lead you through the process until you sent your request.
^z 2/6
datarequests.orgNov 18, 2022

It’s that time of the year again. Time to prepare some new #stickers for @c3stoc!

https://stickeroperation.center/posts/sticker-exchange-2022/

Sticker Exchange 2022 • Sticker Operation Center

English version below Das Zeitfenster für’s Einsenden von Stickern und Rückumschlägen ist vorbei. Bitte schickt keine Einsendungen mehr los, da sie nicht mehr rechtzeitig ankommen würden! Seufz. Schweren Herzens haben wir die Neuigkeiten zur Kenntnis genommen, dass dieses Jahr wieder kein Congress stattfinden wird. Auch wenn wir darüber sehr traurig sind, sind wir der Meinung, dass dies die richtige Entscheidung ist. Eigentlich hatten wir gehofft, dass wir dieses Jahr drumrum kommen, wieder eine vierstellige Anzahl von Briefumschlägen gefüllt mit bunter Klebekunst an euch zu verschicken.

Sticker Operation Center
Show threaddatarequests.orgSep 20, 2022

Finally, we ran a traffic analysis on the top 500 apps to check the labels’ truthfulness.

Here’s a graph of the results. We didn’t interact with the apps, so we can only check a few data types. And we can only definitively say when data is collected but can’t confirm that it is never collected.

Most of the declarations were correct. But more than one quarter of apps transmitted tracking data that they didn’t declare. A handful of apps transmitted the user’s location without declaring that.

Show threaddatarequests.orgSep 20, 2022

And then, we were genuinely shocked: Worryingly many apps self-declare that they collect or even share highly sensitive data like the sexual orientation, political or religious beliefs, and health info for tracking or advertising purposes. This includes typical suspects like Facebook and Amazon, but also SoundCloud, Zalando, momox, nebenan.de and many more.

Some of those apps are even explicitly targeted at children, like Roblox, My Little Pony, and FarmVille.

That is completely unacceptable!

Show threaddatarequests.orgSep 20, 2022

First, some good news: 29.8 % of the apps with a label say they neither share nor collect any data, and 57.2 % claim to at least not share any data with third parties.

Unfortunately, the situation looks less privacy-friendly for the apps that do process data. Here’s a graph of the most commonly declared data types: #Tracking data is most prevalent by far. Almost all apps that don’t claim not to process any data self-declare to collect or share at least one data type only useful for tracking.

datarequests.orgAug 16, 2022

Your #Android phone has a so-called Google advertising ID*, a unique number for your device. Using that, #tracking companies follow and record what you do on your phone, even across apps from different companies.

Luckily, you can now disable the advertising ID to make it harder for them to track you. We recommend doing this to everyone. Here's how it works.

*Unless of course, you’re using a google-free #LineageOS, #GrapheneOS or similar. :)

#privacy #dataprotection #advertisingid #gaid

Show threaddatarequests.orgMar 11, 2022

In the case of “excessive [esp. frequently repeated] requests”, companies are allowed to charge a fee or refuse to act on them (Art. 12(5) GDPR). Fortunately, we've only rarely experienced this.

The EDPB now clarifies that the allowed interval between requests depends on the situation. If the data a company collects changes frequently (e.g. in the case of social media platforms or even credit agencies), you are also allowed to make requests more frequently without them being excessive. 6/7

Show threaddatarequests.orgMar 11, 2022

Sometimes companies offer their services in many languages, but respond to requests only in English. However, the #GDPR says that the answer has to be in an “intelligible and easily accessible form” (Art. 12(1) GDPR).

According to the EDPB, this means that if companies offer their services in a country, they must also respond in the corresponding language. 5/7