EU GDPR / General Data Protection Reg. and FT compliance
 

Hello,

I would like to know what is the status with GDPR compliance Flyertalk, in general terms but specifically for
- the right to be forgotten
- the right of portability
- the right to restrict processing
- the right of correction
- contentment collection

Thanks

Flyertalk is a US-based site. Our TOU can be found here:

https://www.flyertalk.com/legal-notices.php

https://www.flyertalk.com/help/privacy.php

The location of Flyertalk is not relevant as long as it has users that are located within the European Union. Please see the Wikipedia article JDiver kindly links and also this Forbes article: https://www.forbes.com/forbes/welcom...ased-business/
Or this one from the NYU https://wp.nyu.edu/compliance_enforc...personal-data/

Flyertalk is impacted by the GDPR as it has EU users. As such I would really appreciate if you could have a more precise answers to the questions in my OP please.

I think you should read page 2 of that Forbes article.

;)

This?

Considering some of the ads I see are in German, and I do live in Germany, then I would say this is targeted marketing.

https://cimg6.ibsrv.net/gimg/www.fly...fc23462bc0.png

Example of ad I see now. It is not in German but clearly targeted as I am currently in FRA and thus is explicitly for the EU market.

I think you're taking "targeted marketing" WAY too liberally here. FT does not sell products, IJAFBB. Yes, there are advertisers who market to where you are, but that then makes them the ones who are doing the "targeted marketing", not FT.

I provided the contact information above. Is something preventing you from contacting the Privacy office to understand privacy, preferring to discuss with website administrators?

It would build trust if IB staff publicly explain how IB intent to comply with regulations concerning the handling and processing of customer private data.

Sure, but remember also that FT is just one of dozens of sites owned by IB. It would be best, imo, to contact IB directly, as any statement or interventions regarding GDPR would likely be applicable across all (or at least many) of their sites.

I wouldn't necessarily expect a website administrator to be the point of contact for matters related to privacy policies, particularly given that GDPR still has some pieces which are yet to be fully defined.
You could also try calling them. The numbers I get back from a web search are 310-280-4000 and (800) 692-2200. Although that particular avenue may be more difficult since you're in Germany.

I did. I stand behind my statement unless you can find a regulation that says I'm incorrect.

I am awaiting word from my legal team on this, and if they state differently, I'll post here.

My understandin is that, however, FT is the data controller for the ads providers it uses and therefore has responsibilities there. Also FT does collect personal data (email, iP addresses) and then rights to access, correct and delete apply.

Any update on this, please ? Did the legal team reached any conclusions ?

Curious what your stake in this discussion is. You seem to be very passionate about this particular topic, and so far seem to be the only one here on FT who is (or if there are others, they haven't posted here like you have).
Did you do what was already suggested by gobluetwo?

I trust FT with my personal data. Considering the climate those days around misuse of those, I want FT to reassure me, their customer, that they will follow the relevant regulations and ensure the third party they are using, like ad providers will also do so. My stake are my personal data.

Regardless of what the FT legal team (most likely expert only on US law) says, it would behoove FT to take the GDPR rules seriously.

Consider it a dry run for similar rules being adopted here in the USA. Admittedly, that's not likely to happen during the term of the current administration but all that means is that FT will have enough time to get their response right.

Does FT have a dedicated legal team, or does Internet Brands have a legal team which covers FT, among other of their properties?

I don't understand the OP's reluctance to contact Internet Brands directly. If you click on the Privacy Policy at the bottom of this page, it goes directly to an IB page. FT does not have a separate privacy policy apart from what IB has. It stands to reason that IB is the one to contact, not FT moderators or admins.

fransknorge is absolutely correct to inquire about GPDR and how it relates to FT. The world of online privacy is changing, especially for EU citizens. The location of the data controller is irrelevant. FT (or to be precise IB as the owners) holds data on each user which needs to be brought inline with GPDR and be clear how the data subject (FT members) can access or request deletion of this data. I'm not surprised that IB is woefully unprepared for GPDR, very few companies are, including in the EU, despite the long lead in time.

I don't think it is true to say it is only fransknorge who is passionate about this, I for one would share his concern. For me this is not a criticism of the IB management (though I would question reliance on a Forbes article :rolleyes:), it is a strong encouragement to prepare and act on legal obligations (that extend beyond the borders of the EU). And yes mods have no role in this in case anyone is wondering.

Hi everyone,

I spoke to our ad team today. Part of the reason for the recent FT upgrade was GDPR compliance. So as far as the ads go, FlyerTalk is ready to go, as of this month. Note that some things might not fully roll out until the implementation date in late May.