undefined | Better HN

0 pointsopenplatypus2y ago0 comments

> It is covered under GDPR but I think the general consensus is that server logs containing IP addresses do not require consent.

It depends on the legal basis. If you store these IPs to render service or combat fraud, you might get away from explicit consent. However, if you use and store these IP addresses for analytics, then it is a very different conversation.

GDPR is not just about what and how you collect and use data.

0 comments

fauigerzigerk2y ago

>It depends on the legal basis.

Indeed it does. So it will come down to the specific purpose of any analytics.

Consent is only one of six different legal bases that can justify processing personal data.

https://www.legislation.gov.uk/eur/2016/679/article/6

j / k navigate · click thread line to collapse