Comment on Blizzard may have violated the UK GDPR following my 2019 Data Erasure Request
vodka@lemm.ee 4 weeks ago
This is just from memory and I haven’t double checked it but.
There’s exemptions in GDPR, and some of them are related to financial, tax and safety stuff.
A company has to be able to prove legitimacy of transactions for 10 years in most of Europe, so keeping your card details and transaction history etc for 10 years is within GDPR exemptions for sure.
The real issue here is why the card of someone who has otherwise completely ended their customer relationship with the business was accessed in any way.
vikingtons@lemmy.world 4 weeks ago
Appreciate the information. An associate of mine did allude to this being the case, key thing is they’ve attempted a transaction on this payment method and I’ve told them to stop.
vodka@lemm.ee 4 weeks ago
It should definitely no longer be in a system that could attempt a transaction or other checks, it should be archived.