slow_bob wrote:
alex_korr wrote:
mathematics wrote:
So what was the actual intent of the GDPR? I understand the data protection idea and not wanting to give companies free reign over any little tidbits they can get their hands on, but I'm not seeing a connection to how a finisher list of a public event violates this? Isn't any mention/form/likeness/photo of you already signed away upon entry to the event? Surely the buck stops there for personal info. It's not like they're publishing a list of everyone who signed up for a private service like AshleyMadison and that associated scandal.
GDPR is irrelevant imo since we are talking about publicly available data, at least in as far as the race results go. Perhaps some asshole lawyer decided that being able to search race history by person was somehow now kosher... but in general this just sounds like Ironman doesn't want to license its 1st party data. Or obstri balked at the license fee, which could have been whatever.
One of the stipulations of GDPR is "The right to be forgotten". https://gdpr.eu/...otten/?cn-reloaded=1
I.e. if I want remove the right to use my personal data from someone I have previously given it to, they need to comply (within given circumstances). If I reach out to Ironman and ask them to forget me, they generally need to pull my data. This includes race results. If they have provided a third party this data they need to ensure this is also deleted. If that third party does not, Ironman is at fault. This makes data owners hesitant to let others have and use that data, as it gets tricky to live up to your GDPR obligations over time.
If you have a 1st party relationship with an organization and this relationship includes transactional data like payments I can 100% guarantee you that a GDPR request cannot be brought against that data.
Next races on the schedule: none at the moment