Ask HN: Its ok if we mention in our TOS that we are not GDPR compliant? - calliethrone
======
olivierduval
It depends...

If you don't have (and won't acquire/process) any personal data on individual
in Europe, then you're not bound by GDPR.

But if you have any personal data on at least one physical person in Europe,
then you're bound to the GDPR, whatever you write in your TOS. That's what
Instapaper didn't really understand (same for US's newspaper that may have
subscriptions from people in Europe). GDPR is above your TOS. Your only way
out would be to delete identifiable datas bound to european people.

BTW: not all datas are "personal". For example: there's no problem for
advertising... only for TARGETING (based on informations bound to an
individual). If the target is "big enough" not to be able to single out a
specific person, then everything is fine. You can display ads following
gender, age, country, city... because these categories are wide enough. You
can assign a "profile-id" to anybody... but not a "user-id" (this would be
"personal")

