On 12/18/20 3:41 PM, Stefan Bauer via mailop wrote:
If i setup for customer-domains MX records in a way, that a third-party is handling/processing meta-data or even mailcontent, i have to inform my customers about that and ask permission. If third-party is outside EU, there is not even a legal basis anymore since a few weeks, that would allow me to do so at all (see privacy shield got canceled). In all cases, I will be held responsible for my customers data unless third-party is signing contracts with me to accept EU privacy laws. EU has severe penalty for companies, breaking the GDPR/DSGVO law.
Thank you for the clarification Stefan.Though it sounds to me like it might not be illegal per se. Or rather that it would require you to go through additional hoops and possibly expose you to more liability. Perhaps those are things that you choose not to do. But that still sounds like a choice, not something that's actually illegal.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
