Deletion of user account(soflow.com) |
Deletion of user account(soflow.com) |
SoFlow AG Bionstrasse 4 9015 St.Gallen Switzerland
They are not members of the EU. Still, a well-written email in legal lingo in the country's official language helps a lot. Remember to include a reference to the relevant local law.
Some leads: https://www.ey.com/en_ch/law/a-new-era-for-data-protection-i...
- provide it for free and process it in due time
- not hide it trying to trick the user into "buying" something to delete their account
through if you have bought one but can not use it because someone else has an account with the hardware you bought from them then the person from which you bought it must do the deletion request for it to be covered by GDPR
and they probably could come up with some nonsense where the account is deleted by the device "stays locked" and you have to pay 20€ to unlock it for a new account
that might still be in violation of consumer protection law, but no longer has anything to do with GDPR and even in consumer protection law will be in a gray zone where you can do little but complain to official agencies
Edit: I was under the wrong impression that if you specifically call out ia_archiver in robots.txt they would honor it. It’s been completely ignored since 2017.
It could just let you delete an arbitrary account ;)
https://web.archive.org/web/20230324031319/https://www.soflo...
I guess things are improving?
Is this a real product, or a test item?
19.90€/month to keep being deleted. Otherwise we will restore your account
In the UK it's showing the initial link as costing £ 29,90.
'rip off Britain' I guess.
“ Your personal data will be used to process your order, support your experience throughout this website, and for other purposes described in our privacy policy.”
Does this mean while processing my order, the account removal, they update or recreate the account? :)
I've found forum posts of people resorting to using the email/password from the previous owner, or sending a registered letter to SoFlow asserting the new ownership.
So, and now I'm speculating, it's possible that this is less about deleting the account than it is about unlinking a scooter from your account, and it is a way for SoFlow to dip into the secondary market -- each transfer nets them another 20 EUR.
It's also possible that this is a way for the new owner to unlink their scooter from the previous owner, with an associated service charge -- the checkout page requires proof of ownership. In that case, it might be a way to prevent fraud, i.e. people stealing scooters and resetting them; thieves are unlikely to pay 20 EUR for that, nor are they keen on tying their real identity to the stolen scooter.
Like I said, this is speculation and I'm not saying this is a good way to do it, and it's not at all explained on the website, I'm just thinking aloud here. It just seems unlikely that anybody would attempt to charge 20 EUR for a simple account deletion.
4. Right to deletion
a) Obligation to delete
You may request the controller to delete the personal data concerning you without undue delay, and the controller is obliged to delete such data without undue delay, if one of the following reasons applies:
- The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
- You withdraw your consent on which the processing was based and there is no other legal basis for the processing. You object to the processing and there are no overriding legitimate grounds for the processing, or you object to the processing.
- The personal data concerning you have been processed unlawfully.
The deletion of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
The personal data concerning you was collected in relation to information society services offered pursuant to Art. 8 (1) DSGVO.
Deletion of user account
Purchase the required SoFlow account deletion from the official SoFlow online shop.
€ 19,90
Well, looks like they took this too literally and put actual price on "your privacy".
That would be 19.90€ please.Total € 183.545.103.533.410.025.472,00
They apparently don't do live stock availability checks :)
This itself is illegal. It must be simple and straightforward. EU laws broadly do not tolerate the rules lawyering popular in the US, companies know what the intent is and playing games will not work out in their favor.
the problem is violations are just far to many
the reporting of them spotty
and the processing is far too slow
also too little clarification for "predictable edge cases and ways companies try to circumvent" had been put in law upfront (laws some a form of comment section into which such things can be placed, most times as result of previous court decisions)
and from the resources which are available too many are bound in large companies bullshitting around by trying to delay enforcement by a very obvious misinterpretations of the law and huge legal teams/founds to delay and delay and delay
There are circumstances where they can charge a 'reasonable fee' for processing a Subject Access Request.
also having a payed deletion and a hidden free GDPR complilant deletion is also not legal
Same thing as when you get 3 for the price of 2, which is also not a huge deal despite what you might think.
PS: Oh wait, States...
Same with the DMA - Apple is blatantly acting in bad faith and contempt of the regulations and have yet to see a fine.
Turns out is is 'deactivated' which is certainly different from deleted.
The companies that don’t give a shit aka ignore warnings from the overseer in their country, will get fined; small or big. It works fine.
This is a sever breach of GDPR, so is their practice to use the information you give them when ordering for other things then processing your order without an explicit non required opt-in on your part.
Furthermore in the past when GDPR was new, judges where often quite lenient when it came to enforcement of first offenders but that is increasingly less the case. And which such bland consumer abusive business practices they might be in for a really bad awakening (if they sell to the EU).
Additionally given all that I wouldn't be surprised if their website is also committing GDPR violations.
Also even if they have free GDPR deletion "hidden somewhere" that still would be a violation of GDPR as it has been clarified by judges in other cases (related to information requests instead of deletion).
So when subreddits went 'dark' during the protest, and then people deleted their comment history, the messages on the dark subreddits came back when the protest ended and the subreddit became public again. At that point you can just delete the comments again of course, unless you deleted your account, in which case those necromanced comments stay undead forever.
A week later (after my account was deleted and inaccessible) my full comment history was restored.
Reddit's official response is that it was 'an unfortunate bug' and there's nothing they could do.
Instead they have a weird patchwork of bilateral treaties that are designed to look pretty much like EEA membership if you squint just right, and look like just bilateral treaties in separate areas if you squint a bit differently. They're linked, and at least the first seven have a "guillotine clause" so they all cease to apply if one of them is canceled, so in practice Switzerland is practically like an EEA member, but they get to pretend it's all very different.
There are some clear differences, though, and there have been years of negotiations trying to reduce them without success.
EDIT: No, I'm wrong; while EFTA Court used to be based in Switzerland, Switzerland is no longer subject to it. It still exists, but only for EFTA members who are also EEA members. This whole thing is impossible to keep track of.
https://en.wikipedia.org/wiki/File:Supranational_European_Bo...
And the GDPR scope is determined by the user, not the company. You can have your company based on the far side of the moon, with 99.99% of your users based on mars. For that one user that is living in Europe (note : living, not nationality) the GDPR applies.
Mind you, I'm not sure that the GDPR says that you can't charge for that. As long as you can justify that the amount is in relation to your expenses, my bet would be that a judge will allow it.
These GDPR conversations tend to pointlessly go back and forth on this because one side is describing the GDPR from the point of view of: what does the law say? The other is looking at it from the point of view of: I only have to follow my country’s laws.
The latter is closer to correct in some technical sense; laws have finite jurisdictions. But the EU has a big market and so lots of entities play ball with them, to some extent, in general, so it is probably better for most people to comply.
They are actively being negotiated because both Switzerland and the EU have realised there's a need to reform the original treaties, and the EU for a decade now have insisted that anything replacing them need to be closer to the EEA agreement, while having made clear they're not doing this crazy thing again for anyone else.
I'm not sure how long the EU can afford to further alienate countries that pay net positive into it's wallet, after losing the UK and the continuing rise of euroscepticism.
The EU can afford to stick to its guns in this indefinitely. It's made it clear for a decade that any change to the treaties with Switzerland can contain minor concessions, but only in return for a bet reduction in the deviations from the EEA framework.
With respect to euro scepticism, that largely fell apart thanks to Brexit - most of the parties arguing for the same for their countries have moderated their stances significantly, and support for the EU increased massively. Including in the UK where Brexit is widely seen as a massive mistake, and it's more a question of electoral calculus (neither of the big parties can afford to alienate the Brexit diehards yet; they're spread across the political labdscape) than anything else when rejoining gets in the political agenda.
As an addition re: the reduction in euroscepticism, according to Pew Research, between 2016 and 2019, the proportion of people with a favorable view of the EU rose 26 percentage points in Greece, 19 in Germany, 19 in Spain, 18 in Sweden 15 in the Netherlands, 13 in France, 12 in Poland, 10 *in the UK, 6 in Hungary. In 2022, a EU parliament survey showed overall support for the EU across member states was at a 15 year high, also much thanks to the Brexit bounce. In 2023, the European Parliament Eurobarameter - Autumn 2023 survey showed 72% of EU citizens think that their country has benefited from being a member of the EU, and only 22% thinks it has not.
