This isn't about how it works, it's about whether it works or not. That companies need to follow the law isn't exactly confusing, and nobody is saying they shouldn't, but when the law cant even clearly answer basic questions of who it applies to and when, that's a problem.
There are examples of regulation that does work, but GDPR is not really in that category.
...Ok, because you say so? Are you a lawyer? Do you realize that this whole discussion exists precisely because it's unclear?
There are already billions in lawsuits against facebook, google and others so companies are rightfully being careful. And even if you fall under GDPR, there is plenty of vagueness about the data and processes itself. This is not as simple as you make it out to be.
> Do you realize that this whole discussion exists precisely because it's unclear?
I realize that this statement is untrue.
Some people are dredging up all kinds of "but what if" and "I really, truly don't understand how my collecting data could be considered GDPR-triggering".
I find that dishonest. Protest as much as you want.
Oh, and surprisingly, just by some bizarre happenstance, you are "Currently working on Instinctive, a B2B marketing technology company."
I can tell you immediately that whatever you're doing falls under the GDPR.
>> that whatever you're doing falls under the GDPR.
Cool, except we weren't confused about that. Figuring out what data exactly and when, along with the proper processes, documentation, and interaction with all of our clients took lots of lawyer time though.
No I didn't, you should read it again. The original thread was about GDPR in general until the other commenter started talking about me and my company personally. We're not confused on whether it applies to us, although there are plenty of specifics that lack guidance.
There are examples of regulation that does work, but GDPR is not really in that category.