Just in time for them to take physical discs away!

    • NigelFrobisher@aussie.zone
      link
      fedilink
      English
      arrow-up
      23
      arrow-down
      2
      ·
      8 hours ago

      The law says they can’t keep your PII after you stop being a customer, not anything about linking your email address to purchases for an entirely legitimate ongoing reason.

      • inclementimmigrant@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        2
        ·
        edit-2
        7 hours ago

        The law covers personal data not PII and is much broader than PII that is defined under the US Office of Privacy and Open Government which has no bearing on the GDPR.

        As for personal data, email addresses are covered and even user names could be considered personal data depending on if it’s linkable to a person and since your account is linked to your email and linked to you user name potentially, when they have to delete personal data the have to delete all of those foreign keys in their database that says your email once got a receipt for that game you bought digitally.

        • NigelFrobisher@aussie.zone
          link
          fedilink
          English
          arrow-up
          23
          arrow-down
          1
          ·
          6 hours ago

          Except they don’t have to delete any of that as long as you hold ongoing software licenses with them, as that’s a legitimate interest. This is malicious compliance posing as “well they made us do it”, same as all the GDPR banners on the web.

        • kossa@feddit.org
          link
          fedilink
          English
          arrow-up
          3
          ·
          4 hours ago

          They need to retain financial data for way longer though, and are basically allowed to store their bookkeeping stuff for forever. So they could restore accounts from that anyways. I’d argue, they could keep the account details which can be recovered from financial data under those circumstances. Which probably would be everything necessary to keep the purchased games. They’d need to delete e.g. usage data, connection data etc.

      • otp@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        5
        ·
        7 hours ago

        I’m not here to defend the corporations.

        Email addresses are PII under GDPR, aren’t they? So linking email addresses to purchase history is explicitly retaining PII and data about someone they can identify.

        • TroublesomeTalker@feddit.uk
          link
          fedilink
          English
          arrow-up
          11
          ·
          4 hours ago

          You are explicitly allowed to retain PII for critical business purposes. So in this case as a key component that the software licence is attached to they can retain it forever anyway.

          • GMac@feddit.org
            link
            fedilink
            English
            arrow-up
            2
            ·
            4 hours ago

            Pretty sure that the gdpr specifically precludes forever retention. Data should be retained as long as is necessary and whether 1, 3, 5, 10 or however many years, sooner or later deletion is appropriate, and the timeline depends on what is reasonable.

            3 years is a long time to not log in and if a court decided that it exceeded a ‘reasonable’ period for legitimate interest the fines can go to 10% of global revenue. The law encourages risk averse behaviour.

            They could make a better system where the user sets the timeline but it would be impossible to predict the return.

            On this one i think its probably driven by risk management not nefarious intent.

            • silberwoelfin@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              3 hours ago

              3 years is not long at all if you factor having kids into the equation. There is not a lot, if any, time to play video games when your kids are small. Imagine having 2 kids 1-2 years apart and not finding time for gaming (on your PS) until the youngest is at least 2 years old - then you are quickly looking at 3-4 years without login.

            • zqps@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              1
              ·
              edit-2
              3 hours ago

              3 years is not a long time at all. I’ve been collecting games on my steam account for 19 years, and there was a period of >2 years where I didn’t use it.