To think this is a GDPR violation?

[GolfDeltaPapaRomeo]

I signed up to Facebook with really secure privacy settings, and didn't add any friends as I am moving countries and need to look up some local info and the groups and the market place would be useful.

I did not sign up with a mobile number, FB doesn't require one upon signing up.

a while later FB decided 'for my security' that I should give them a phone number and it won't allow me to go to my home page to delete my account without first giving them the number.

It says it won't use it to recommend me to "people I know" but that third party apps might use it that way.

I have a stalker and do not want this to happen.

I don't see why I have to give my data to a company who are renowned for using it inappropriately in order to delete it in order to delete my account. Surely this is a breach of GDPR I have a right to decide what information I give out and to demand my data be removed.

There is no customer service so you can't complain. The yhave a "help" section but that isn't even posting my bloody complaint.

How do they get away with this?

OP, I hate them too. Even when you put the highest security settings on, you can log in 6 months later and see they have switched things around and there are new ways they are leaking your data that you have to again clamp down on. Their default is to share and leak your data and it's almost impossible to keep up with them. There is a spotlight on them now, but 7-8 years ago they were off the scale with this sh*t.

Is it just on the app youve tried to log in from? Going onto the actual web page might give you more options.

FB wanted a copy of my ID as they believed I was using a false identity. Fuck that...

I simply used a new iPad to resign up, this time actually using a fake name.😂

Give them your phone number, delete your account and thus all of your personal information, including your phone number.

Quite simple, I'm not sure why the need for hysterics about it really

Yes, you are being unreasonable, as stated by about 30 people already, FB are not violating GDPR, and if you don't want them to have your info, don't use their service. How do you think they make money?

The law is not a matter of your opinion.

The law is not a matter of your opinion

I disagree. It's actually quite subjective, and as there is very little case law it is very much a matter of opinion. If a court ruled a mobile number was an excessive amount of data to collect in the name of security, or whatever their justification is, which would be entirely plausible, then it would in fact be in violation of the law. The OP is perfectly entitled to her opinion, and she could challenge it if she so wished.

Whilst I see where you are coming from, that doesn't change the fact that if FB are only doing exactly what they say with her data in their privacy policy and GDPR statement, then they are not in violation, and she hasn't given any specific reason to think they are.

All of which being said, isn't there still some debate as to whether Facebook really does delete profiles once requested ?
There is some debate about whether Facebook does anything truthful or decent, or just tells lies all the time.

OK, so OP gets a throwaway phone and gives that number, and is then given access to her account (to close it).

How is that making her or her data any more secure, given that anyone in the world could send in a throwaway phone's number and FB do not have a phone number attached to that account to check it against?

@Robandstuff by that logic they could write whatever they wanted in their privacy statement so long as they were doing what they said? They can justify their actions in their privacy statement, which is what it's there for, but that doesn't mean a court would agree with it. I have seen many completely non complaint privacy statements, and those where I didn't agree with their decisions, but at the end of the day it's for a regulator and court to decide.

Here is a link to the information screenshot yes about re the DPO. They have an online form to fill out to ask for deletion of data too :

m.facebook.com/privacy/explanation

Honestly this sounds like my grandma saying "IT wont let me in" "THEY'VE changed something". No OP. You aren't using it right.

I am certain that you are missing a link, or an x to go around the box, or some other option. Equally try putting in fake numbers and see if you can at least get from there to deleting your account.

@Krong

Honestly this sounds like my grandma saying "IT wont let me in" "THEY'VE changed something". No OP. You aren't using it right.

I am certain that you are missing a link, or an x to go around the box, or some other option. Equally try putting in fake numbers and see if you can at least get from there to deleting your account.

Wrong on all accounts.

Facebook do this with accounts they suspect are fake. They will not let you in without a mobile number, and they send a verification code to that number to check it’s yours.

So no, OP hasn’t missed a box/link/x etc. She also cannot give a fake number.

She literally cannot get into her account to delete it unless she gives them a number she has access to.

It's the same as if you were going around to people's houses washing windows for free and one day you decided not to wash one person's windows - it's because you said so and you can choose to not wash any windows you like.

If you were storing electronically the personal information of those people whose windows you had cleaned for free you would absolutely be subject to GDPR. The fact that a service is provided for free is irrelevant. Tesco issue free loyalty cards - doesn't mean they can use the data you supply to get one as a free for all.

The GDPR also includes the right to be forgotten. Which Facebook, while not committing a data breach, do not appear to be abiding by.

The GDPR also includes the right to be forgotten. Which Facebook, while not committing a data breach, do not appear to be abiding by.

It depends what legal basis they are using for processing, not every basis allows the right to erasure (for example you can't go to a bank and get them to forget you, or a court etc, there are legal reasons for holding on to data). It may be that certain data they collect can be deleted but not others depending on processing, the right to be forgotten is not as inclusive as it sounds.

I've never looked into it, I'd be interested to know what legal bases they use, but not enough to actually get around to reading their privacy notice yet!

It would be interesting to see which of these Facebook thinks applies...

There's a whole other list of exemptions Titchy, GDPR has 99 articles, you can't simply look at ICO guidance (which in itself is quite contentious) you also have to cross refer with DPA 2018 on some matters. It all boils down to what legal basis they are processing on and chances are they will be using a mixture, I will have a look now to see if they have actually written it clearly in their privacy statement (I would suspect they don't follow the concise and easy to understand rules!)

Haha so they have basically listed that they collect data under ALL of the legal bases, and of course don't break down what data is collected for what reasons.

They state they collect data to comply with legal obligations, in the public interest (as well as others), even vital interests (rare) so there wouldn't be a right to forget on processing in those circumstances. They don't specify what legal basis they process standard user profile data, which in itself isn't good practice (but quite common). The only way to know would be to try a right to be forgotten request, I suspect they would delete some data and argue other bits can't.

I don't get invited to parties.