question

maldo avatar image
maldo asked

GDPR and reseller/installer access to data

Hello Victron community,

I bought a Victron solution to equip my house with solar energy. The installation is scheduled in 6 months from now at the end of 2023, I can't wait.
I discovered that the seller/installer could have access to my Victron connect data, and could directly set up my equipment.
This poses a serious problem of privacy, and does not seem to me in accordance with the GDPR law. Is it possible to block the access to my personal data from Victron to the seller? If not, I would block all data output via firewall, and I would lose a lot of functionality I think.
How can I keep my data confidential please?
Thank you.
Maldo


software
1 comment
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

nickdb avatar image nickdb ♦♦ commented ·

Personal data does not extend to telemetry of electrical systems, nor configuration thereof.

They have no access to anything which does constitute personal information: email addresses, banking information and so on and so forth.

They ultimately need to see system data to support you, in the same way your car dealership will download usage information from your vehicles onboard computer (though many actually upload it in realtime these days).

You have the choice to limit access to read only, or to remove them but that will limit your options for support.


1 Like 1 ·
1 Answer
maldo avatar image
maldo answered ·

Thank you for your answer.

"They ultimately need to see system data to support you, in the same way your car dealership will download usage information from your vehicles onboard computer (though many actually upload it in realtime these days)." => This is personal data according to the GDPR.

I will remove them so, even if I do not have support.

Thank you.

2 comments
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

nickdb avatar image nickdb ♦♦ commented ·
With respect, if the data cannot be used to identify who you are, and the data has been anonymised, then it is, by EU definitions, not considered personal data.

It is a common misconception that just because you collect data in various forms that all of this data, automatically, is covered by GPDR. It isn't.

Nonetheless, it is your choice to do away with what is considered an important part of the ecosystem. Something which uses a secure platform to broker connections for remote viewing.



1 Like 1 ·
kevgermany avatar image kevgermany ♦♦ nickdb ♦♦ commented ·
@maldo

Nickdb is correct. The act covers data which can identify a person.

However, they already have this information in their copy of your order and installation location. What they use the identifying data for is limited to the contract requirements/agreements i.e. the business relationship.

You can find the GDPR online at the EU web site. It's readable.

0 Likes 0 ·

Related Resources

Additional resources still need to be added for this topic