FCM and GDPR
451 views
Skip to first unread message
Nash Zhou
Mar 15, 2022, 4:33:36 PM3/15/22
to Firebase Google Group
Our app is now using FCM, in order to continue using FCM. We need to know if FCM is now GDPR compliant, and if not, what do we need to do to ensure that we can continue to use FCM under GDPR
Kato Richardson
Mar 16, 2022, 11:42:57 AM3/16/22
to Firebase Google Group
On Tue, Mar 15, 2022 at 1:33 PM 'Nash Zhou' via Firebase Google Group <fireba...@googlegroups.com> wrote:
Our app is now using FCM, in order to continue using FCM. We need to know if FCM is now GDPR compliant, and if not, what do we need to do to ensure that we can continue to use FCM under GDPR
--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/733dae6a-c99c-4207-98b1-ab86398107b5n%40googlegroups.com.
Nash Zhou
Mar 17, 2022, 2:47:48 PM3/17/22
to Firebase Google Group
Hello Kota,
After reading the privacy guide and data processing and security terms. My understanding is that FCM will collect the user's instanceId. If I delete InstanceId or prohibit the collection of instanceId, does that mean that I am in compliance with GDPR when using FCM? If not, do I need to do further encryption on the data transmitted by FCM to make FCM compliant with GDPR
Kato Richardson
Mar 18, 2022, 2:25:42 PM3/18/22
to Firebase Google Group
Hello Nash,
I can tell you that we believe Google is compliant as a data processor, since that's outlined in the privacy doc. We of course have encryption at rest/in transit/et al so that part should be covered.
I can't tell you what makes you compliant as the data controller; compliance is a complex topic even for legal advisors. I highly recommend consulting one.
I can tell you that we believe Google is compliant as a data processor, since that's outlined in the privacy doc. We of course have encryption at rest/in transit/et al so that part should be covered.
I don't hear many developers asking about Instance ID in regards to compliance, but I can't say why. Maybe it would help to check out some of the materials in our Play and App Store disclosure guides; they might be enlightening on exactly what info you need to disclose and consider before you track.
☼, Kato
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/c3de8bb9-2700-4542-9e32-6d6d67cfcf75n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages