Illegal data collection Office 365 MAC
If you install Office 365 for MAC you get the question if you want to share full diagnostic data or basic diagnostic data, but you can’t select no data. According to the EU law this is not allowed (ref. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679).
Of course, you are collecting anonymized data (at least this is what you say), but technically you need an identifier (unique ID) for receiving data. This UID represents the customer and therefore this is personal data. If you really use no UID, there are technical solutions to analyze big data and find a specific information.
You are allowed to collect the data you need to be able to run the application, but not more. To give the use the possibility to choose between full or basic is not enough. There has to be the option “no data” and according the law the default value has to be no data. Only option in is allowed.
If you use Office 365 you will find a list of connections needed to run the system, but no information about what is send over this connections (https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges) Moreover there is no information which connection is needed for which feature. E. g. just for editing a text you need 12 different connections with word – are these connections really needed to run the application (see attachment).
Following I expect from a data company:
- Respect the laws and the data privacy;
- Be transparent with the connections and the data send (present the user the content of the diagnostic data)