Well, who does really. I just accept that Roon can pull logs or in the words of the T&C’s, Captures data.
I hereby give my full consent for Roon to capture my data online with their T&C’s, which I agreed to when I started using Roon and by checking the “I consent” tick box 
Just not my naked photos of me 
30+ years working with IT, and if you ask me, no one in their right mind would want to examine logs if there isn’t really a reason 
#LoosingTheWillToLive reading this thread. I ended up scrolling to the bottom and started listening to ‘Boredom’
There’s always one or two Edward Snowden’s in most forum’s / community pages. Now we know who ours are! Every cloud … 
Anyway, back to the music! 
There really should be more of them.
Find it troublesome that this is the support forum and an official answer is not given…yet…
You have misinterpreted the definition. The information must relate to you, i.e., the information could be used, on its own, or with other data, to identify you.
For instance, an email address, public IP address or post code are PII. However, your play history or artists contained in your library are not.
The logs do not contain PII.
I don’t think it’s troublesome, because I’m not sure what the issue is! As subscribers we have all read and agreed to the terms and conditions and as such we are in agreement with the provider of the service having access to the information stated in the T’s & C’s.
There is no where I have seen that stipulates that additional permissions and consents will be sought for the collection of this data other than in the agreement that concludes the contract that we take out as we commence the subscription and therefore it is beholden on us as the consumer to determine this before we finalise the subscription agreement.
I am concerned that it appears that many people do not fully read, comprehend and understand many of the contractual agreements that they enter into on a regular basis, not just in regard to Roon, but in many of the services that we commit to in especially in and around online/internet/digital providers.
Roon’s COO has replied directly in this thread, and has stated that the logs do not contain PII.
I considered an answer was given!?; i.e …
The GDPR / Data / Legal queens will love to get into all the detail and nuances, at a level most of us would not be that interested in anyway.
If my understanding is broadly correct, then for most people, that’s probably enough to decide. I made that decision at the very start of my journey with ROON.
Hi @Hestepare
I’m just going to pop this thread into a different category as it doesn’t quite fit the support requirement.
Darn it, I didn’t get your consent 
My bad 
To be honest, it’s nice of all of you to chime in but an official answer was and is all I’m after. My questions remain unanswered by Roon, and I suppose movng the thread from Support is convenient but it is also a way of making it less visible and thus less troublesome. Also I’m not sure I agree that it doesn’t fit in Support as it’s a place to go if you’ve «Got a question about using Roon».
Seriously, all I have been asking @danny and whoever else might know is whether this process of «pulling data without consent» is as bad as it sounds and whether it is legal. A simple «yes, we have considered your viewpoint and it’s fine», or «you’ve got the wrong idea, here’s the deal» could be enough but I think my questions are legitimate.
Non-EU people might not be familiar with privacy law so they might not quite see the issue, so their input is less useful. Roon is subject to EU regulations and if this question gets them to say «yes, we have everything covered» or helps them fix an error the thread has done its job.
They would if they were clear, easy to understand, concise & basically SHORT, but most are written by legal teams …
PII and personal data are not the same, and personal data includes data that can be linked to an identifiable person - not only data that identifies a person.
I think we’re going around in circles now. The GPDR concerns PII, and not non-specific information you may have. Your initial questions have been answered, so there is nothing more to say.
The irony is strong here…most if not all are are constructed by legal teams to ensure that they cover as many bases/eventualities as possible.
Yes, they are also composed in such a way to protect the service provider, but in doing so they are not able to alienate, bamboozle or defraud the customer.
They are also long and complicated in most cases due to the frequency of vexatious attempts by the terminally feeble to prove ‘duty of care’ when they have attempted to cleanse themselves from viral particles by drinking bleach, or some such nonsense.
With all due respect Martin this is patently false. You might wish to familiarise yourself with Article 4 of the GDPR which clearly defines ‘personal data’ in the context of the Regulation.
for quick reference:
For interest as far as the ToC/Contractual argument goes this is a non-starter. These have to be both fair and lawful. Such processing is clearly not necessary for the purposes of fulfilling the contractual relationship between the parties concerned. Therefore any such clauses are likely unenforceable. This is especially true given that such processing is almost certain to be considered as analytical in nature.
I have personally discussed this issue with several supervisory authorities who have all unequivocally warned against the use of artificial contractual terms/clauses designed for the express intent of circumventing the lawful gathering of consent.
Fortunately this is no longer an argument I need to have as legal precedent has been set and at least one ‘Digital Gatekeeper’ has been fined a significant sum for this exact practice.
