No, I didn't miss what you said. But as you are just another forum member (like I am), I don't think this is a good enough answer on my concerns. But I'll have a look at "the Galaxy thread" - normally I'm not following that.

My understanding of GDPR is the same as Gersen. So this doesn't seem like it would apply? Not a lawyer though and I'm sure GOG's lawyers have been over all of this already.

"Others can find me by email or username" - I don't mind people being able to find me by username, but I don't want anyone finding me by email.

To GOG Staff:

While I appreciate the heads up, I find it quite wrong and disrespectful towards your customers to set these to "friends only" and "everyone" by default.

You should know better that not everyone is active on the forums and not everyone is tech savvy, therefor they wouldn't know someone can watch their stuff from the shadows. Privacy is Privacy, please respect that.

I'm a person who likes to mind his own business so such a thing really ticks me off.

There's already enough monitoring and tracking online, would hate to see my favorite and only game store going down that route.

EDIT: Just read the above post by kalirion - I don't wish others to find me by email either. my username is enough.

I have to point something out.

In the privacy setttings there's the "nobody can find me" box. It's unchecked. When I check the box it becomes "others can find me". I find this very confusing. At first it looks like the option to not be "findable" is not chosen, so others can find you. But then when you check the box it also looks like you just set it so that the others can find you.

I hope I'm making sense.

I assume the "private" setting is the one where the box in unchecked, but I find this a very unclear way of toggling that option. Maybe I'm just stupid as a brick, but if so I assume I'm probably not the only one.

Great news ^^ It will be nice to finally have a profile page!

Agreed, I can also understand why some people would want private by default but pretty much every major site out there has profiles set to display by default, and there is a reason for that. This is because most people don't bother to change settings from there default value. So if they were made private by default, it would make the feature pretty useless because the majority of people probably would never bother to change the setting.

There is nothing that is personally identifiable on GOG really, so this would be more a superfluous change than practical imo. GOG is basically doing what every other site is doing, including it's main competitor.

---

Though I agree with what some people said, GOG should expand the options and break them down some more so you have more control over what is being shared.

Yup, it's very badly worded, wasn't sure if i'd ticked to be found or not.
Ticked you carn't be found, that's what i thought anyway.

They'd have to know it first though. But I agree I'd like to see the two separated.

Nope, it's not just you. I fiddled back and forth with it a couple times before I was confident I knew exactly what it was doing.

Why is the option to set our profile page public tied in with letting others see certain people on our friend's list? Doesn't that kinda defeat the purpose of the other option to hide friend's list? Sure the profile thing won't show them all at once but it still shows some of them occasionally if i'm understanding the description correctly.

What Gersen says is not entirely incorrect: explicit informed opt-in is not the only possible basis for processing personal data - if you need (regular, non-sensitive) personal data in order to be able to perform a core function of your company, or otherwise have a legitimate interest for using that personal data, or you need it to adhere to another legal requirement or ... - then that's just as valid. That phrasing, "legitimate interests", is however not a catch-all get-out-of-jail-for-free card. When that's your basis for processing, you need to make an explicit impartial assessment of your own interests versus the privacy-interests of your users/visitors, where the latter weigh quite heavily.

However, all of that is completely besides the point here. We're not discussing the basis on which gog is processing our personal data (most of what they have, they need to have simply to be able to give us a games library and such, and I can see the legitimate interests for the rest), but rather their privacy choices with how they then make that personal data visible to others in the upcoming profile feature. There, the GDPR has other requirements, with "privacy by design" and "privacy by default" being the important ones that gog seems to not interpret the way I would expect them to interpret them.

(I'm very much aware that in my day job I only discuss these issues in Dutch, and am unaware of the exact English terminology (and that despite originally reading the law in English), so my apologies there to anyone who's stumbling over my incorrect usage of terms with specific meanings.)

As an aside: Is anyone else as happily amazed as I am by just how much mindshare the GDPR has gotten? Who'd ever have thunk that a privacy-law would be so widely discussed, (mostly) understood and generally looked forward to?! Score one for the EU!

xD
Is that so?!
I guess it is ... sorry, have to go and change my settings ;-)

.. and don't forget Softporn Adventure ;-)

Please default to private. There is no reasonable expectation that all users will see this post before their info is made public without their knowledge.

I figured when it shows 'Nobody Can Find Me' then that's when it's set to private. There's no check in the box, but there is when it shows you can be found by e-mail or user name.

Maybe have to test this one out to be sure...