It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
It's no use to write here in the forum, they won't listen. Everybody unhappy with the handling of private data has to contact user support. Until GOG fixes this issue they lost a customer. I also will not recommend GOG to anyone anymore.
high rated
avatar
elcook: ...
Hi elcook. I have a question. I know you are not allowed to talk about the privacy settings and profiles at the moment. But perhaps the legal department will allow you to answer this more general question:

Why does GOG consistently choose the worst path of implementing changes? I mean, you knew that the way you were going to implement the profiles would alienate part of your customers. Otherwise you wouldn't have made this thread. So why not go about changes in a less offensive way? It's the same story as with the installers. In both cases you had several non-intrusive options (which, in the case of the installers you were then forced to row back to), but you chose the most intrusive and alienating one.

So my question is (quite provocatively, I know): who at GOG insists on implementing changes in the worst possible way? And why hasn't (s)he been fired yet?
high rated
avatar
Lifthrasil: So my question is (quite provocatively, I know): who at GOG insists on implementing changes in the worst possible way? And why hasn't (s)he been fired yet?
I've been asking that myself... <Conspiracy mode on> Someone making those decisions is secretly on Valve's payroll?
high rated
avatar
Lifthrasil: So my question is (quite provocatively, I know): who at GOG insists on implementing changes in the worst possible way? And why hasn't (s)he been fired yet?
avatar
toxicTom: I've been asking that myself... <Conspiracy mode on> Someone making those decisions is secretly on Valve's payroll?
That is about the only thing that would make sense! ;-)
avatar
KnightW0lf: it's not backstabbing if they didn't say or make rules they where for or against privacy, if they said they where for and then turned around and then went against then yes they backstabbed you, so far since the rules are so broad back then, i feel like gog never really addressed anything heck zeogold told me the time there was no moderators for the forums and also gog didn't actually care x10 at that time.
avatar
xyem: Actually, they have said:
for
privacy
also this...
http://files.gog.com/new_policies/Privacy_Policy_GOG_EN.pdf

even the older one was pretty much the same Privacy Policy it just everyone had the idea gog would keep your data private which was not fully true, i think they got that idea for being anti company drm-free, user friendly Privacy...

avatar
toxicTom: I've been asking that myself... <Conspiracy mode on> Someone making those decisions is secretly on Valve's payroll?
avatar
Lifthrasil: That is about the only thing that would make sense! ;-)
even the older one was pretty much the same Privacy Policy it's just everyone had the idea gog would keep your data private which was not fully true, i think they got that idea for being anti company drm-free, user friendly Privacy... now they will have to comply with that new EU rule
even the steam forums are running chaotic now besides gog
https://steamcommunity.com/discussions/forum/0/1696044439569722897
Post edited April 27, 2018 by KnightW0lf
high rated
avatar
KnightW0lf: it's not backstabbing if they didn't say or make rules they where for or against privacy, if they said they where for and then turned around and then went against then yes they backstabbed you, so far since the rules are so broad back then, i feel like gog never really addressed anything heck zeogold told me the time there was no moderators for the forums and also gog didn't actually care x10 at that time.
DRM is already present in some GOG games - read up on SecuROM in Fear's multiplayer .exe, or apparently the expansion. The new Battletech game came out with required online authentication to get your pre-order goodies. Just to give two quick examples.

Original GOG license was pretty short. It had limited clauses covering privacy. This was vastly expanded when Galaxy was introduced, and despite many more words being used, not for the better. Unfortunately, a really, really LONG discussion about it was both ignored by GOG (as it appears to be now as well), and rife with "defenders" basing their entire arguments on "GOG won't do anything bad." When they weren't the typically handy "tinfoil hat conspiracy" accusations (because why bother bringing factual argumentation to an internet discussion anyway).

Current phrasing pretty much gives GOG an excuse to slap a "trusted partner" on anybody and give them whatever data they want to buy.

GOG was built on the claim that their motto is "customer first." This extends as much to DRM-free games as it should to privacy of their users. They should, at least, ask for permission before engaging in any kind of data-mining business, whether just for own use or not, and should respect the wish of those that do not want to participate in this. It's not like their web site did not work without "social media" trackers, scripts, or other similar crap. They could easily limit the scope of their database for those that did not OPT IN into the whole "social media" "experience" and still operate the site with profit.

Most importantly, GOG could do much better with limiting the terms of their Privacy Policy to ensure there is limited legal danger of them ever deciding to go against such wishes of their consumer base.

The fact that they did not, and continue not to, tells me more than some GOG employee coming to the forums with "well, we don't do that" line. That's not legally binding.

Honestly, I'd like one goddamn digital store to just sell me stuff with no "experience," no double-dipping for "monetization" by peddling any data I generate, no matter how insignificant.

GOG wants to compete with Steam, they better think long and hard how to provide a superior service, because attempting to emulate a much more powerful competitor is not a winning business approach.
Post edited April 28, 2018 by Lukaszmik
high rated
Wow, I was quite shocked with the new profiles/privacy default settings.

I did change them immediately now that I learned of them and also let them know via the support page that I did not consent to such a default setting without my prior agreement to it.
avatar
rfc: Wow, I was quite shocked with the new profiles/privacy default settings.

I did change them immediately now that I learned of them and also let them know via the support page that I did not consent to such a default setting without my prior agreement to it.
Then you'll soon get the "we have nothing to communicate" email like we all did. Sorry...
high rated
avatar
rfc: Wow, I was quite shocked with the new profiles/privacy default settings.

I did change them immediately now that I learned of them and also let them know via the support page that I did not consent to such a default setting without my prior agreement to it.
I regret to be the one to inform you, but even if you set everything to private, some of your information will leak through to your friends' profiles (which might be set to less private settings). Also certain information from you will stay in their... feeds(?).
This is all hearsay for me, mind you, as I have kicked all but one of my GOG friends after the profile update went live. (There is lots of information about this in the Introducing GOG Profiles thread.)

And of course everyone can still see how many games you've purchased, how many achievements you've earned and how many hours of your game time was logged with galaxy. One of the many issues I see with displaying the number of games is that it makes it easier for hackers ("crackers", actually) to determine which ones the "valuable" accounts are. If you want to stay on GOG my best advice would be to ask support to at least remove all those demos you no longer need, to get two step authentication and to consider a stronger password both for your GOG account and your email (also use different ones).
Post edited April 29, 2018 by HeartsAndRainbows
high rated
We've added an option to disable profile entirely, more information here.
high rated
avatar
elcook: We've added an option to disable profile entirely, more information here.
Are you going to answer Lifthrasil's post(605)? I'm sure many of us would be very interested in the answer(s).
avatar
Djaron: Source is GOG's current pricavy policy terms, i dunno whenever it was changed nor how the previous iteration was worded so i'll only use the current one https://support.gog.com/hc/en-us/articles/212632109-Privacy-Policy
(is it a reliable official enough source for you all ? if not, then it's useless)

Pay attention to the occurences and paragraphs containing the word "partners". Let's agree that, as GOG decided to do some kind of business of any sort with Facebook (i think at least THAT is sort of official already, right, you wont deny this i hope) and so, Facebook can be seen as a "partner" regarding this Privacy Policy of GOG.

"2.5 For personal information contained in this Privacy Policy which is used by GOG, GOG is the data controller under European Union data protection legislation. For personal information contained in this Privacy Policy which is used by our Partners in connection with GOG services, then the relevant partner(s) will be the data controller under European Union data protection legislation."

This one is pure bonkers, as we already know for sure that whatever could happen, and regardless of that being already contested in EU court so far (yet no closure or final decision), FB clearly states in its TOS and EULA that all of their activities (including what they do with users personal data, or data they gather from their partners - aka here GOG - will only be put under authority of the country's court that is the most beneficial to them (some USA state's court, not sure if it"s california or whatever), despite whatever country the user or the business partner may be based, and regardless FB has a local antenna (a juridictional entity) in said country.
So, as soon as any kind of data ill be shared between FB and GOG, FB will be allowed to do whatever they want with it without any concern for EU legislation ! It already happened enough so far... we should know the drill.

"5.1 We may collect, process and use information about you in the following ways (either directly or via our Partners as explained above): (a) information you give us via GOG services; (b) information given when you contact us or report a problem with GOG services; and (c) we may also ask you to complete surveys that we use for research purposes, although you don't have to respond to them. We may collect this information via GOG services or trusted third parties connected with us for optional things like surveys or polls."

So that indicate the scope and sources of said user data GOG has fromus. Of course, i mean, this is a standard term here (but still, notice how the whole partners' role is slipped up inside). So when you create and use a user account on GOG, you have to give some info for the GOG service(s) to work properly. Note that the soon "big announcement" about the whole "happy family all friends" social fest will create new areas of collecting data through new services within GOG.

[i]"7.1 All information you provide to us is stored on our secure servers or those of our trusted partner services. (snip additional tech related part of the paragraph, and this is a standard and expected one). Once we have received your information, we will use strict procedures and security to prevent unauthorised access to our servers.
All information you provide to us is stored on our secure servers or those of our trusted partner services"[/i]

I'd like you to go dig out about what FB clearly states regarding data that are stored in their own infrastructures and whatever rights they grant themselves over it as soon as said data become stored there.
And however, the standard TOS listing the kind of "rights" and actions they grant themselves (or other GAFMA companies as well, as it is a typical standard TOS of those lot) is claimed to be required for technical necessities... but believe me, it is a bit overkill and cleverly worded in a too wide and vague way, because if you were to list and word the rights and action you would require only for tech's sake, it wouldnt have to be worded like this ! A convenient excuse, and it's already a foretaste of those big companies' obvious real intent and personal interest (protip: such goals and interests are NOT in your favor in any way... for those GAFAM folks, WE are the product... which usually had the self-excusing argument that their services are free... but it went beyond that, because same TOS apply to subscription-based or paying services and members as well)

[i]"9.2 GOG services may also offer you easy and optional access to GOG-approved partners’ services, e.g. the websites and games provided by our sister company CD PROJEKT RED. In order to do this, we will need to share some of your personal information (e.g. your email address) with them, as long as you agree to it. This personal information will be protected under our partner’s privacy policy.

You can use GOG services to access cool stuff from GOG-approved partners. We will need to share some personal information with them (which you control). It is up to you if you want to use your GOG account for this or not."[/i]

Now pay extra attention to this last one. As soon and as long as FB is in business with GOG, you have to consider that FB is one of those partners listed in this paragraph.
Notice that information shared from GOG to FB will then be "protected" (or "treated") under this partner's privacy policy. I let you enjoy the whole fun that is FB's privacy policy, and what they did so far regarding that.
I'm quoting most of this post because it contains very important information that goes way beyond the relatively small infringement of publicly revealed amount of games and hours spent on them (now reversed as it's possible to hide your profile, like should have been possible from the start).

Your data getting transferred and analysed by Facebook? Now THAT is serious.
avatar
Pangaea666: ...
Is that another can of worms being opened? :P
avatar
Pangaea666: Your data getting transferred and analysed by Facebook? Now THAT is serious.
That's was just Djaron pure conjecture, just because they use Facebook authentication API as an optional method of authentication doesn't mean that they suddenly exchange any other information with them.
avatar
Pangaea666: Your data getting transferred and analysed by Facebook? Now THAT is serious.
avatar
Gersen: That's was just Djaron pure conjecture, just because they use Facebook authentication API as an optional method of authentication doesn't mean that they suddenly exchange any other information with them.
Not an unreasonable conclusion based on the privacy policy. However, as long as people are wise enough to NOT log in with Facebook, damage should at least be limited. Hopefully.

Some of the wording is pretty concerning though.