Handling delivery problems is normal and expected usage. As long as your lawyer is remotely competent, your ToS will cover that and no government on earth is going to disagree.

If you’re trying to do analytics, you don’t need PII - anonymized locations, sizes, bucketed prices, etc. will cover that and usually makes the process faster, too.

Look at it from a different perspective: does ignorance of food handling procedures or electrical wiring codes remove your obligation to follow safety regulations? This is the same thing for data: yes, it requires you to act as if you care about users’ privacy but that’s another way of saying that you’re no longer being subsidized by being allowed to fob the cost of negligence onto the users rather than being responsible. Everything which people have been talking about in this thread is already covered by accepted security best practices.

If you want this analysis you should plan for it. Mozilla does this for example. Any kind of profiling or monitoring goes through several layers to ensure the minimum amount of data necessary is collected.

If you want shipping analytics you'll have to decide that ahead of time. That way you reduce the risk for your customer in case you don't want to do this and if you do want it you still make an effort to reduce the data necessary.

You should keep in mind that the basic premise of the GDPR is that the shipping address isn't yours to begin with. It's personal data of your customer and ultimately belongs to them.

If they don't allow you to use it for analytics, tough luck.

> If you want this analysis you should plan for it.

Yes, I should be omniscient. Thanks for clearing that up.

> Any kind of profiling or monitoring goes through several layers to ensure the minimum amount of data necessary is collected.

Yes, because they need to collect it. It's not about looking at what they have.

> If you want shipping analytics you'll have to decide that ahead of time.

Again, I'm not omniscient. I can't figure out what my company will be doing in a year, and waiting another year to collect the data I already have could see me hemorrhaging money.

> You should keep in mind that the basic premise of the GDPR is that the shipping address isn't yours to begin with. It's personal data of your customer and ultimately belongs to them.

Which is an absolutely silly notion. It is the company's data, not the users.

> If they don't allow you to use it for analytics, tough luck.

Which is silly. It's the company's data; they should be able to use it to improve their business.

>Yes, I should be omniscient. Thanks for clearing that up.

Not omniscient but being able to plan ahead does help a lot, yes.

> It's not about looking at what they have.

Yes, because they only collect what's necessary and if they don't have that they ask if it's necessary and collect it.

>I can't figure out what my company will be doing in a year, and waiting another year to collect the data I already have could see me hemorrhaging money.

Then simply ask your customers to hand over data with consent to use it for analytics, problem solved, no?

>Which is an absolutely silly notion. It is the company's data, not the users.

No. Under GDPR this is no longer the case. The data belongs to the user now because corporations have shown time and time again that owning the user data is too much responsibility for them.

You do not own the customer data anymore, the customers own it. And they can decide what you're allowed to do with it.

End of story.

> You do not own the customer data anymore, the customers own it. And they can decide what you're allowed to do with it.

Which is entirely silly and basically contrary to everything else, e.g. data retention regulations that assume the company owns the data.

It's perfectly in line with existing German Data Regulations (although they get a minor update too with the DSGVO coming along with the GDPR). Data retention laws in Germany supersede the GDPR. The GDPR itself also mentions that any regulation and law in your jurisdiction may supersede anything in it.

Even that data isn't owned by you. You are merely responsible for keeping it safe while you have to store it. Ultimately it's the customers data. End of story.