What kind of personal data could exist in a corporate intranet that an EU person would be able to request for portability?
I guess a person's halloween costume, or similar picture. But what if there were other people in the picture who didn't wish to give consent to it being migrated? Or there were company proprietary charts and plans also in the same picture?
I know there are some private information fields in the user profile, like name, phone number, skills, biography, social media handles (Twitter, LinkedIn, Facebook) along with some possible personal-related posts/discussions in networking groups/spaces with a pure social/team building focus.
I don't realistically see people undergoing these kinds of data migrations.
Isn't this GDPR right more related to public-internet facing social media data?
Any clues how people are accounting for this in their organizations' GDPR compliancy policies would be much appreciated.
As far as we're concerned (as an external site), the Jive APIs go a long way to satisfying the data portability requirement.. users can use the API to get at the data in a widely used structured format (JSON). We're giving users a page that tells them what APIs are available to get at their data.