Ask HN: Co-founder wants to leave messaging startup because of GDPR
7 by webish | 8 comments on Hacker News.
We are a building a messaging platform ina specific vertical which allows users to exchange text/photo and voice messages. We have hired a lawyer to write a privacy policy and terms of use but they have not been updated for GDPR yet. However, my (technical) co-founder thinks we are leaving ourselves open to litigation because of how are system is designed. When a message is deleted, only the user's access to the message is deleted. The message is preserved until all recipients have deleted it at which time the full contents of the message are permanently deleted. This was done for efficiency, otherwise we would need to keep a full copy of each message for each recipient. To me this isn't much different from email: when you delete an email you only delete your copy, not other people's. We are about a month from launch (we have both been working on it part time for 6 months) but my co-founder is having second thoughts. He doesn't want to spend the time and money to bring us into GDPR compliance. I have been learning to code and I feel I could maintain our current code but not redesign it all to comply with GDPR. I am hoping some more experienced startup folks can provide some advice about what I should do
7 by webish | 8 comments on Hacker News.
We are a building a messaging platform ina specific vertical which allows users to exchange text/photo and voice messages. We have hired a lawyer to write a privacy policy and terms of use but they have not been updated for GDPR yet. However, my (technical) co-founder thinks we are leaving ourselves open to litigation because of how are system is designed. When a message is deleted, only the user's access to the message is deleted. The message is preserved until all recipients have deleted it at which time the full contents of the message are permanently deleted. This was done for efficiency, otherwise we would need to keep a full copy of each message for each recipient. To me this isn't much different from email: when you delete an email you only delete your copy, not other people's. We are about a month from launch (we have both been working on it part time for 6 months) but my co-founder is having second thoughts. He doesn't want to spend the time and money to bring us into GDPR compliance. I have been learning to code and I feel I could maintain our current code but not redesign it all to comply with GDPR. I am hoping some more experienced startup folks can provide some advice about what I should do
Comments
Post a Comment