context: despite multiple community inquiries, bubble still hasn’t published an AI privacy policy or clarified whether our apps/user data were/are used to train the bubble AI system.
which leaves app owners -who are responsible for complying with laws and regulations- in a challenging position: if bubble has used or is using our apps (and possibly user data/content) for AI training this raises compliance questions about our (in)ability to fulfill GDPR Art. 17 ‘right to be forgotten’ requests. once data becomes part of AI training datasets, complete deletion appears technically impossible…
for app owners with european users, how are you addressing GDPR Art. 17 compliance given uncertainty about bubble’s AI training practices?
are you
- concerned at all?
- relying on the ‘technical limitations’ exception in GDPR (with the ability to point to bubble as the ‘real culprit’)? if so, would that defense work going forward for new apps or only for existing apps (grandfathered in) but not for new apps…?
- considering alternative technology if bubble doesn’t provide clarity?
thoughts?