I would certainly have preferred to be informed beforehand, as well as opting in, and the whole "oh by the way, we do this now, and we only tell you because someone discovered it" approach is extremely sketchy.
That is of course assuming that the GDPR is being honoured, and that's a pretty big if. Most european companies are still struggling to be compliant, as _EVERYTHING_ that can identify you as an individual is to be handled. It also includes backups, and also when the authorities requires you to store data for 5-15 years, but also allows the right to be forgotten.
I know we've had our fun devising a scheme to delete records from archived backups.
The only way to check is to request your personal data from UBNT. The GDPR allows this free of charge, and they're obligated to hand over all personal information they have on you.
In any case, I already block all internet access for networking equipment, and based on this I added trace.svc.ui.com to PFBlockerNG, just to make it resolve to something local.
I know first hand how hard it is to get GDPR right, I've been extensivly involved in updating systems to comply. It's a lot of hard work and talking back and forth with lawyers to make sure we don't do anything stupid.
That is of course assuming that the GDPR is being honoured, and that's a pretty big if. Most european companies are still struggling to be compliant, as _EVERYTHING_ that can identify you as an individual is to be handled. It also includes backups, and also when the authorities requires you to store data for 5-15 years, but also allows the right to be forgotten.
I know we've had our fun devising a scheme to delete records from archived backups.
The only way to check is to request your personal data from UBNT. The GDPR allows this free of charge, and they're obligated to hand over all personal information they have on you.
In any case, I already block all internet access for networking equipment, and based on this I added trace.svc.ui.com to PFBlockerNG, just to make it resolve to something local.