But the start-up in a garage example was - at least, that's the way I read it - meant as there currently not being a level playing field with respect to end users, not necessarily employees. And let's be perfectly clear here: employers that are callous with their employees data are to be avoided like the plague, no matter where they are located.
As for your customers: yes, you should be careful with that data, and no, their feedback does not necessarily fall under the GDPR, only when it concerns the privacy of the individuals mentioned therein. But normally speaking such feedback would not be about such specifics but about the product itself.
Not tracking your users has a big impact on how a company is set up, what data marketing has access to, what data system administrators and sometimes even programmers have access to. Storing your data in an anonymized way can make good sense. It likely will impact your business, but leaking of that data will impact the lives of your customers more, so that's why the GDPR is written the way it is: you minimize your footprint to that which you need and you will be doing just fine.
"I like your Widget Max Pro, it's better than the Rival X1 I had last year. But I dropped it in the toilet and now it won't turn on, so I suspect you're lying about its IP56 rating".
Let's says that 1 out of every 3 product / service reviews is like this. Do you (a) block/filter them out and treat the remaining ones as non-personal data, or (b) treat your feedback pipelines/database as personal data regardless of whether some of the reviews are, somehow, devoid of personal data?
(Or (c), do you not think the example above contains personal data?)
Because it fails the Breyer test (no reasonably likely means of identification of the data subject), or the Nowak test (no link to a particular individual, by virtue of the data's content, purpose or effect)?
I'd say it definitely is my personal data, telling you - inter alia - about the objects I own, the opinions I hold, and my recent behaviour.
But the start-up in a garage example was - at least, that's the way I read it - meant as there currently not being a level playing field with respect to end users, not necessarily employees. And let's be perfectly clear here: employers that are callous with their employees data are to be avoided like the plague, no matter where they are located.
As for your customers: yes, you should be careful with that data, and no, their feedback does not necessarily fall under the GDPR, only when it concerns the privacy of the individuals mentioned therein. But normally speaking such feedback would not be about such specifics but about the product itself.
Not tracking your users has a big impact on how a company is set up, what data marketing has access to, what data system administrators and sometimes even programmers have access to. Storing your data in an anonymized way can make good sense. It likely will impact your business, but leaking of that data will impact the lives of your customers more, so that's why the GDPR is written the way it is: you minimize your footprint to that which you need and you will be doing just fine.