To: dpo@mozilla.com Dear Sir/Madam, could you please answer my following questions concerning the above-mentioned "experiment" rolled out with the latest release of Mozilla's Firefox web browser, depending on which I may decide to request review by a data protection authority: 1) Who is the data processor for the data collected and processed by the "aggregation system"/server? 2) If the processor is not based in the EU, which legal basis in the GDPR do you rely on for the non-EU processing of personal data? 3) Which data exactly is being collected and processed by the "aggregation system"/server? For example, does it include a browser identifier? 4) Which metadata exactly is being collected and processed by the "aggregation system"/server? For example, are IP addresses being logged? 5) Is a privacy policy on these operations, compliant with the GDPR, available concerning the "aggregation system"/server, and where?
https://digitalcourage.social/system/media_attachments/files/112/812/029/527/619/292/original/090988cd9e24ca81.png