Recently I have been thinking about sharing images with friends over messaging applications. Often messaging applications download images and store them on a the receivers device. As the person sharing the photo, I have little issue with this...I shared the photo after all. However, what if the receiver has some automated backup service enabled which backs up that image to a Google service or other backup service. Now I, as a user of the messaging application agreed to the terms and conditions for using that application. However I didn't agree to the terms of the backup and I might not be happy with the data I shared being used in the way. Assuming you fell out with a friend at a later date, could you be liable under GDPR for backing up photos you received from someone else, without their permission?
I believe gdpr holds true for business transactions, or where money or services are exchanged.<p>I don't believe it applies to non business transactions such as the for simple act of sharing something with another person where no receipt of transaction is provided.<p>There are other laws to protect you there such as libel and slander laws.
A very good point and nobody has any clue whatsoever because GDPR is a huge mess and it wasn't created with everyday realities of users in mind. That being said GDPR is probably better than nothing in terms of data rights and privacy but only marginally better.