I want to comply with GDPR as best as possible. How do I do that with links?
Here is the situation:
A client sent me a file, which I edited. I then sent the file back using another service (Sharefile). The client seemed to have problems accessing the file, so I used the "copy link" feature in Dropbox and sent the link directly to the client.
At that point, the client seemed shocked and claimed that sharing a Dropbox link did not comply with GDPR. He seemed to (wrongly) believe that anyone would have access to the file. I explained that the link was private, so no one could access. In response, though, he said anyone with the link could access -- which is why he felt it was not GDPR compliant.
Is sharing a Dropbox link compatible with GDPR? While I still believe it is in fact compliant, I am wondering what to do going forward.