I did wonder that. While technically that's true, in reality I believe:
- They are under no obligation to keep your data if they delete your account
- They are under no obligation to give you your data in a human-readable format
- If they are unable to securely validate your identity, they would have a stronger obligation to refuse
- There are caveats for when extracting your data would be disproportionately difficult.
For example, if they encrypt emails individually at rest and then throw away the decryption key attached to your account login record, I don't know what legal recourse you would have.
That's not to say categorically you're wrong. I suspect you might be right, and I imagine that Vivaldi themselves might be extremely helpful. It's quite a new service though, and I haven't seen any evidence one way or another.
- They are under no obligation to keep your data if they delete your account
- They are under no obligation to give you your data in a human-readable format
- If they are unable to securely validate your identity, they would have a stronger obligation to refuse
- There are caveats for when extracting your data would be disproportionately difficult.
For example, if they encrypt emails individually at rest and then throw away the decryption key attached to your account login record, I don't know what legal recourse you would have.
That's not to say categorically you're wrong. I suspect you might be right, and I imagine that Vivaldi themselves might be extremely helpful. It's quite a new service though, and I haven't seen any evidence one way or another.