As I understand it, the GDPR is primarily concerned with user's privacy. You can't have an opt-out if you want to sell data about the user - like name, email, browsing history, and that kind of stuff.
Data created by the user - such as a youtube video, HN comment, or whatever you want to call Figma - is probably still a wild west. That's more about intellectual property than privacy. The ToS of pretty much every single platform has included a mandatory licensing clause for ages, giving them the rights to do pretty much everything they want to.
> That's more about intellectual property than privacy
It is very important point and anybody who is working on something more innovative than few mockups for their next SaaS app is fuming from their ears.
Just to illustrate let's consider a scenario where we have a team of scientists working for a long period of time on a data structure which they have visualised in their Figma project.
Now let's say they forgot to turn the toggle off. In an instant all of their intellectual property earned through years of blood, sweat and tears is integrated into Figma's LLM. Just like that and without any attribution!!!
Data created by the user - such as a youtube video, HN comment, or whatever you want to call Figma - is probably still a wild west. That's more about intellectual property than privacy. The ToS of pretty much every single platform has included a mandatory licensing clause for ages, giving them the rights to do pretty much everything they want to.