I have just made the Customer Portal Public to showcase our GDPR compliance portal and noticed that it collects Name of the user wanting to register, but there is no way of grabbing this data afterwards. I am working together with a Creator Partner Developer.

We have had to request for the name of the user a second time after registration. This presents the question what happens to the data collected on registration? According to GDPR there must be a specific purpose for the collection of personal data. This seems to be a duplication of personal data collected, lacking a specific purpose?

I would suggest to Creator that they either

1. Make the Name available to the developer, or

2. Do not collect name with registration.

Feedback on this from Creator would be appreciated :)