Symfony Profiler

Query Metrics

1 Database Queries

1 Different statements

26.65 ms Query time

0 Invalid entities

0 Cache hits

0 Cache misses

0 Cache puts

Queries

Group similar statements

#▲	Time	Info
1	26.65 ms	INSERT INTO messenger_messages (body, headers, queue_name, created_at, available_at) VALUES(?, ?, ?, ?, ?) Parameters: ["{"payload":"{\"@context\":[\"https:\/\/join-lemmy.org\/context.json\",\"https:\/\/www.w3.org\/ns\/activitystreams\"],\"actor\":\"https:\/\/lemmy.ml\/c\/privacy\",\"to\":[\"https:\/\/www.w3.org\/ns\/activitystreams#Public\"],\"object\":{\"id\":\"https:\/\/piefed.social\/c\/privacy\/p\/1464763\/i-tried-to-delete-my-civitai-account-under-gdpr-the-system-failed-me-because-no-one-car\",\"actor\":\"https:\/\/piefed.social\/u\/kind_neighborhood\",\"type\":\"Page\",\"attributedTo\":\"https:\/\/piefed.social\/u\/kind_neighborhood\",\"to\":[\"https:\/\/lemmy.ml\/c\/privacy\",\"https:\/\/www.w3.org\/ns\/activitystreams#Public\"],\"name\":\"I tried to delete my CivitAI account under GDPR. The system failed me - because no one cares\",\"cc\":[],\"content\":\"<p>I decided to finally clean up an old account on CivitAI (https:\/\/civitai.com\/). Nothing unusual - I just wanted to exercise my right to be forgotten, the one I heard about so much on Reddit before, being a regular lurker. <\/p>\\n<p>I sent them a polite email citing Article 17 GDPR. Gave them enough info to find me (email, username, first login date, payment history). Didn\u2019t use my real name, didn\u2019t log in - partly because I didn\u2019t want to trigger Cloudflare\u2019s fingerprinting again. <\/p>\\n<p>Their reply? <\/p>\\n<blockquote>\\n<p>\u201cWhen users delete their account, this action is permanent, since we delete any and all data associated with that account.\u201d <\/p>\\n<\/blockquote>\\n<p>Maybe? There\u2019s no way to verify their claim without re-engaging. No public deletion policy (https:\/\/civitai.com\/content\/privacy). No confirmation. No alternative. Only if you log in to do it. Which means triggering Cloudflare\u2019s tracking system again.<br\/>\\nI shouldn\u2019t have to expose myself to surveillance just to ask to be forgotten. <\/p>\\n<p>Honestly, I was taken aback a little. But fair enough, I thought. I still have a shield for myself - let\u2019s escalate. <\/p>\\n<p>I filed with the Irish Data Protection Commission (DPC) - mostly because they accept anonymous, English requests.<br\/>\\nThey closed my case within days with this: <\/p>\\n<blockquote>\\n<p>You\u2019re from Ukraine. Not our problem. <\/p>\\n<\/blockquote>\\n<p>No discussion of whether CivitAI targets EU users (they do!). No interest in the fact they process personal data globally. Didn\u2019t even ask if I was in the EU at that time. Just a flat rejection based on my location. <\/p>\\n<p>Fine. Maybe NGOs can help?<br\/>\\nI contacted:<br\/>\\n- Access Now<br\/>\\n- EDRi<br\/>\\n- Digitalcourage<br\/>\\n- epicenter.works<br\/>\\n- Even tried the UK ICO (turns out, CivitAI blocks UK users now, so no luck there)<br\/>\\nOut of all of them, only <strong>epicenter.works replied<\/strong> - twice - telling me to contact <strong>noyb<\/strong>.<br\/>\\nWhich is silly, because I already did. Over a month ago. Still no reply. <\/p>\\n<p>So here I am.<br\/>\\nI did everything I could - correctly, thoroughly, and in good faith. But all I got in return is silence, deflection, bureaucracy.<br\/>\\nDon\u2019t get me wrong - I still believe in the idea of GDPR. I want to believe in it. But the enforcement? It\u2019s a paper tiger. All bark, no bite. And worst of all, it doesn\u2019t even have self-respect - happy to roll over the moment someone shows up without an EU passport.<br\/>\\nThis wasn\u2019t about being petty or creating drama. I just wanted to get in control of my data, as was promised by the GDPR declaration.<br\/>\\nBut apparently, even that is too much to ask. <\/p>\\n<p>Anyway, vent over. Just wanted to share this so others don\u2019t waste months chasing rainbows like I did. <\/p>\\n<p>And maybe - just maybe - someone at noyb, DPC, or CivitAI will finally read it and feel ashamed enough to act. <\/p>\\n<p>P.S. Why I\u2019m posting it here:<br\/>\\n- I think it fits this community topic<br\/>\\n- This post was removed from r\/gdpr by moderators<br\/>\\n- Some subreddits ignored my request to approve this post on their subreddits<br\/>\\n- r\/privacy requires karma to post<br\/>\\n- I was shadowbanned by Reddit for no apparent reason<br\/>\\n- Similar post saw zero reaction on Mastodon instance<br\/>\\n- Twitter & Bluesky requires solving a captcha that I\u2019m incapable of solving<br\/>\\nIn addition, since the initial post on Reddit and Mastodon weeks ago, I\u2019ve sent emails to various privacy oriented news outlets and public organizations, but I was ignored by all, but EFF which replied \u201cwe can\u2019t help you\u201d. <\/p>\\n<p>EDIT: To clarify a recurring point: GDPR does not require you to be an EU citizen or resident to be protected.<br\/>\\nUnder Article 3(2), it applies to any company that offers goods\/services to people in the EU - even if the user is from Ukraine, the US, or elsewhere. <\/p>\\n<hr\/>\\n<p>Proof (screenshots) <\/p>\\n<blockquote>\\n<p><a href=\\\"https:\/\/i.postimg.cc\/HLCZLyh3\/issue-civitai-gdpr1.png\\\" rel=\\\"nofollow ugc\\\" target=\\\"_blank\\\"><img alt=\\\"Screenshot-1: Original Request\\\" loading=\\\"lazy\\\" src=\\\"https:\/\/i.postimg.cc\/HLCZLyh3\/issue-civitai-gdpr1.png\\\"\/><\/a><br\/>\\n<em>My GDPR request sent to support@.<\/em> <\/p>\\n<\/blockquote>\\n<blockquote>\\n<p><a href=\\\"https:\/\/i.postimg.cc\/wBdfBmGf\/issue-civitai-gdpr2.png\\\" rel=\\\"nofollow ugc\\\" target=\\\"_blank\\\"><img alt=\\\"Screenshot-2: Formal Notice\\\" loading=\\\"lazy\\\" src=\\\"https:\/\/i.postimg.cc\/wBdfBmGf\/issue-civitai-gdpr2.png\\\"\/><\/a><br\/>\\n<em>Reasserting rights after their first refusal.<\/em> <\/p>\\n<\/blockquote>\\n<blockquote>\\n<p><a href=\\\"https:\/\/i.postimg.cc\/VktZ1RDz\/issue-civitai-gdpr3.png\\\" rel=\\\"nofollow ugc\\\" target=\\\"_blank\\\"><img alt=\\\"Screenshot-3: CivitAI Response\\\" loading=\\\"lazy\\\" src=\\\"https:\/\/i.postimg.cc\/VktZ1RDz\/issue-civitai-gdpr3.png\\\"\/><\/a><br\/>\\n<em>\\\"Use the button.\u201d No erasure guarantee.<\/em> <\/p>\\n<\/blockquote>\\n<blockquote>\\n<p><a href=\\\"https:\/\/i.postimg.cc\/3wHSwvcB\/issue-civitai-gdpr4.png\\\" rel=\\\"nofollow ugc\\\" target=\\\"_blank\\\"><img alt=\\\"Screenshot-4: DPC Rejection\\\" loading=\\\"lazy\\\" src=\\\"https:\/\/i.postimg.cc\/3wHSwvcB\/issue-civitai-gdpr4.png\\\"\/><\/a><br\/>\\n<em>Irish DPC closes case based on nationality.<\/em><\/p>\\n<\/blockquote>\\n\",\"mediaType\":\"text\/html\",\"source\":{\"content\":\"I decided to finally clean up an old account on CivitAI (https:\/\/civitai.com\/). Nothing unusual - I just wanted to exercise my right to be forgotten, the one I heard about so much on Reddit before, being a regular lurker. \\r\\n\\r\\nI sent them a polite email citing Article 17 GDPR. Gave them enough info to find me (email, username, first login date, payment history). Didn\u2019t use my real name, didn\u2019t log in - partly because I didn\u2019t want to trigger Cloudflare\u2019s fingerprinting again. \\r\\n\\r\\nTheir reply? \\r\\n\\r\\n> \\\"When users delete their account, this action is permanent, since we delete any and all data associated with that account.\\\" \\r\\n\\r\\nMaybe? There\u2019s no way to verify their claim without re-engaging. No public deletion policy (https:\/\/civitai.com\/content\/privacy). No confirmation. No alternative. Only if you log in to do it. Which means triggering Cloudflare\u2019s tracking system again. \\r\\nI shouldn\u2019t have to expose myself to surveillance just to ask to be forgotten. \\r\\n\\r\\nHonestly, I was taken aback a little. But fair enough, I thought. I still have a shield for myself - let\u2019s escalate. \\r\\n\\r\\nI filed with the Irish Data Protection Commission (DPC) - mostly because they accept anonymous, English requests. \\r\\nThey closed my case within days with this: \\r\\n> You\u2019re from Ukraine. Not our problem. \\r\\n\\r\\nNo discussion of whether CivitAI targets EU users (they do!). No interest in the fact they process personal data globally. Didn\u2019t even ask if I was in the EU at that time. Just a flat rejection based on my location. \\r\\n\\r\\nFine. Maybe NGOs can help? \\r\\nI contacted: \\r\\n- Access Now \\r\\n- EDRi \\r\\n- Digitalcourage \\r\\n- epicenter.works \\r\\n- Even tried the UK ICO (turns out, CivitAI blocks UK users now, so no luck there) \\r\\nOut of all of them, only epicenter.works replied - twice - telling me to contact noyb. \\r\\nWhich is silly, because I already did. Over a month ago. Still no reply. \\r\\n\\r\\nSo here I am. \\r\\nI did everything I could - correctly, thoroughly, and in good faith. But all I got in return is silence, deflection, bureaucracy. \\r\\nDon\u2019t get me wrong - I still believe in the idea of GDPR. I want to believe in it. But the enforcement? It\u2019s a paper tiger. All bark, no bite. And worst of all, it doesn\u2019t even have self-respect - happy to roll over the moment someone shows up without an EU passport. \\r\\nThis wasn\u2019t about being petty or creating drama. I just wanted to get in control of my data, as was promised by the GDPR declaration. \\r\\nBut apparently, even that is too much to ask. \\r\\n\\r\\nAnyway, vent over. Just wanted to share this so others don\u2019t waste months chasing rainbows like I did. \\r\\n\\r\\nAnd maybe - just maybe - someone at noyb, DPC, or CivitAI will finally read it and feel ashamed enough to act. \\r\\n\\r\\nP.S. Why I'm posting it here: \\r\\n- I think it fits this community topic \\r\\n- This post was removed from r\/gdpr by moderators \\r\\n- Some subreddits ignored my request to approve this post on their subreddits \\r\\n- r\/privacy requires karma to post \\r\\n- I was shadowbanned by Reddit for no apparent reason \\r\\n- Similar post saw zero reaction on Mastodon instance \\r\\n- Twitter & Bluesky requires solving a captcha that I'm incapable of solving \\r\\nIn addition, since the initial post on Reddit and Mastodon weeks ago, I've sent emails to various privacy oriented news outlets and public organizations, but I was ignored by all, but EFF which replied \\\"we can't help you\\\". \\r\\n\\r\\nEDIT: To clarify a recurring point: GDPR does not require you to be an EU citizen or resident to be protected. \\r\\nUnder Article 3(2), it applies to any company that offers goods\/services to people in the EU - even if the user is from Ukraine, the US, or elsewhere. \\r\\n\\r\\n\\r\\n--- \\r\\n\\r\\nProof (screenshots) \\r\\n\\r\\n> [![Screenshot-1: Original Request](https:\/\/i.postimg.cc\/HLCZLyh3\/issue-civitai-gdpr1.png)](https:\/\/i.postimg.cc\/HLCZLyh3\/issue-civitai-gdpr1.png) \\r\\n> My GDPR request sent to support@. \\r\\n\\r\\n> [![Screenshot-2: Formal Notice](https:\/\/i.postimg.cc\/wBdfBmGf\/issue-civitai-gdpr2.png)](https:\/\/i.postimg.cc\/wBdfBmGf\/issue-civitai-gdpr2.png) \\r\\n> Reasserting rights after their first refusal. \\r\\n\\r\\n> [![Screenshot-3: CivitAI Response](https:\/\/i.postimg.cc\/VktZ1RDz\/issue-civitai-gdpr3.png)](https:\/\/i.postimg.cc\/VktZ1RDz\/issue-civitai-gdpr3.png) \\r\\n> \\\"Use the button.\\\" No erasure guarantee. \\r\\n\\r\\n> [![Screenshot-4: DPC Rejection](https:\/\/i.postimg.cc\/3wHSwvcB\/issue-civitai-gdpr4.png)](https:\/\/i.postimg.cc\/3wHSwvcB\/issue-civitai-gdpr4.png) \\r\\n> Irish DPC closes case based on nationality.\",\"mediaType\":\"text\/markdown\"},\"attachment\":[],\"sensitive\":false,\"published\":\"2025-11-11T14:36:24.063725Z\",\"updated\":\"2025-11-11T17:52:16.591168Z\",\"language\":{\"identifier\":\"en\",\"name\":\"English\"},\"audience\":\"https:\/\/lemmy.ml\/c\/privacy\",\"tag\":[{\"href\":\"https:\/\/piefed.social\/tag\/europe\",\"name\":\"#europe\",\"type\":\"Hashtag\"},{\"href\":\"https:\/\/piefed.social\/tag\/privacy\",\"name\":\"#privacy\",\"type\":\"Hashtag\"},{\"href\":\"https:\/\/piefed.social\/tag\/gdpr\",\"name\":\"#gdpr\",\"type\":\"Hashtag\"}]},\"cc\":[\"https:\/\/lemmy.ml\/c\/privacy\/followers\"],\"type\":\"Announce\",\"id\":\"https:\/\/lemmy.ml\/activities\/announce\/page\/72642c52-9c1b-4f70-bf9b-8c2eded17249\"}","request":{"host":"kbin.spritesserver.nl","method":"POST","uri":"\/f\/inbox","client_ip":"54.36.178.108"},"headers":{"content-type":["application\/activity+json"],"host":["kbin.spritesserver.nl"],"date":["Tue, 11 Nov 2025 17:52:18 GMT"],"digest":["SHA-256=tV9bEx8i4LZRQ7u+vHQwAE8gwltdLxW4bBVnwGKaKY0="],"signature":["keyId=\"https:\/\/lemmy.ml\/c\/privacy#main-key\",algorithm=\"hs2019\",headers=\"(request-target) content-type date digest host\",signature=\"HgC8QgJ39+eFc+kVlD1\/YK\/cJ2+y8CwAodyctvhcAp8ueHS5+s6gUoXQUHP1t7QF89tI1dElyMZGo3AUS4QPOsNMU1XN8w++Tpas4AAiSyIqz+H+XBkK\/WGPB27RvRwGZ3UJTyfxzLuxSZWtFHbzHNAGjDxX+UaeWNla8mZvxiDf7ME6awaMfJh7R4DibBTMZg3anrueblU4IgPncm8oDFvl3U5MYozgYwf294avAqBl3oKzDG82WlMIFkfk\/oCRZTGyg+t1xTnvy6+IJPmz2k90xamgqbw5XOzX+sTw6zZoy7qvBnt3QrWFrcCnksbOZZq17ztM6BsaR1I0B\/GU1g==\""],"accept":["\/"],"user-agent":["Lemmy\/0.19.13; +https:\/\/lemmy.ml"],"accept-encoding":["gzip"],"content-length":["11293"],"x-php-ob-level":["1"]}}" "{"type":"App\\Message\\ActivityPub\\Inbox\\ActivityMessage","X-Message-Stamp-Symfony\\Component\\Messenger\\Stamp\\BusNameStamp":"[{\"busName\":\"messenger.bus.default\"}]","Content-Type":"application\/json"}" "default" "2025-11-11 17:52:18" "2025-11-11 17:52:18"] View formatted query View runnable query Explain query INSERT INTO messenger_messages ( body, headers, queue_name, created_at, available_at ) VALUES (?, ?, ?, ?, ?) INSERT INTO messenger_messages (body, headers, queue_name, created_at, available_at) VALUES('{\"payload\":\"{\\\"@context\\\":[\\\"https:\\/\\/join-lemmy.org\\/context.json\\\",\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams\\\"],\\\"actor\\\":\\\"https:\\/\\/lemmy.ml\\/c\\/privacy\\\",\\\"to\\\":[\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams#Public\\\"],\\\"object\\\":{\\\"id\\\":\\\"https:\\/\\/piefed.social\\/c\\/privacy\\/p\\/1464763\\/i-tried-to-delete-my-civitai-account-under-gdpr-the-system-failed-me-because-no-one-car\\\",\\\"actor\\\":\\\"https:\\/\\/piefed.social\\/u\\/kind_neighborhood\\\",\\\"type\\\":\\\"Page\\\",\\\"attributedTo\\\":\\\"https:\\/\\/piefed.social\\/u\\/kind_neighborhood\\\",\\\"to\\\":[\\\"https:\\/\\/lemmy.ml\\/c\\/privacy\\\",\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams#Public\\\"],\\\"name\\\":\\\"I tried to delete my CivitAI account under GDPR. The system failed me - because no one cares\\\",\\\"cc\\\":[],\\\"content\\\":\\\"<p>I decided to finally clean up an old account on CivitAI (https:\\/\\/civitai.com\\/). Nothing unusual - I just wanted to exercise my right to be forgotten, the one I heard about so much on Reddit before, being a regular lurker. <\\/p>\\\\n<p>I sent them a polite email citing Article 17 GDPR. Gave them enough info to find me (email, username, first login date, payment history). Didn\\u2019t use my real name, didn\\u2019t log in - partly because I didn\\u2019t want to trigger Cloudflare\\u2019s fingerprinting again. <\\/p>\\\\n<p>Their reply? <\\/p>\\\\n<blockquote>\\\\n<p>\\u201cWhen users delete their account, this action is permanent, since we delete any and all data associated with that account.\\u201d <\\/p>\\\\n<\\/blockquote>\\\\n<p>Maybe? There\\u2019s no way to verify their claim without re-engaging. No public deletion policy (https:\\/\\/civitai.com\\/content\\/privacy). No confirmation. No alternative. Only if you log in to do it. Which means triggering Cloudflare\\u2019s tracking system again.<br\\/>\\\\nI shouldn\\u2019t have to expose myself to surveillance just to ask to be forgotten. <\\/p>\\\\n<p>Honestly, I was taken aback a little. But fair enough, I thought. I still have a shield for myself - let\\u2019s escalate. <\\/p>\\\\n<p>I filed with the Irish Data Protection Commission (DPC) - mostly because they accept anonymous, English requests.<br\\/>\\\\nThey closed my case within days with this: <\\/p>\\\\n<blockquote>\\\\n<p>You\\u2019re from Ukraine. Not our problem. <\\/p>\\\\n<\\/blockquote>\\\\n<p>No discussion of whether CivitAI targets EU users (they do!). No interest in the fact they process personal data globally. Didn\\u2019t even ask if I was in the EU at that time. Just a flat rejection based on my location. <\\/p>\\\\n<p>Fine. Maybe NGOs can help?<br\\/>\\\\nI contacted:<br\\/>\\\\n- Access Now<br\\/>\\\\n- EDRi<br\\/>\\\\n- Digitalcourage<br\\/>\\\\n- epicenter.works<br\\/>\\\\n- Even tried the UK ICO (turns out, CivitAI blocks UK users now, so no luck there)<br\\/>\\\\nOut of all of them, only <strong>epicenter.works replied<\\/strong> - twice - telling me to contact <strong>noyb<\\/strong>.<br\\/>\\\\nWhich is silly, because I already did. Over a month ago. Still no reply. <\\/p>\\\\n<p>So here I am.<br\\/>\\\\nI did everything I could - correctly, thoroughly, and in good faith. But all I got in return is silence, deflection, bureaucracy.<br\\/>\\\\nDon\\u2019t get me wrong - I still believe in the idea of GDPR. I want to believe in it. But the enforcement? It\\u2019s a paper tiger. All bark, no bite. And worst of all, it doesn\\u2019t even have self-respect - happy to roll over the moment someone shows up without an EU passport.<br\\/>\\\\nThis wasn\\u2019t about being petty or creating drama. I just wanted to get in control of my data, as was promised by the GDPR declaration.<br\\/>\\\\nBut apparently, even that is too much to ask. <\\/p>\\\\n<p>Anyway, vent over. Just wanted to share this so others don\\u2019t waste months chasing rainbows like I did. <\\/p>\\\\n<p>And maybe - just maybe - someone at noyb, DPC, or CivitAI will finally read it and feel ashamed enough to act. <\\/p>\\\\n<p>P.S. Why I\\u2019m posting it here:<br\\/>\\\\n- I think it fits this community topic<br\\/>\\\\n- This post was removed from r\\/gdpr by moderators<br\\/>\\\\n- Some subreddits ignored my request to approve this post on their subreddits<br\\/>\\\\n- r\\/privacy requires karma to post<br\\/>\\\\n- I was shadowbanned by Reddit for no apparent reason<br\\/>\\\\n- Similar post saw zero reaction on Mastodon instance<br\\/>\\\\n- Twitter & Bluesky requires solving a captcha that I\\u2019m incapable of solving<br\\/>\\\\nIn addition, since the initial post on Reddit and Mastodon weeks ago, I\\u2019ve sent emails to various privacy oriented news outlets and public organizations, but I was ignored by all, but EFF which replied \\u201cwe can\\u2019t help you\\u201d. <\\/p>\\\\n<p>EDIT: To clarify a recurring point: GDPR does not require you to be an EU citizen or resident to be protected.<br\\/>\\\\nUnder Article 3(2), it applies to any company that offers goods\\/services to people in the EU - even if the user is from Ukraine, the US, or elsewhere. <\\/p>\\\\n<hr\\/>\\\\n<p>Proof (screenshots) <\\/p>\\\\n<blockquote>\\\\n<p><a href=\\\\\\\"https:\\/\\/i.postimg.cc\\/HLCZLyh3\\/issue-civitai-gdpr1.png\\\\\\\" rel=\\\\\\\"nofollow ugc\\\\\\\" target=\\\\\\\"_blank\\\\\\\"><img alt=\\\\\\\"Screenshot-1: Original Request\\\\\\\" loading=\\\\\\\"lazy\\\\\\\" src=\\\\\\\"https:\\/\\/i.postimg.cc\\/HLCZLyh3\\/issue-civitai-gdpr1.png\\\\\\\"\\/><\\/a><br\\/>\\\\n<em>My GDPR request sent to support@.<\\/em> <\\/p>\\\\n<\\/blockquote>\\\\n<blockquote>\\\\n<p><a href=\\\\\\\"https:\\/\\/i.postimg.cc\\/wBdfBmGf\\/issue-civitai-gdpr2.png\\\\\\\" rel=\\\\\\\"nofollow ugc\\\\\\\" target=\\\\\\\"_blank\\\\\\\"><img alt=\\\\\\\"Screenshot-2: Formal Notice\\\\\\\" loading=\\\\\\\"lazy\\\\\\\" src=\\\\\\\"https:\\/\\/i.postimg.cc\\/wBdfBmGf\\/issue-civitai-gdpr2.png\\\\\\\"\\/><\\/a><br\\/>\\\\n<em>Reasserting rights after their first refusal.<\\/em> <\\/p>\\\\n<\\/blockquote>\\\\n<blockquote>\\\\n<p><a href=\\\\\\\"https:\\/\\/i.postimg.cc\\/VktZ1RDz\\/issue-civitai-gdpr3.png\\\\\\\" rel=\\\\\\\"nofollow ugc\\\\\\\" target=\\\\\\\"_blank\\\\\\\"><img alt=\\\\\\\"Screenshot-3: CivitAI Response\\\\\\\" loading=\\\\\\\"lazy\\\\\\\" src=\\\\\\\"https:\\/\\/i.postimg.cc\\/VktZ1RDz\\/issue-civitai-gdpr3.png\\\\\\\"\\/><\\/a><br\\/>\\\\n<em>\\\\\\\"Use the button.\\u201d No erasure guarantee.<\\/em> <\\/p>\\\\n<\\/blockquote>\\\\n<blockquote>\\\\n<p><a href=\\\\\\\"https:\\/\\/i.postimg.cc\\/3wHSwvcB\\/issue-civitai-gdpr4.png\\\\\\\" rel=\\\\\\\"nofollow ugc\\\\\\\" target=\\\\\\\"_blank\\\\\\\"><img alt=\\\\\\\"Screenshot-4: DPC Rejection\\\\\\\" loading=\\\\\\\"lazy\\\\\\\" src=\\\\\\\"https:\\/\\/i.postimg.cc\\/3wHSwvcB\\/issue-civitai-gdpr4.png\\\\\\\"\\/><\\/a><br\\/>\\\\n<em>Irish DPC closes case based on nationality.<\\/em><\\/p>\\\\n<\\/blockquote>\\\\n\\\",\\\"mediaType\\\":\\\"text\\/html\\\",\\\"source\\\":{\\\"content\\\":\\\"I decided to finally clean up an old account on CivitAI (https:\\/\\/civitai.com\\/). Nothing unusual - I just wanted to exercise my right to be forgotten, the one I heard about so much on Reddit before, being a regular lurker. \\\\r\\\\n\\\\r\\\\nI sent them a polite email citing Article 17 GDPR. Gave them enough info to find me (email, username, first login date, payment history). Didn\\u2019t use my real name, didn\\u2019t log in - partly because I didn\\u2019t want to trigger Cloudflare\\u2019s fingerprinting again. \\\\r\\\\n\\\\r\\\\nTheir reply? \\\\r\\\\n\\\\r\\\\n> \\\\\\\"When users delete their account, this action is permanent, since we delete any and all data associated with that account.\\\\\\\" \\\\r\\\\n\\\\r\\\\nMaybe? There\\u2019s no way to verify their claim without re-engaging. No public deletion policy (https:\\/\\/civitai.com\\/content\\/privacy). No confirmation. No alternative. Only if you log in to do it. Which means triggering Cloudflare\\u2019s tracking system again. \\\\r\\\\nI shouldn\\u2019t have to expose myself to surveillance just to ask to be forgotten. \\\\r\\\\n\\\\r\\\\nHonestly, I was taken aback a little. But fair enough, I thought. I still have a shield for myself - let\\u2019s escalate. \\\\r\\\\n\\\\r\\\\nI filed with the Irish Data Protection Commission (DPC) - mostly because they accept anonymous, English requests. \\\\r\\\\nThey closed my case within days with this: \\\\r\\\\n> You\\u2019re from Ukraine. Not our problem. \\\\r\\\\n\\\\r\\\\nNo discussion of whether CivitAI targets EU users (they do!). No interest in the fact they process personal data globally. Didn\\u2019t even ask if I was in the EU at that time. Just a flat rejection based on my location. \\\\r\\\\n\\\\r\\\\nFine. Maybe NGOs can help? \\\\r\\\\nI contacted: \\\\r\\\\n- Access Now \\\\r\\\\n- EDRi \\\\r\\\\n- Digitalcourage \\\\r\\\\n- epicenter.works \\\\r\\\\n- Even tried the UK ICO (turns out, CivitAI blocks UK users now, so no luck there) \\\\r\\\\nOut of all of them, only epicenter.works replied - twice - telling me to contact noyb. \\\\r\\\\nWhich is silly, because I already did. Over a month ago. Still no reply. \\\\r\\\\n\\\\r\\\\nSo here I am. \\\\r\\\\nI did everything I could - correctly, thoroughly, and in good faith. But all I got in return is silence, deflection, bureaucracy. \\\\r\\\\nDon\\u2019t get me wrong - I still believe in the idea of GDPR. I want to believe in it. But the enforcement? It\\u2019s a paper tiger. All bark, no bite. And worst of all, it doesn\\u2019t even have self-respect - happy to roll over the moment someone shows up without an EU passport. \\\\r\\\\nThis wasn\\u2019t about being petty or creating drama. I just wanted to get in control of my data, as was promised by the GDPR declaration. \\\\r\\\\nBut apparently, even that is too much to ask. \\\\r\\\\n\\\\r\\\\nAnyway, vent over. Just wanted to share this so others don\\u2019t waste months chasing rainbows like I did. \\\\r\\\\n\\\\r\\\\nAnd maybe - just maybe - someone at noyb, DPC, or CivitAI will finally read it and feel ashamed enough to act. \\\\r\\\\n\\\\r\\\\nP.S. Why I\'m posting it here: \\\\r\\\\n- I think it fits this community topic \\\\r\\\\n- This post was removed from r\\/gdpr by moderators \\\\r\\\\n- Some subreddits ignored my request to approve this post on their subreddits \\\\r\\\\n- r\\/privacy requires karma to post \\\\r\\\\n- I was shadowbanned by Reddit for no apparent reason \\\\r\\\\n- Similar post saw zero reaction on Mastodon instance \\\\r\\\\n- Twitter & Bluesky requires solving a captcha that I\'m incapable of solving \\\\r\\\\nIn addition, since the initial post on Reddit and Mastodon weeks ago, I\'ve sent emails to various privacy oriented news outlets and public organizations, but I was ignored by all, but EFF which replied \\\\\\\"we can\'t help you\\\\\\\". \\\\r\\\\n\\\\r\\\\nEDIT: To clarify a recurring point: GDPR does not require you to be an EU citizen or resident to be protected. \\\\r\\\\nUnder Article 3(2), it applies to any company that offers goods\\/services to people in the EU - even if the user is from Ukraine, the US, or elsewhere. \\\\r\\\\n\\\\r\\\\n\\\\r\\\\n--- \\\\r\\\\n\\\\r\\\\nProof (screenshots) \\\\r\\\\n\\\\r\\\\n> [![Screenshot-1: Original Request](https:\\/\\/i.postimg.cc\\/HLCZLyh3\\/issue-civitai-gdpr1.png)](https:\\/\\/i.postimg.cc\\/HLCZLyh3\\/issue-civitai-gdpr1.png) \\\\r\\\\n> My GDPR request sent to support@. \\\\r\\\\n\\\\r\\\\n> [![Screenshot-2: Formal Notice](https:\\/\\/i.postimg.cc\\/wBdfBmGf\\/issue-civitai-gdpr2.png)](https:\\/\\/i.postimg.cc\\/wBdfBmGf\\/issue-civitai-gdpr2.png) \\\\r\\\\n> Reasserting rights after their first refusal. \\\\r\\\\n\\\\r\\\\n> [![Screenshot-3: CivitAI Response](https:\\/\\/i.postimg.cc\\/VktZ1RDz\\/issue-civitai-gdpr3.png)](https:\\/\\/i.postimg.cc\\/VktZ1RDz\\/issue-civitai-gdpr3.png) \\\\r\\\\n> \\\\\\\"Use the button.\\\\\\\" No erasure guarantee. \\\\r\\\\n\\\\r\\\\n> [![Screenshot-4: DPC Rejection](https:\\/\\/i.postimg.cc\\/3wHSwvcB\\/issue-civitai-gdpr4.png)](https:\\/\\/i.postimg.cc\\/3wHSwvcB\\/issue-civitai-gdpr4.png) \\\\r\\\\n> Irish DPC closes case based on nationality.\\\",\\\"mediaType\\\":\\\"text\\/markdown\\\"},\\\"attachment\\\":[],\\\"sensitive\\\":false,\\\"published\\\":\\\"2025-11-11T14:36:24.063725Z\\\",\\\"updated\\\":\\\"2025-11-11T17:52:16.591168Z\\\",\\\"language\\\":{\\\"identifier\\\":\\\"en\\\",\\\"name\\\":\\\"English\\\"},\\\"audience\\\":\\\"https:\\/\\/lemmy.ml\\/c\\/privacy\\\",\\\"tag\\\":[{\\\"href\\\":\\\"https:\\/\\/piefed.social\\/tag\\/europe\\\",\\\"name\\\":\\\"#europe\\\",\\\"type\\\":\\\"Hashtag\\\"},{\\\"href\\\":\\\"https:\\/\\/piefed.social\\/tag\\/privacy\\\",\\\"name\\\":\\\"#privacy\\\",\\\"type\\\":\\\"Hashtag\\\"},{\\\"href\\\":\\\"https:\\/\\/piefed.social\\/tag\\/gdpr\\\",\\\"name\\\":\\\"#gdpr\\\",\\\"type\\\":\\\"Hashtag\\\"}]},\\\"cc\\\":[\\\"https:\\/\\/lemmy.ml\\/c\\/privacy\\/followers\\\"],\\\"type\\\":\\\"Announce\\\",\\\"id\\\":\\\"https:\\/\\/lemmy.ml\\/activities\\/announce\\/page\\/72642c52-9c1b-4f70-bf9b-8c2eded17249\\\"}\",\"request\":{\"host\":\"kbin.spritesserver.nl\",\"method\":\"POST\",\"uri\":\"\\/f\\/inbox\",\"client_ip\":\"54.36.178.108\"},\"headers\":{\"content-type\":[\"application\\/activity+json\"],\"host\":[\"kbin.spritesserver.nl\"],\"date\":[\"Tue, 11 Nov 2025 17:52:18 GMT\"],\"digest\":[\"SHA-256=tV9bEx8i4LZRQ7u+vHQwAE8gwltdLxW4bBVnwGKaKY0=\"],\"signature\":[\"keyId=\\\"https:\\/\\/lemmy.ml\\/c\\/privacy#main-key\\\",algorithm=\\\"hs2019\\\",headers=\\\"(request-target) content-type date digest host\\\",signature=\\\"HgC8QgJ39+eFc+kVlD1\\/YK\\/cJ2+y8CwAodyctvhcAp8ueHS5+s6gUoXQUHP1t7QF89tI1dElyMZGo3AUS4QPOsNMU1XN8w++Tpas4AAiSyIqz+H+XBkK\\/WGPB27RvRwGZ3UJTyfxzLuxSZWtFHbzHNAGjDxX+UaeWNla8mZvxiDf7ME6awaMfJh7R4DibBTMZg3anrueblU4IgPncm8oDFvl3U5MYozgYwf294avAqBl3oKzDG82WlMIFkfk\\/oCRZTGyg+t1xTnvy6+IJPmz2k90xamgqbw5XOzX+sTw6zZoy7qvBnt3QrWFrcCnksbOZZq17ztM6BsaR1I0B\\/GU1g==\\\"\"],\"accept\":[\"\\/\"],\"user-agent\":[\"Lemmy\\/0.19.13; +https:\\/\\/lemmy.ml\"],\"accept-encoding\":[\"gzip\"],\"content-length\":[\"11293\"],\"x-php-ob-level\":[\"1\"]}}', '{\"type\":\"App\\\\Message\\\\ActivityPub\\\\Inbox\\\\ActivityMessage\",\"X-Message-Stamp-Symfony\\\\Component\\\\Messenger\\\\Stamp\\\\BusNameStamp\":\"[{\\\"busName\\\":\\\"messenger.bus.default\\\"}]\",\"Content-Type\":\"application\\/json\"}', 'default', '2025-11-11 17:52:18', '2025-11-11 17:52:18');

#▲

Time

Info

26.65 ms

INSERT INTO messenger_messages (body, headers, queue_name, created_at, available_at) VALUES(?, ?, ?, ?, ?)

Parameters:

[
  "{"payload":"{\"@context\":[\"https:\/\/join-lemmy.org\/context.json\",\"https:\/\/www.w3.org\/ns\/activitystreams\"],\"actor\":\"https:\/\/lemmy.ml\/c\/privacy\",\"to\":[\"https:\/\/www.w3.org\/ns\/activitystreams#Public\"],\"object\":{\"id\":\"https:\/\/piefed.social\/c\/privacy\/p\/1464763\/i-tried-to-delete-my-civitai-account-under-gdpr-the-system-failed-me-because-no-one-car\",\"actor\":\"https:\/\/piefed.social\/u\/kind_neighborhood\",\"type\":\"Page\",\"attributedTo\":\"https:\/\/piefed.social\/u\/kind_neighborhood\",\"to\":[\"https:\/\/lemmy.ml\/c\/privacy\",\"https:\/\/www.w3.org\/ns\/activitystreams#Public\"],\"name\":\"I tried to delete my CivitAI account under GDPR. The system failed me - because no one cares\",\"cc\":[],\"content\":\"<p>I decided to finally clean up an old account on CivitAI (https:\/\/civitai.com\/). Nothing unusual - I just wanted to exercise my right to be forgotten, the one I heard about so much on Reddit before, being a regular lurker.  <\/p>\\n<p>I sent them a polite email citing Article 17 GDPR. Gave them enough info to find me (email, username, first login date, payment history). Didn\u2019t use my real name, didn\u2019t log in - partly because I didn\u2019t want to trigger Cloudflare\u2019s fingerprinting again.  <\/p>\\n<p>Their reply?  <\/p>\\n<blockquote>\\n<p>\u201cWhen users delete their account, this action is permanent, since we delete any and all data associated with that account.\u201d  <\/p>\\n<\/blockquote>\\n<p>Maybe? There\u2019s no way to verify their claim without re-engaging. No public deletion policy (https:\/\/civitai.com\/content\/privacy). No confirmation. No alternative. Only if you log in to do it. Which means triggering Cloudflare\u2019s tracking system again.<br\/>\\nI shouldn\u2019t have to expose myself to surveillance just to ask to be forgotten.  <\/p>\\n<p>Honestly, I was taken aback a little. But fair enough, I thought. I still have a shield for myself - let\u2019s escalate.  <\/p>\\n<p>I filed with the Irish Data Protection Commission (DPC) - mostly because they accept anonymous, English requests.<br\/>\\nThey closed my case within days with this:  <\/p>\\n<blockquote>\\n<p>You\u2019re from Ukraine. Not our problem.  <\/p>\\n<\/blockquote>\\n<p>No discussion of whether CivitAI targets EU users (they do!). No interest in the fact they process personal data globally. Didn\u2019t even ask if I was in the EU at that time. Just a flat rejection based on my location.  <\/p>\\n<p>Fine. Maybe NGOs can help?<br\/>\\nI contacted:<br\/>\\n- Access Now<br\/>\\n- EDRi<br\/>\\n- Digitalcourage<br\/>\\n- epicenter.works<br\/>\\n- Even tried the UK ICO (turns out, CivitAI blocks UK users now, so no luck there)<br\/>\\nOut of all of them, only <strong>epicenter.works replied<\/strong> - twice - telling me to contact <strong>noyb<\/strong>.<br\/>\\nWhich is silly, because I already did. Over a month ago. Still no reply.  <\/p>\\n<p>So here I am.<br\/>\\nI did everything I could - correctly, thoroughly, and in good faith. But all I got in return is silence, deflection, bureaucracy.<br\/>\\nDon\u2019t get me wrong - I still believe in the idea of GDPR. I want to believe in it. But the enforcement? It\u2019s a paper tiger. All bark, no bite. And worst of all, it doesn\u2019t even have self-respect - happy to roll over the moment someone shows up without an EU passport.<br\/>\\nThis wasn\u2019t about being petty or creating drama. I just wanted to get in control of my data, as was promised by the GDPR declaration.<br\/>\\nBut apparently, even that is too much to ask.  <\/p>\\n<p>Anyway, vent over. Just wanted to share this so others don\u2019t waste months chasing rainbows like I did.  <\/p>\\n<p>And maybe - just maybe - someone at noyb, DPC, or CivitAI will finally read it and feel ashamed enough to act.  <\/p>\\n<p>P.S. Why I\u2019m posting it here:<br\/>\\n- I think it fits this community topic<br\/>\\n- This post was removed from r\/gdpr by moderators<br\/>\\n- Some subreddits ignored my request to approve this post on their subreddits<br\/>\\n- r\/privacy requires karma to post<br\/>\\n- I was shadowbanned by Reddit for no apparent reason<br\/>\\n- Similar post saw zero reaction on Mastodon instance<br\/>\\n- Twitter &amp; Bluesky requires solving a captcha that I\u2019m incapable of solving<br\/>\\nIn addition, since the initial post on Reddit and Mastodon weeks ago, I\u2019ve sent emails to various privacy oriented news outlets and public organizations, but I was ignored by all, but EFF which replied \u201cwe can\u2019t help you\u201d.  <\/p>\\n<p>EDIT: To clarify a recurring point: GDPR does not require you to be an EU citizen or resident to be protected.<br\/>\\nUnder Article 3(2), it applies to any company that offers goods\/services to people in the EU - even if the user is from Ukraine, the US, or elsewhere.  <\/p>\\n<hr\/>\\n<p>Proof (screenshots)  <\/p>\\n<blockquote>\\n<p><a href=\\\"https:\/\/i.postimg.cc\/HLCZLyh3\/issue-civitai-gdpr1.png\\\" rel=\\\"nofollow ugc\\\" target=\\\"_blank\\\"><img alt=\\\"Screenshot-1: Original Request\\\" loading=\\\"lazy\\\" src=\\\"https:\/\/i.postimg.cc\/HLCZLyh3\/issue-civitai-gdpr1.png\\\"\/><\/a><br\/>\\n<em>My GDPR request sent to support@.<\/em> <\/p>\\n<\/blockquote>\\n<blockquote>\\n<p><a href=\\\"https:\/\/i.postimg.cc\/wBdfBmGf\/issue-civitai-gdpr2.png\\\" rel=\\\"nofollow ugc\\\" target=\\\"_blank\\\"><img alt=\\\"Screenshot-2: Formal Notice\\\" loading=\\\"lazy\\\" src=\\\"https:\/\/i.postimg.cc\/wBdfBmGf\/issue-civitai-gdpr2.png\\\"\/><\/a><br\/>\\n<em>Reasserting rights after their first refusal.<\/em> <\/p>\\n<\/blockquote>\\n<blockquote>\\n<p><a href=\\\"https:\/\/i.postimg.cc\/VktZ1RDz\/issue-civitai-gdpr3.png\\\" rel=\\\"nofollow ugc\\\" target=\\\"_blank\\\"><img alt=\\\"Screenshot-3: CivitAI Response\\\" loading=\\\"lazy\\\" src=\\\"https:\/\/i.postimg.cc\/VktZ1RDz\/issue-civitai-gdpr3.png\\\"\/><\/a><br\/>\\n<em>\\\"Use the button.\u201d No erasure guarantee.<\/em> <\/p>\\n<\/blockquote>\\n<blockquote>\\n<p><a href=\\\"https:\/\/i.postimg.cc\/3wHSwvcB\/issue-civitai-gdpr4.png\\\" rel=\\\"nofollow ugc\\\" target=\\\"_blank\\\"><img alt=\\\"Screenshot-4: DPC Rejection\\\" loading=\\\"lazy\\\" src=\\\"https:\/\/i.postimg.cc\/3wHSwvcB\/issue-civitai-gdpr4.png\\\"\/><\/a><br\/>\\n<em>Irish DPC closes case based on nationality.<\/em><\/p>\\n<\/blockquote>\\n\",\"mediaType\":\"text\/html\",\"source\":{\"content\":\"I decided to finally clean up an old account on CivitAI (https:\/\/civitai.com\/). Nothing unusual - I just wanted to exercise my right to be forgotten, the one I heard about so much on Reddit before, being a regular lurker.  \\r\\n\\r\\nI sent them a polite email citing Article 17 GDPR. Gave them enough info to find me (email, username, first login date, payment history). Didn\u2019t use my real name, didn\u2019t log in - partly because I didn\u2019t want to trigger Cloudflare\u2019s fingerprinting again.  \\r\\n\\r\\nTheir reply?  \\r\\n\\r\\n> \\\"When users delete their account, this action is permanent, since we delete any and all data associated with that account.\\\"  \\r\\n\\r\\nMaybe? There\u2019s no way to verify their claim without re-engaging. No public deletion policy (https:\/\/civitai.com\/content\/privacy). No confirmation. No alternative. Only if you log in to do it. Which means triggering Cloudflare\u2019s tracking system again.  \\r\\nI shouldn\u2019t have to expose myself to surveillance just to ask to be forgotten.  \\r\\n\\r\\nHonestly, I was taken aback a little. But fair enough, I thought. I still have a shield for myself - let\u2019s escalate.  \\r\\n\\r\\nI filed with the Irish Data Protection Commission (DPC) - mostly because they accept anonymous, English requests.  \\r\\nThey closed my case within days with this:  \\r\\n> You\u2019re from Ukraine. Not our problem.  \\r\\n\\r\\nNo discussion of whether CivitAI targets EU users (they do!). No interest in the fact they process personal data globally. Didn\u2019t even ask if I was in the EU at that time. Just a flat rejection based on my location.  \\r\\n\\r\\nFine. Maybe NGOs can help?  \\r\\nI contacted:  \\r\\n- Access Now  \\r\\n- EDRi  \\r\\n- Digitalcourage  \\r\\n- epicenter.works  \\r\\n- Even tried the UK ICO (turns out, CivitAI blocks UK users now, so no luck there)  \\r\\nOut of all of them, only **epicenter.works replied** - twice - telling me to contact **noyb**.  \\r\\nWhich is silly, because I already did. Over a month ago. Still no reply.  \\r\\n\\r\\nSo here I am.  \\r\\nI did everything I could - correctly, thoroughly, and in good faith. But all I got in return is silence, deflection, bureaucracy.  \\r\\nDon\u2019t get me wrong - I still believe in the idea of GDPR. I want to believe in it. But the enforcement? It\u2019s a paper tiger. All bark, no bite. And worst of all, it doesn\u2019t even have self-respect - happy to roll over the moment someone shows up without an EU passport.  \\r\\nThis wasn\u2019t about being petty or creating drama. I just wanted to get in control of my data, as was promised by the GDPR declaration.  \\r\\nBut apparently, even that is too much to ask.  \\r\\n\\r\\nAnyway, vent over. Just wanted to share this so others don\u2019t waste months chasing rainbows like I did.  \\r\\n\\r\\nAnd maybe - just maybe - someone at noyb, DPC, or CivitAI will finally read it and feel ashamed enough to act.  \\r\\n\\r\\nP.S. Why I'm posting it here:  \\r\\n- I think it fits this community topic  \\r\\n- This post was removed from r\/gdpr by moderators  \\r\\n- Some subreddits ignored my request to approve this post on their subreddits  \\r\\n- r\/privacy requires karma to post  \\r\\n- I was shadowbanned by Reddit for no apparent reason  \\r\\n- Similar post saw zero reaction on Mastodon instance  \\r\\n- Twitter & Bluesky requires solving a captcha that I'm incapable of solving  \\r\\nIn addition, since the initial post on Reddit and Mastodon weeks ago, I've sent emails to various privacy oriented news outlets and public organizations, but I was ignored by all, but EFF which replied \\\"we can't help you\\\".  \\r\\n\\r\\nEDIT: To clarify a recurring point: GDPR does not require you to be an EU citizen or resident to be protected.  \\r\\nUnder Article 3(2), it applies to any company that offers goods\/services to people in the EU - even if the user is from Ukraine, the US, or elsewhere.  \\r\\n\\r\\n\\r\\n---  \\r\\n\\r\\nProof (screenshots)  \\r\\n\\r\\n> [![Screenshot-1: Original Request](https:\/\/i.postimg.cc\/HLCZLyh3\/issue-civitai-gdpr1.png)](https:\/\/i.postimg.cc\/HLCZLyh3\/issue-civitai-gdpr1.png)  \\r\\n> *My GDPR request sent to support@.*  \\r\\n\\r\\n> [![Screenshot-2: Formal Notice](https:\/\/i.postimg.cc\/wBdfBmGf\/issue-civitai-gdpr2.png)](https:\/\/i.postimg.cc\/wBdfBmGf\/issue-civitai-gdpr2.png)  \\r\\n> *Reasserting rights after their first refusal.*  \\r\\n\\r\\n> [![Screenshot-3: CivitAI Response](https:\/\/i.postimg.cc\/VktZ1RDz\/issue-civitai-gdpr3.png)](https:\/\/i.postimg.cc\/VktZ1RDz\/issue-civitai-gdpr3.png)  \\r\\n> *\\\"Use the button.\\\" No erasure guarantee.*  \\r\\n\\r\\n> [![Screenshot-4: DPC Rejection](https:\/\/i.postimg.cc\/3wHSwvcB\/issue-civitai-gdpr4.png)](https:\/\/i.postimg.cc\/3wHSwvcB\/issue-civitai-gdpr4.png)  \\r\\n> *Irish DPC closes case based on nationality.*\",\"mediaType\":\"text\/markdown\"},\"attachment\":[],\"sensitive\":false,\"published\":\"2025-11-11T14:36:24.063725Z\",\"updated\":\"2025-11-11T17:52:16.591168Z\",\"language\":{\"identifier\":\"en\",\"name\":\"English\"},\"audience\":\"https:\/\/lemmy.ml\/c\/privacy\",\"tag\":[{\"href\":\"https:\/\/piefed.social\/tag\/europe\",\"name\":\"#europe\",\"type\":\"Hashtag\"},{\"href\":\"https:\/\/piefed.social\/tag\/privacy\",\"name\":\"#privacy\",\"type\":\"Hashtag\"},{\"href\":\"https:\/\/piefed.social\/tag\/gdpr\",\"name\":\"#gdpr\",\"type\":\"Hashtag\"}]},\"cc\":[\"https:\/\/lemmy.ml\/c\/privacy\/followers\"],\"type\":\"Announce\",\"id\":\"https:\/\/lemmy.ml\/activities\/announce\/page\/72642c52-9c1b-4f70-bf9b-8c2eded17249\"}","request":{"host":"kbin.spritesserver.nl","method":"POST","uri":"\/f\/inbox","client_ip":"54.36.178.108"},"headers":{"content-type":["application\/activity+json"],"host":["kbin.spritesserver.nl"],"date":["Tue, 11 Nov 2025 17:52:18 GMT"],"digest":["SHA-256=tV9bEx8i4LZRQ7u+vHQwAE8gwltdLxW4bBVnwGKaKY0="],"signature":["keyId=\"https:\/\/lemmy.ml\/c\/privacy#main-key\",algorithm=\"hs2019\",headers=\"(request-target) content-type date digest host\",signature=\"HgC8QgJ39+eFc+kVlD1\/YK\/cJ2+y8CwAodyctvhcAp8ueHS5+s6gUoXQUHP1t7QF89tI1dElyMZGo3AUS4QPOsNMU1XN8w++Tpas4AAiSyIqz+H+XBkK\/WGPB27RvRwGZ3UJTyfxzLuxSZWtFHbzHNAGjDxX+UaeWNla8mZvxiDf7ME6awaMfJh7R4DibBTMZg3anrueblU4IgPncm8oDFvl3U5MYozgYwf294avAqBl3oKzDG82WlMIFkfk\/oCRZTGyg+t1xTnvy6+IJPmz2k90xamgqbw5XOzX+sTw6zZoy7qvBnt3QrWFrcCnksbOZZq17ztM6BsaR1I0B\/GU1g==\""],"accept":["*\/*"],"user-agent":["Lemmy\/0.19.13; +https:\/\/lemmy.ml"],"accept-encoding":["gzip"],"content-length":["11293"],"x-php-ob-level":["1"]}}"
  "{"type":"App\\Message\\ActivityPub\\Inbox\\ActivityMessage","X-Message-Stamp-Symfony\\Component\\Messenger\\Stamp\\BusNameStamp":"[{\"busName\":\"messenger.bus.default\"}]","Content-Type":"application\/json"}"
  "default"
  "2025-11-11 17:52:18"
  "2025-11-11 17:52:18"
]

View formatted query View runnable query Explain query

INSERT INTO messenger_messages (
  body, headers, queue_name, created_at,
  available_at
)
VALUES
  (?, ?, ?, ?, ?)

INSERT INTO messenger_messages (body, headers, queue_name, created_at, available_at) VALUES('{\"payload\":\"{\\\"@context\\\":[\\\"https:\\/\\/join-lemmy.org\\/context.json\\\",\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams\\\"],\\\"actor\\\":\\\"https:\\/\\/lemmy.ml\\/c\\/privacy\\\",\\\"to\\\":[\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams#Public\\\"],\\\"object\\\":{\\\"id\\\":\\\"https:\\/\\/piefed.social\\/c\\/privacy\\/p\\/1464763\\/i-tried-to-delete-my-civitai-account-under-gdpr-the-system-failed-me-because-no-one-car\\\",\\\"actor\\\":\\\"https:\\/\\/piefed.social\\/u\\/kind_neighborhood\\\",\\\"type\\\":\\\"Page\\\",\\\"attributedTo\\\":\\\"https:\\/\\/piefed.social\\/u\\/kind_neighborhood\\\",\\\"to\\\":[\\\"https:\\/\\/lemmy.ml\\/c\\/privacy\\\",\\\"https:\\/\\/www.w3.org\\/ns\\/activitystreams#Public\\\"],\\\"name\\\":\\\"I tried to delete my CivitAI account under GDPR. The system failed me - because no one cares\\\",\\\"cc\\\":[],\\\"content\\\":\\\"<p>I decided to finally clean up an old account on CivitAI (https:\\/\\/civitai.com\\/). Nothing unusual - I just wanted to exercise my right to be forgotten, the one I heard about so much on Reddit before, being a regular lurker.  <\\/p>\\\\n<p>I sent them a polite email citing Article 17 GDPR. Gave them enough info to find me (email, username, first login date, payment history). Didn\\u2019t use my real name, didn\\u2019t log in - partly because I didn\\u2019t want to trigger Cloudflare\\u2019s fingerprinting again.  <\\/p>\\\\n<p>Their reply?  <\\/p>\\\\n<blockquote>\\\\n<p>\\u201cWhen users delete their account, this action is permanent, since we delete any and all data associated with that account.\\u201d  <\\/p>\\\\n<\\/blockquote>\\\\n<p>Maybe? There\\u2019s no way to verify their claim without re-engaging. No public deletion policy (https:\\/\\/civitai.com\\/content\\/privacy). No confirmation. No alternative. Only if you log in to do it. Which means triggering Cloudflare\\u2019s tracking system again.<br\\/>\\\\nI shouldn\\u2019t have to expose myself to surveillance just to ask to be forgotten.  <\\/p>\\\\n<p>Honestly, I was taken aback a little. But fair enough, I thought. I still have a shield for myself - let\\u2019s escalate.  <\\/p>\\\\n<p>I filed with the Irish Data Protection Commission (DPC) - mostly because they accept anonymous, English requests.<br\\/>\\\\nThey closed my case within days with this:  <\\/p>\\\\n<blockquote>\\\\n<p>You\\u2019re from Ukraine. Not our problem.  <\\/p>\\\\n<\\/blockquote>\\\\n<p>No discussion of whether CivitAI targets EU users (they do!). No interest in the fact they process personal data globally. Didn\\u2019t even ask if I was in the EU at that time. Just a flat rejection based on my location.  <\\/p>\\\\n<p>Fine. Maybe NGOs can help?<br\\/>\\\\nI contacted:<br\\/>\\\\n- Access Now<br\\/>\\\\n- EDRi<br\\/>\\\\n- Digitalcourage<br\\/>\\\\n- epicenter.works<br\\/>\\\\n- Even tried the UK ICO (turns out, CivitAI blocks UK users now, so no luck there)<br\\/>\\\\nOut of all of them, only <strong>epicenter.works replied<\\/strong> - twice - telling me to contact <strong>noyb<\\/strong>.<br\\/>\\\\nWhich is silly, because I already did. Over a month ago. Still no reply.  <\\/p>\\\\n<p>So here I am.<br\\/>\\\\nI did everything I could - correctly, thoroughly, and in good faith. But all I got in return is silence, deflection, bureaucracy.<br\\/>\\\\nDon\\u2019t get me wrong - I still believe in the idea of GDPR. I want to believe in it. But the enforcement? It\\u2019s a paper tiger. All bark, no bite. And worst of all, it doesn\\u2019t even have self-respect - happy to roll over the moment someone shows up without an EU passport.<br\\/>\\\\nThis wasn\\u2019t about being petty or creating drama. I just wanted to get in control of my data, as was promised by the GDPR declaration.<br\\/>\\\\nBut apparently, even that is too much to ask.  <\\/p>\\\\n<p>Anyway, vent over. Just wanted to share this so others don\\u2019t waste months chasing rainbows like I did.  <\\/p>\\\\n<p>And maybe - just maybe - someone at noyb, DPC, or CivitAI will finally read it and feel ashamed enough to act.  <\\/p>\\\\n<p>P.S. Why I\\u2019m posting it here:<br\\/>\\\\n- I think it fits this community topic<br\\/>\\\\n- This post was removed from r\\/gdpr by moderators<br\\/>\\\\n- Some subreddits ignored my request to approve this post on their subreddits<br\\/>\\\\n- r\\/privacy requires karma to post<br\\/>\\\\n- I was shadowbanned by Reddit for no apparent reason<br\\/>\\\\n- Similar post saw zero reaction on Mastodon instance<br\\/>\\\\n- Twitter &amp; Bluesky requires solving a captcha that I\\u2019m incapable of solving<br\\/>\\\\nIn addition, since the initial post on Reddit and Mastodon weeks ago, I\\u2019ve sent emails to various privacy oriented news outlets and public organizations, but I was ignored by all, but EFF which replied \\u201cwe can\\u2019t help you\\u201d.  <\\/p>\\\\n<p>EDIT: To clarify a recurring point: GDPR does not require you to be an EU citizen or resident to be protected.<br\\/>\\\\nUnder Article 3(2), it applies to any company that offers goods\\/services to people in the EU - even if the user is from Ukraine, the US, or elsewhere.  <\\/p>\\\\n<hr\\/>\\\\n<p>Proof (screenshots)  <\\/p>\\\\n<blockquote>\\\\n<p><a href=\\\\\\\"https:\\/\\/i.postimg.cc\\/HLCZLyh3\\/issue-civitai-gdpr1.png\\\\\\\" rel=\\\\\\\"nofollow ugc\\\\\\\" target=\\\\\\\"_blank\\\\\\\"><img alt=\\\\\\\"Screenshot-1: Original Request\\\\\\\" loading=\\\\\\\"lazy\\\\\\\" src=\\\\\\\"https:\\/\\/i.postimg.cc\\/HLCZLyh3\\/issue-civitai-gdpr1.png\\\\\\\"\\/><\\/a><br\\/>\\\\n<em>My GDPR request sent to support@.<\\/em> <\\/p>\\\\n<\\/blockquote>\\\\n<blockquote>\\\\n<p><a href=\\\\\\\"https:\\/\\/i.postimg.cc\\/wBdfBmGf\\/issue-civitai-gdpr2.png\\\\\\\" rel=\\\\\\\"nofollow ugc\\\\\\\" target=\\\\\\\"_blank\\\\\\\"><img alt=\\\\\\\"Screenshot-2: Formal Notice\\\\\\\" loading=\\\\\\\"lazy\\\\\\\" src=\\\\\\\"https:\\/\\/i.postimg.cc\\/wBdfBmGf\\/issue-civitai-gdpr2.png\\\\\\\"\\/><\\/a><br\\/>\\\\n<em>Reasserting rights after their first refusal.<\\/em> <\\/p>\\\\n<\\/blockquote>\\\\n<blockquote>\\\\n<p><a href=\\\\\\\"https:\\/\\/i.postimg.cc\\/VktZ1RDz\\/issue-civitai-gdpr3.png\\\\\\\" rel=\\\\\\\"nofollow ugc\\\\\\\" target=\\\\\\\"_blank\\\\\\\"><img alt=\\\\\\\"Screenshot-3: CivitAI Response\\\\\\\" loading=\\\\\\\"lazy\\\\\\\" src=\\\\\\\"https:\\/\\/i.postimg.cc\\/VktZ1RDz\\/issue-civitai-gdpr3.png\\\\\\\"\\/><\\/a><br\\/>\\\\n<em>\\\\\\\"Use the button.\\u201d No erasure guarantee.<\\/em> <\\/p>\\\\n<\\/blockquote>\\\\n<blockquote>\\\\n<p><a href=\\\\\\\"https:\\/\\/i.postimg.cc\\/3wHSwvcB\\/issue-civitai-gdpr4.png\\\\\\\" rel=\\\\\\\"nofollow ugc\\\\\\\" target=\\\\\\\"_blank\\\\\\\"><img alt=\\\\\\\"Screenshot-4: DPC Rejection\\\\\\\" loading=\\\\\\\"lazy\\\\\\\" src=\\\\\\\"https:\\/\\/i.postimg.cc\\/3wHSwvcB\\/issue-civitai-gdpr4.png\\\\\\\"\\/><\\/a><br\\/>\\\\n<em>Irish DPC closes case based on nationality.<\\/em><\\/p>\\\\n<\\/blockquote>\\\\n\\\",\\\"mediaType\\\":\\\"text\\/html\\\",\\\"source\\\":{\\\"content\\\":\\\"I decided to finally clean up an old account on CivitAI (https:\\/\\/civitai.com\\/). Nothing unusual - I just wanted to exercise my right to be forgotten, the one I heard about so much on Reddit before, being a regular lurker.  \\\\r\\\\n\\\\r\\\\nI sent them a polite email citing Article 17 GDPR. Gave them enough info to find me (email, username, first login date, payment history). Didn\\u2019t use my real name, didn\\u2019t log in - partly because I didn\\u2019t want to trigger Cloudflare\\u2019s fingerprinting again.  \\\\r\\\\n\\\\r\\\\nTheir reply?  \\\\r\\\\n\\\\r\\\\n> \\\\\\\"When users delete their account, this action is permanent, since we delete any and all data associated with that account.\\\\\\\"  \\\\r\\\\n\\\\r\\\\nMaybe? There\\u2019s no way to verify their claim without re-engaging. No public deletion policy (https:\\/\\/civitai.com\\/content\\/privacy). No confirmation. No alternative. Only if you log in to do it. Which means triggering Cloudflare\\u2019s tracking system again.  \\\\r\\\\nI shouldn\\u2019t have to expose myself to surveillance just to ask to be forgotten.  \\\\r\\\\n\\\\r\\\\nHonestly, I was taken aback a little. But fair enough, I thought. I still have a shield for myself - let\\u2019s escalate.  \\\\r\\\\n\\\\r\\\\nI filed with the Irish Data Protection Commission (DPC) - mostly because they accept anonymous, English requests.  \\\\r\\\\nThey closed my case within days with this:  \\\\r\\\\n> You\\u2019re from Ukraine. Not our problem.  \\\\r\\\\n\\\\r\\\\nNo discussion of whether CivitAI targets EU users (they do!). No interest in the fact they process personal data globally. Didn\\u2019t even ask if I was in the EU at that time. Just a flat rejection based on my location.  \\\\r\\\\n\\\\r\\\\nFine. Maybe NGOs can help?  \\\\r\\\\nI contacted:  \\\\r\\\\n- Access Now  \\\\r\\\\n- EDRi  \\\\r\\\\n- Digitalcourage  \\\\r\\\\n- epicenter.works  \\\\r\\\\n- Even tried the UK ICO (turns out, CivitAI blocks UK users now, so no luck there)  \\\\r\\\\nOut of all of them, only **epicenter.works replied** - twice - telling me to contact **noyb**.  \\\\r\\\\nWhich is silly, because I already did. Over a month ago. Still no reply.  \\\\r\\\\n\\\\r\\\\nSo here I am.  \\\\r\\\\nI did everything I could - correctly, thoroughly, and in good faith. But all I got in return is silence, deflection, bureaucracy.  \\\\r\\\\nDon\\u2019t get me wrong - I still believe in the idea of GDPR. I want to believe in it. But the enforcement? It\\u2019s a paper tiger. All bark, no bite. And worst of all, it doesn\\u2019t even have self-respect - happy to roll over the moment someone shows up without an EU passport.  \\\\r\\\\nThis wasn\\u2019t about being petty or creating drama. I just wanted to get in control of my data, as was promised by the GDPR declaration.  \\\\r\\\\nBut apparently, even that is too much to ask.  \\\\r\\\\n\\\\r\\\\nAnyway, vent over. Just wanted to share this so others don\\u2019t waste months chasing rainbows like I did.  \\\\r\\\\n\\\\r\\\\nAnd maybe - just maybe - someone at noyb, DPC, or CivitAI will finally read it and feel ashamed enough to act.  \\\\r\\\\n\\\\r\\\\nP.S. Why I\'m posting it here:  \\\\r\\\\n- I think it fits this community topic  \\\\r\\\\n- This post was removed from r\\/gdpr by moderators  \\\\r\\\\n- Some subreddits ignored my request to approve this post on their subreddits  \\\\r\\\\n- r\\/privacy requires karma to post  \\\\r\\\\n- I was shadowbanned by Reddit for no apparent reason  \\\\r\\\\n- Similar post saw zero reaction on Mastodon instance  \\\\r\\\\n- Twitter & Bluesky requires solving a captcha that I\'m incapable of solving  \\\\r\\\\nIn addition, since the initial post on Reddit and Mastodon weeks ago, I\'ve sent emails to various privacy oriented news outlets and public organizations, but I was ignored by all, but EFF which replied \\\\\\\"we can\'t help you\\\\\\\".  \\\\r\\\\n\\\\r\\\\nEDIT: To clarify a recurring point: GDPR does not require you to be an EU citizen or resident to be protected.  \\\\r\\\\nUnder Article 3(2), it applies to any company that offers goods\\/services to people in the EU - even if the user is from Ukraine, the US, or elsewhere.  \\\\r\\\\n\\\\r\\\\n\\\\r\\\\n---  \\\\r\\\\n\\\\r\\\\nProof (screenshots)  \\\\r\\\\n\\\\r\\\\n> [![Screenshot-1: Original Request](https:\\/\\/i.postimg.cc\\/HLCZLyh3\\/issue-civitai-gdpr1.png)](https:\\/\\/i.postimg.cc\\/HLCZLyh3\\/issue-civitai-gdpr1.png)  \\\\r\\\\n> *My GDPR request sent to support@.*  \\\\r\\\\n\\\\r\\\\n> [![Screenshot-2: Formal Notice](https:\\/\\/i.postimg.cc\\/wBdfBmGf\\/issue-civitai-gdpr2.png)](https:\\/\\/i.postimg.cc\\/wBdfBmGf\\/issue-civitai-gdpr2.png)  \\\\r\\\\n> *Reasserting rights after their first refusal.*  \\\\r\\\\n\\\\r\\\\n> [![Screenshot-3: CivitAI Response](https:\\/\\/i.postimg.cc\\/VktZ1RDz\\/issue-civitai-gdpr3.png)](https:\\/\\/i.postimg.cc\\/VktZ1RDz\\/issue-civitai-gdpr3.png)  \\\\r\\\\n> *\\\\\\\"Use the button.\\\\\\\" No erasure guarantee.*  \\\\r\\\\n\\\\r\\\\n> [![Screenshot-4: DPC Rejection](https:\\/\\/i.postimg.cc\\/3wHSwvcB\\/issue-civitai-gdpr4.png)](https:\\/\\/i.postimg.cc\\/3wHSwvcB\\/issue-civitai-gdpr4.png)  \\\\r\\\\n> *Irish DPC closes case based on nationality.*\\\",\\\"mediaType\\\":\\\"text\\/markdown\\\"},\\\"attachment\\\":[],\\\"sensitive\\\":false,\\\"published\\\":\\\"2025-11-11T14:36:24.063725Z\\\",\\\"updated\\\":\\\"2025-11-11T17:52:16.591168Z\\\",\\\"language\\\":{\\\"identifier\\\":\\\"en\\\",\\\"name\\\":\\\"English\\\"},\\\"audience\\\":\\\"https:\\/\\/lemmy.ml\\/c\\/privacy\\\",\\\"tag\\\":[{\\\"href\\\":\\\"https:\\/\\/piefed.social\\/tag\\/europe\\\",\\\"name\\\":\\\"#europe\\\",\\\"type\\\":\\\"Hashtag\\\"},{\\\"href\\\":\\\"https:\\/\\/piefed.social\\/tag\\/privacy\\\",\\\"name\\\":\\\"#privacy\\\",\\\"type\\\":\\\"Hashtag\\\"},{\\\"href\\\":\\\"https:\\/\\/piefed.social\\/tag\\/gdpr\\\",\\\"name\\\":\\\"#gdpr\\\",\\\"type\\\":\\\"Hashtag\\\"}]},\\\"cc\\\":[\\\"https:\\/\\/lemmy.ml\\/c\\/privacy\\/followers\\\"],\\\"type\\\":\\\"Announce\\\",\\\"id\\\":\\\"https:\\/\\/lemmy.ml\\/activities\\/announce\\/page\\/72642c52-9c1b-4f70-bf9b-8c2eded17249\\\"}\",\"request\":{\"host\":\"kbin.spritesserver.nl\",\"method\":\"POST\",\"uri\":\"\\/f\\/inbox\",\"client_ip\":\"54.36.178.108\"},\"headers\":{\"content-type\":[\"application\\/activity+json\"],\"host\":[\"kbin.spritesserver.nl\"],\"date\":[\"Tue, 11 Nov 2025 17:52:18 GMT\"],\"digest\":[\"SHA-256=tV9bEx8i4LZRQ7u+vHQwAE8gwltdLxW4bBVnwGKaKY0=\"],\"signature\":[\"keyId=\\\"https:\\/\\/lemmy.ml\\/c\\/privacy#main-key\\\",algorithm=\\\"hs2019\\\",headers=\\\"(request-target) content-type date digest host\\\",signature=\\\"HgC8QgJ39+eFc+kVlD1\\/YK\\/cJ2+y8CwAodyctvhcAp8ueHS5+s6gUoXQUHP1t7QF89tI1dElyMZGo3AUS4QPOsNMU1XN8w++Tpas4AAiSyIqz+H+XBkK\\/WGPB27RvRwGZ3UJTyfxzLuxSZWtFHbzHNAGjDxX+UaeWNla8mZvxiDf7ME6awaMfJh7R4DibBTMZg3anrueblU4IgPncm8oDFvl3U5MYozgYwf294avAqBl3oKzDG82WlMIFkfk\\/oCRZTGyg+t1xTnvy6+IJPmz2k90xamgqbw5XOzX+sTw6zZoy7qvBnt3QrWFrcCnksbOZZq17ztM6BsaR1I0B\\/GU1g==\\\"\"],\"accept\":[\"*\\/*\"],\"user-agent\":[\"Lemmy\\/0.19.13; +https:\\/\\/lemmy.ml\"],\"accept-encoding\":[\"gzip\"],\"content-length\":[\"11293\"],\"x-php-ob-level\":[\"1\"]}}', '{\"type\":\"App\\\\Message\\\\ActivityPub\\\\Inbox\\\\ActivityMessage\",\"X-Message-Stamp-Symfony\\\\Component\\\\Messenger\\\\Stamp\\\\BusNameStamp\":\"[{\\\"busName\\\":\\\"messenger.bus.default\\\"}]\",\"Content-Type\":\"application\\/json\"}', 'default', '2025-11-11 17:52:18', '2025-11-11 17:52:18');

Database Connections

Name	Service
default	doctrine.dbal.default_connection

Entity Managers

Name	Service
default	doctrine.orm.default_entity_manager

Second Level Cache

0 Hits

0 Misses

0 Puts

Entities Mapping

No loaded entities.

Symfony Profiler

POST https://kbin.spritesserver.nl/f/inbox

Configuration Settings

Theme