• WANTED: Happy members who like to discuss audio and other topics related to our interest. Desire to learn and share knowledge of science required as is 20 years of participation in forums (not all true). Come here to have fun, be ready to be teased and not take online life too seriously. We now measure and review equipment for free! Click here for details.

I may just be old and cranky but...

Joined
Nov 7, 2019
Messages
87
Likes
126
#1
I really find it creepy when stores link my contact information from an online order to in store purchases with the same credit card.

The emails wanting me to rate an in-store purchase when I don't use any sort of rewards card bug me. I know they track everything but maybe try not to rub it in my face.
 
Last edited:

Soniclife

Major Contributor
Forum Donor
Joined
Apr 13, 2017
Messages
2,392
Likes
2,048
Location
UK
#2
I really find it creepy when stores link my contact information from an online order to in store purchases with the same credit card.

The emails wanting me to rate an in-store purchase when I don't use any sort of rewards card bug me. I know they track everything but maybe try not to rub it in my face.
What country are you in?
 
Joined
Nov 7, 2019
Messages
87
Likes
126
#3
What country are you in?
United States. You probably have better laws regarding how personal information is handled in the UK.

Here that information is a hot commodity. It is annoying enough that every store hounds me to join their rewards program with "we just need an email address" or "just a phone number" When with either of those they can find out pretty much everything they need to know marketing wise about me and share all my purchase history with anyone that will pay them enough. But at least then it would be opting into having my habits tracked, compiled and sold.

It was quite a few years ago when I first ran into it with a store emailing me to rate my latest purchase. I opened the email thinking it was for the item I'd bought online and it ended up being a $3 item I'd bought in the store after the online purchase.

And we have stores like Target that if you buy certain cold medicine or alcohol want to use their reader on your driver's licence to pull everything off of it.
 
Joined
Dec 31, 2019
Messages
19
Likes
12
#4
In the EU they have the GDPR laws. I'm a developer, and I wrote the system my company uses to ensure we comply with the GDPR regulations.

I also wrote my companies equivalent of google analytics, and other systems related to the topic at hand. I have to tell you, you are off base on a few things. Reputable companies do not share or sell customer information. They use it internally for their own sales and marketing purposes. I know this from first hand knowledge of being forced to sit through meetings as the "technical guy" who can answer questions.

Keeping track of all your purchases has benefits for you as well.
  • If its an in store purchase and you need to return it for some reason you have proof of purchase even if you no longer have the receit.
  • If you purchased an electronics devise some companies will send you an email to let you know that a software or firmware updates are available for it.
  • Some companies will send you an email when an item has been recalled by the manufacture.
  • etc
Scanning your licence for certain drug purchases isn't something they are doing to get your data. The federal and local governments have laws and regulations in place to track the purchase of certain drugs, because they can be used to make illegal drugs. For example products that contain pseudoephedrine can be used to make meth.
 
Joined
Nov 7, 2019
Messages
87
Likes
126
#5
In the EU they have the GDPR laws. I'm a developer, and I wrote the system my company uses to ensure we comply with the GDPR regulations.

I also wrote my companies equivalent of google analytics, and other systems related to the topic at hand. I have to tell you, you are off base on a few things. Reputable companies do not share or sell customer information. They use it internally for their own sales and marketing purposes. I know this from first hand knowledge of being forced to sit through meetings as the "technical guy" who can answer questions.

Keeping track of all your purchases has benefits for you as well.
  • If its an in store purchase and you need to return it for some reason you have proof of purchase even if you no longer have the receit.
  • If you purchased an electronics devise some companies will send you an email to let you know that a software or firmware updates are available for it.
  • Some companies will send you an email when an item has been recalled by the manufacture.
  • etc
Scanning your licence for certain drug purchases isn't something they are doing to get your data. The federal and local governments have laws and regulations in place to track the purchase of certain drugs, because they can be used to make illegal drugs. For example products that contain pseudoephedrine can be used to make meth.
Nope, nope and nope.

The purchases I'm talking about scanning the driver's license for are not the government controlled ones that require record keeping. I'm well aware of the pseudoephedrine requirements and don't blame the stores for that. The only requirement that the items I'm talking about have are a minimum age for purchase. For those items they just need to look at the ID.

Being able to process a return based on the credit card used is handy. Linking that to my name, address and phone number without my consent is not.

And, sure, every company out there is going to go "This place wants to pay us a lot of money for the information on our shoppers but we don't want to share that" I guess Money magazine is off with "That’s because it has become common practice for many retailers to store, collate, and sell the information of millions of customers for a profit. " https://money.com/how-retailers-track-you/
And the BBC "Although stores will often not pass loyalty scheme data to other parties, they may share customers' information with companies within the same group, which can be global.
Some companies may also share the information with their retail partners, who can use it to target their advertising.
Nectar, for example, can share data with at least 49 companies including Argos and Easyjet, according to consumer group Which?" https://www.bbc.com/news/technology-43483426
Which is all fine and dandy, IF I opt-in but I did not.

And no company has ever done things beyond what we see in the press to screw us over. And Target, the same one that wants to scan my driver's licence if I buy a bottle of wine, didn't spend nearly two weeks with a huge hole in their data security all the while ignoring alerts that there was a problem. Sure, I want them to have more of my personal information.
 

Dimitri

Active Member
Joined
Jan 28, 2018
Messages
143
Likes
106
Location
Valencia California
#6
In the EU they have the GDPR laws. I'm a developer, and I wrote the system my company uses to ensure we comply with the GDPR regulations.

I also wrote my companies equivalent of google analytics, and other systems related to the topic at hand. I have to tell you, you are off base on a few things. Reputable companies do not share or sell customer information. They use it internally for their own sales and marketing purposes. I know this from first hand knowledge of being forced to sit through meetings as the "technical guy" who can answer questions.

Keeping track of all your purchases has benefits for you as well.
  • If its an in store purchase and you need to return it for some reason you have proof of purchase even if you no longer have the receit.
  • If you purchased an electronics devise some companies will send you an email to let you know that a software or firmware updates are available for it.
  • Some companies will send you an email when an item has been recalled by the manufacture.
  • etc
Scanning your licence for certain drug purchases isn't something they are doing to get your data. The federal and local governments have laws and regulations in place to track the purchase of certain drugs, because they can be used to make illegal drugs. For example products that contain pseudoephedrine can be used to make meth.
All claims aside,
No company does anything unless it serves the purposes of the company first.
All else is a sideffect, desirable or not.
Somewhere the is a customer data clearinghouse where data gets analyzed and this service is "sold" to the companies.
Even with something as simple as providing feedback to McDonalds, if you read the privacy terms regarding "data retention" it clearly states that they will use this data you provide and anything and everything else in order to provide their customers (aka McDonalds and whoever else) with addional products and services.
Common Core (other US educational nightmare) was /is the same thing.

So it becomes a "Give us information so we have a product to sell" TM
Maybe in Europe things are different.

Over here (US) ... it's still the wild wild west when it comes to data.
 

RayDunzl

Major Contributor
Central Scrutinizer
Joined
Mar 9, 2016
Messages
8,169
Likes
5,281
Location
Riverview FL
#7
It is annoying enough that every store hounds me to join their rewards program with "we just need an email address"
I make up email addresses on the fly...

For instance, here I am [email protected](something).bot.nu

My experience with the "sharing" of the addresses I make up has occurred only a couple of times (in ten years), at a Russian(?) bitcoin site,.

On the other hand, my "real" ISP address, which I very rarely use, is full of crap from all over the planet.

If I no longer want mail from someone, or they "share" the address, it is easy to direct them to the bit bucket before it even gets to the inbox, based on recipient (one of my addresses), not sender, which isn't always easy.

My Inbox:

1579197163806.png


Occasionally, some company will object to having their name in my address. No problem...

---

Oh yeah, the troublemaker (shared my address) was BTC-E.

"BTC-e was a cryptocurrency trading platform until the U.S. government seized their website."
 
Last edited:
Joined
Dec 31, 2019
Messages
19
Likes
12
#8
Being able to process a return based on the credit card used is handy. Linking that to my name, address and phone number without my consent is not.
It's not against federal law yet (that I know of) to store CC numbers but i believe it is in a few states. If memory serves, it's against PCI DSS to store credit card numbers. Hence the reason why transactions are linked to customer records. One of the first projects i was involved with when i joined my current employer in the early 0's, was to go through every company system and remove all credit card records, and to update the system to ensure new ones didn't get stored.
 
Joined
Dec 31, 2019
Messages
19
Likes
12
#9
I don't want to write a thesis here, but in general their is a misunderstanding among the general public about what reputable companies share. And yes the Lawyer butt covering fine print, and half baked news articles only fuels the fire more. If companies share data at all, it's generally obfuscated and/or aggregated.
 

Soniclife

Major Contributor
Forum Donor
Joined
Apr 13, 2017
Messages
2,392
Likes
2,048
Location
UK
#10
You probably have better laws regarding how personal information is handled in the UK.
I think we do, they are not perfect, never will be, but the intention is to try and limit this sort of thing.
I've had requests to extract millions of credit card transactions, to share with other companies to merge and enrich the data, for dubious marketing reasons. In each case I say I'll only do it when they come back with authorisation from legal saying it's ok, and explicitly starting that someone else will accept responsibility for my actions, I've never heard back from anyone with such authorisation.
 

Berwhale

Addicted to Fun and Learning
Forum Donor
Joined
Aug 29, 2019
Messages
550
Likes
487
Location
West Sussex, UK
#11
It's not against federal law yet (that I know of) to store CC numbers but i believe it is in a few states. If memory serves, it's against PCI DSS to store credit card numbers. Hence the reason why transactions are linked to customer records. One of the first projects i was involved with when i joined my current employer in the early 0's, was to go through every company system and remove all credit card records, and to update the system to ensure new ones didn't get stored.
You can store credit card numbers in a PCI DSS compliant environment and pass tokens back and forth to non-compliant systems. Many companies will host their card data environments with specialist providers, rather than go through the pain and expense of trying to achieve certification on their own infrastructure.
 
Joined
Dec 31, 2019
Messages
19
Likes
12
#12
You can store credit card numbers in a PCI DSS compliant environment and pass tokens back and forth to non-compliant systems. Many companies will host their card data environments with specialist providers, rather than go through the pain and expense of trying to achieve certification on their own infrastructure.
That I didn't know, but I have vivid memory of the pain of digging through old legacy systems and trying to reverse engineer them.
 

Berwhale

Addicted to Fun and Learning
Forum Donor
Joined
Aug 29, 2019
Messages
550
Likes
487
Location
West Sussex, UK
#13
That I didn't know, but I have vivid memory of the pain of digging through old legacy systems and trying to reverse engineer them.
You should try removing credit card numbers from scans of 40 year old insurance contracts. It wasn't uncommon for brokers to scribble the number on the contract whilst they were on the phone to the client.
 

RayDunzl

Major Contributor
Central Scrutinizer
Joined
Mar 9, 2016
Messages
8,169
Likes
5,281
Location
Riverview FL
#14
Numbers...

In 1978 or so, a priest from someplace in the Yucatan came in to rent a car.

I don't remember his name, and he used a cash deposit (try that now).

His Drivers license number was 9, his telephone number was 5.
 
Top Bottom