• Welcome to ASR. There are many reviews of audio hardware and expert members to help answer your questions. Click here to have your audio equipment measured for free!

I may just be old and cranky but...

ta240

ta240

Major Contributor
Joined
Nov 7, 2019
Messages
1,994
Likes
4,475
Location
USA
I really find it creepy when stores link my contact information from an online order to in store purchases with the same credit card.

The emails wanting me to rate an in-store purchase when I don't use any sort of rewards card bug me. I know they track everything but maybe try not to rub it in my face.
 
Last edited:
ta240 said:
I really find it creepy when stores link my contact information from an online order to in store purchases with the same credit card.

The emails wanting me to rate an in-store purchase when I don't use any sort of rewards card bug me. I know they track everything but maybe try not to rub it in my face.
Click to expand...
What country are you in?
 
Soniclife said:
What country are you in?
Click to expand...

United States. You probably have better laws regarding how personal information is handled in the UK.

Here that information is a hot commodity. It is annoying enough that every store hounds me to join their rewards program with "we just need an email address" or "just a phone number" When with either of those they can find out pretty much everything they need to know marketing wise about me and share all my purchase history with anyone that will pay them enough. But at least then it would be opting into having my habits tracked, compiled and sold.

It was quite a few years ago when I first ran into it with a store emailing me to rate my latest purchase. I opened the email thinking it was for the item I'd bought online and it ended up being a $3 item I'd bought in the store after the online purchase.

And we have stores like Target that if you buy certain cold medicine or alcohol want to use their reader on your driver's licence to pull everything off of it.
 
In the EU they have the GDPR laws. I'm a developer, and I wrote the system my company uses to ensure we comply with the GDPR regulations.

I also wrote my companies equivalent of google analytics, and other systems related to the topic at hand. I have to tell you, you are off base on a few things. Reputable companies do not share or sell customer information. They use it internally for their own sales and marketing purposes. I know this from first hand knowledge of being forced to sit through meetings as the "technical guy" who can answer questions.

Keeping track of all your purchases has benefits for you as well.
  • If its an in store purchase and you need to return it for some reason you have proof of purchase even if you no longer have the receit.
  • If you purchased an electronics devise some companies will send you an email to let you know that a software or firmware updates are available for it.
  • Some companies will send you an email when an item has been recalled by the manufacture.
  • etc
Scanning your licence for certain drug purchases isn't something they are doing to get your data. The federal and local governments have laws and regulations in place to track the purchase of certain drugs, because they can be used to make illegal drugs. For example products that contain pseudoephedrine can be used to make meth.
 
DLS79 said:
In the EU they have the GDPR laws. I'm a developer, and I wrote the system my company uses to ensure we comply with the GDPR regulations.

I also wrote my companies equivalent of google analytics, and other systems related to the topic at hand. I have to tell you, you are off base on a few things. Reputable companies do not share or sell customer information. They use it internally for their own sales and marketing purposes. I know this from first hand knowledge of being forced to sit through meetings as the "technical guy" who can answer questions.

Keeping track of all your purchases has benefits for you as well.
  • If its an in store purchase and you need to return it for some reason you have proof of purchase even if you no longer have the receit.
  • If you purchased an electronics devise some companies will send you an email to let you know that a software or firmware updates are available for it.
  • Some companies will send you an email when an item has been recalled by the manufacture.
  • etc
Scanning your licence for certain drug purchases isn't something they are doing to get your data. The federal and local governments have laws and regulations in place to track the purchase of certain drugs, because they can be used to make illegal drugs. For example products that contain pseudoephedrine can be used to make meth.
Click to expand...

Nope, nope and nope.

The purchases I'm talking about scanning the driver's license for are not the government controlled ones that require record keeping. I'm well aware of the pseudoephedrine requirements and don't blame the stores for that. The only requirement that the items I'm talking about have are a minimum age for purchase. For those items they just need to look at the ID.

Being able to process a return based on the credit card used is handy. Linking that to my name, address and phone number without my consent is not.

And, sure, every company out there is going to go "This place wants to pay us a lot of money for the information on our shoppers but we don't want to share that" I guess Money magazine is off with "That’s because it has become common practice for many retailers to store, collate, and sell the information of millions of customers for a profit. " https://money.com/how-retailers-track-you/
And the BBC "Although stores will often not pass loyalty scheme data to other parties, they may share customers' information with companies within the same group, which can be global.
Some companies may also share the information with their retail partners, who can use it to target their advertising.
Nectar, for example, can share data with at least 49 companies including Argos and Easyjet, according to consumer group Which?" https://www.bbc.com/news/technology-43483426
Which is all fine and dandy, IF I opt-in but I did not.

And no company has ever done things beyond what we see in the press to screw us over. And Target, the same one that wants to scan my driver's licence if I buy a bottle of wine, didn't spend nearly two weeks with a huge hole in their data security all the while ignoring alerts that there was a problem. Sure, I want them to have more of my personal information.
 
DLS79 said:
In the EU they have the GDPR laws. I'm a developer, and I wrote the system my company uses to ensure we comply with the GDPR regulations.

I also wrote my companies equivalent of google analytics, and other systems related to the topic at hand. I have to tell you, you are off base on a few things. Reputable companies do not share or sell customer information. They use it internally for their own sales and marketing purposes. I know this from first hand knowledge of being forced to sit through meetings as the "technical guy" who can answer questions.

Keeping track of all your purchases has benefits for you as well.
  • If its an in store purchase and you need to return it for some reason you have proof of purchase even if you no longer have the receit.
  • If you purchased an electronics devise some companies will send you an email to let you know that a software or firmware updates are available for it.
  • Some companies will send you an email when an item has been recalled by the manufacture.
  • etc
Scanning your licence for certain drug purchases isn't something they are doing to get your data. The federal and local governments have laws and regulations in place to track the purchase of certain drugs, because they can be used to make illegal drugs. For example products that contain pseudoephedrine can be used to make meth.
Click to expand...

All claims aside,
No company does anything unless it serves the purposes of the company first.
All else is a sideffect, desirable or not.
Somewhere the is a customer data clearinghouse where data gets analyzed and this service is "sold" to the companies.
Even with something as simple as providing feedback to McDonalds, if you read the privacy terms regarding "data retention" it clearly states that they will use this data you provide and anything and everything else in order to provide their customers (aka McDonalds and whoever else) with addional products and services.
Common Core (other US educational nightmare) was /is the same thing.

So it becomes a "Give us information so we have a product to sell" TM
Maybe in Europe things are different.

Over here (US) ... it's still the wild wild west when it comes to data.
 
ta240 said:
It is annoying enough that every store hounds me to join their rewards program with "we just need an email address"
Click to expand...

I make up email addresses on the fly...

For instance, here I am asr@(something).bot.nu

My experience with the "sharing" of the addresses I make up has occurred only a couple of times (in ten years), at a Russian(?) bitcoin site,.

On the other hand, my "real" ISP address, which I very rarely use, is full of crap from all over the planet.

If I no longer want mail from someone, or they "share" the address, it is easy to direct them to the bit bucket before it even gets to the inbox, based on recipient (one of my addresses), not sender, which isn't always easy.

My Inbox:

1579197163806.png


Occasionally, some company will object to having their name in my address. No problem...

---

Oh yeah, the troublemaker (shared my address) was BTC-E.

"BTC-e was a cryptocurrency trading platform until the U.S. government seized their website."
 
Last edited:
ta240 said:
Being able to process a return based on the credit card used is handy. Linking that to my name, address and phone number without my consent is not.
Click to expand...

It's not against federal law yet (that I know of) to store CC numbers but i believe it is in a few states. If memory serves, it's against PCI DSS to store credit card numbers. Hence the reason why transactions are linked to customer records. One of the first projects i was involved with when i joined my current employer in the early 0's, was to go through every company system and remove all credit card records, and to update the system to ensure new ones didn't get stored.
 
I don't want to write a thesis here, but in general their is a misunderstanding among the general public about what reputable companies share. And yes the Lawyer butt covering fine print, and half baked news articles only fuels the fire more. If companies share data at all, it's generally obfuscated and/or aggregated.
 
ta240 said:
You probably have better laws regarding how personal information is handled in the UK.
Click to expand...
I think we do, they are not perfect, never will be, but the intention is to try and limit this sort of thing.
I've had requests to extract millions of credit card transactions, to share with other companies to merge and enrich the data, for dubious marketing reasons. In each case I say I'll only do it when they come back with authorisation from legal saying it's ok, and explicitly starting that someone else will accept responsibility for my actions, I've never heard back from anyone with such authorisation.
 
DLS79 said:
It's not against federal law yet (that I know of) to store CC numbers but i believe it is in a few states. If memory serves, it's against PCI DSS to store credit card numbers. Hence the reason why transactions are linked to customer records. One of the first projects i was involved with when i joined my current employer in the early 0's, was to go through every company system and remove all credit card records, and to update the system to ensure new ones didn't get stored.
Click to expand...

You can store credit card numbers in a PCI DSS compliant environment and pass tokens back and forth to non-compliant systems. Many companies will host their card data environments with specialist providers, rather than go through the pain and expense of trying to achieve certification on their own infrastructure.
 
Berwhale said:
You can store credit card numbers in a PCI DSS compliant environment and pass tokens back and forth to non-compliant systems. Many companies will host their card data environments with specialist providers, rather than go through the pain and expense of trying to achieve certification on their own infrastructure.
Click to expand...

That I didn't know, but I have vivid memory of the pain of digging through old legacy systems and trying to reverse engineer them.
 
DLS79 said:
That I didn't know, but I have vivid memory of the pain of digging through old legacy systems and trying to reverse engineer them.
Click to expand...

You should try removing credit card numbers from scans of 40 year old insurance contracts. It wasn't uncommon for brokers to scribble the number on the contract whilst they were on the phone to the client.
 
Numbers...

In 1978 or so, a priest from someplace in the Yucatan came in to rent a car.

I don't remember his name, and he used a cash deposit (try that now).

His Drivers license number was 9, his telephone number was 5.
 
You must log in or register to reply here.

Similar threads

MattHooper
And We Thought High End Dealers Were Bad…?
2 3
Replies
48
Views
5K
RKV1
RKV1
R
Who has an answer-even speculative. Why did I get those 2 speakers for less than half tax in vs 1 before tax? I think I know but did you get the memo?
Replies
0
Views
625
Reminiscent Audio Guy
R
R
.... but I can't be an anomaly can I - speakers 18yrs old sound great - why?
2
Replies
21
Views
3K
wadude
wadude
LunaTempesta
Headers for speaker listening session(s)
2
Replies
21
Views
2K
LunaTempesta
LunaTempesta
D
Just had the Audeze LCD-2 Padauk arrive yesterday
Replies
3
Views
1K
Merkurio
Merkurio
Back
Top Bottom