What do you do when a shop assistant asks for your email address when you’ve just made a purchase?
The reason they give is that they want to send you a receipt by email (an e-receipt). They will say it’s better sent by email because that way you have a permanent record, the receipt won’t get lost, destroyed in the wash, faded in the sunlight, eaten by the dog, etc.
On the other hand, there are some serious implications for data privacy – and these aren’t confined to reciting (and even spelling out) your email address in front of the queue of shoppers standing behind you.
According to the provisions of the GDPR (General Data Protection Regulations), the retailer must tell you in advance how your data will be used and must give you the opportunity to decline any marketing advances that use the email address you’ve just given them. Fair enough, as long as they actually do that and you can give informed consent (bearing in mind that the queue behind you is not just breathing down your neck, but is now breathing fire). And it’s just not realistic to expect the shop assistant to explain to you in this situation just who they are intending to share your information with (which they are obliged to do).
What I am more worried about, though, is whether your email information and purchasing history are being kept private by the retailer.
According to Thisismoney:
“The Information Commissioner’s Office (ICO) is concerned shops that issue e-receipts could be using customers’ email addresses for other purposes and flouting data protection laws. The watchdog is also worried that shoppers’ details might be sold to third parties without their knowledge.”
And it might not even be illegal if you’ve been told about their privacy policy and that they do sell it – and if you’ve had the chance to read the privacy policy and agreed to it, and if you’ve understood the implications, and if the person behind you in the queue hasn’t had apoplexy by now. That’s an awful lot of “ifs”.
Some people just don’t care about privacy of their data. Their typical response when probed about this attitude is a shrug of the shoulders and “I’ve got nothing to hide”. Well, if you belong in that camp then good luck to you (and your data and your privacy). I don’t.
So, when asked for my email address I politely request a paper receipt. In most cases, I get one even though the vendor has no legal obligation to provide a receipt in a face to face transaction. This strikes me as rather bizarre, but I’ve found this stated on a number of websites. I sent an email to my local trading standards office asking them to confirm it, but they haven’t favoured me with a reply.
And, if the retailer won’t give me a “proper” receipt? I give them a throwaway gmail account that I set up just for this purpose. It does not include my name, and is unlikely ever to be traceable back to me (other than by the omnipotent Mr Google, of course).
Are we losing the fight for our privacy? Quite possibly, but I’m not giving up easily.
Some further reading for you, if you haven’t given up either:
https://wellkeptwallet.com/free-apps-scan-grocery-receipts/
https://www.paymentsense.com/uk/blog/business-offer-email-receipts/
https://www.clarionsolicitors.com/articles/e-receipts-being-used-to-break-gdpr-rules
Just click on the jar…
