Welp I guess this is the perfect example of companies not deleting your credentials and account info when asking for it… I deleted my Notion account several years ago. And completely randomly today got an email from them about data retention, assuming this is one of those “important” emails they have to send out. Sadly, years ago I wasnt using email-aliases like I am today, so still stuck with them having my email. Fuck I hate this so much. Thought I’d just share this lesson, use alises my friends!

Had the same experience with Lydia advertising their new brand name by email yesterday.

This I would reply and CC my local data authority at the same time, asking for the info that the data authorities need when you file a complaint

Company official name, address, registration number and preferred means of communication with the data authority (phone number, email address, post adress)

This is a shit show. But from what I’ve been able to see, when you remove yourself from the companies, as time goes by, there’s not much of the data you leave behind that can be easily visible to others, other than whatever company has your data, or who they choose to sell it to.

I haven’t been in any social network for over 8 years now, except X, that I killed my account, coincidentally, the day before the acquisition was announced. Last night I did a Google search for my name in my country, and another one global, and the only place I found info about me, after digging down 30+ pages, was linked-in, which my wife manages for our business. Granted, they all probably hold all the data they got from me when I was stupider, but I’m sure they understand how useless data becomes over time if it’s not updated.

I guess my advantage is that I used Gmail accounts for absolutely everything back then, and since I killed all of them, I never get emails from anyone I’m not directly associated with.

When you ask them to delete your account they should delete your account. There is no excuse for them to have your contact information if you dont have an account with them

Often what happens is that when you sign up they also make an API call to their email list service. Then when you delete your account they remove you from their DB but often forget to remove you from the other services. This obviously isn’t acceptable but often not intentional.

In Europe you have to opt in to newsletters. Companies are not even allowed to have the opt in field pre checked!

You activelly need to tick the opt in check box.

@hikaru755@feddit.de
link
fedilink
1
edit-2
7M

Except the email in question is not a newsletter. Companies often use separate mail list services for important product announcements and similar things as well. Obviously there should be a process in place that removes you from these external services too when you delete your account, but I assume this is what broke down in this case

This is also true in lots of places like Canada and (IIUC) California. But very frequently it doesn’t happen. In Canada you can report it but then nothing happens.

I have a hard time believing they actually delete anything.

Send a GDPR demand to delete your data.

tell me more about how you use aliases.

you just using a new one for every service?

Yes, exactly like that.

I’ve had companies just not respect your opt-out preferences. I’ve seen regularly they add new email categories (presumably maliciously) so that they can continue spamming you.

Less commonly they will sell your contact info to third parties

With an email alias you can simply disable that address, and any emails sent to it will be bounced back to the sender.

Also keep in mind that email is one of your main personal identifiers (PID) on the web. When data mining companies buy up information from various sites and services, they use it to link together your activity in order to expand your profile.

With self hosted email and at least Proton Mail (and probably other paid solutions), you can set up a “catch all” address. With that, any non existing email gets redirected to one; for me, I have spam@domain.com so, while myname@domain.com goes to my inbox, thisaddressisinvalid@domain.com and, I don’t know, walmart@domain.com both go to spam@domain.com. I don’t need an individual entry for every alias and I can specifically block any address that’s particularly spammy or compromised.

I hear that you can have a similar setup with something called SimpleLogin, but I’ve never tried that.

Sips'
creator
link
fedilink
47M

Yes indeed, password managers have the option to do this, at least Protonpass and Bitwarden. While Bitwarden you need to connect a third party email service. But it’s relatively easy, especially with Protonpass as it will automatically suggest to do this when you create an account somewhere.

lazynooblet
link
fedilink
117M

Back when I used self hosted mail, I wrote an extension that requested a new alias based on the domain of the website.

Like website.net_d5g4j8@mydomain.com

If the site got compromised I would update the random characters.

I still have 800+ aliases left over from this. But after moving to hosted mail I never updated the extension.

@9point6@lemmy.world
link
fedilink
4
edit-2
7M

Surprisingly little known fact, email addresses actually have the concept of aliases built in (and it’s relatively well supported despite being a bit niche):

your.email+some.alias@gmail.com

Will end up in the inbox of

your.email@gmail.com

But will retain the alias in the To field

The downside is that if a sender is particularly shitty it could detect this and remove the alias again.

lazynooblet
link
fedilink
57M

This is what I use today. However spammers can easily remove the plus address to send email normally so isn’t quite so effective.

What frustrates me is so many websites strip the ‘+’ from the address, either as inline JavaScript or even worse, after submission.

Victoria
link
fedilink
47M

Note: not every provider supports this.

Also, gmail addresses ignore periods. my.email@gmail.com and myem.ail+service@gmail.com will end up in the same inbox

removed by mod

I got an email from century link yesterday asking how my service was, when I had it disconnected 8 years ago, and I got one from apple today about my account, when I deleted it 10 years ago. They don’t care.

removed by mod

Don’t sweat it pal, i got emails from FedEx for 8 years.

Sips'
creator
link
fedilink
157M

Yeah, I really shouldn’t. It’s just annoying, that’s all.

deleted by creator

I’d even recommend going one step further and deleting their account, but I didn’t read the post

:p i keed

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.12K Posts
  • 78K Comments
  • Modlog