European hotel owners are angry over the "best price" clause at the online booking giant they say had kept them from offering rooms for less on their own websites.
If you are in the EU write to their data protection contact that you demand your right to deletion under the GDPR to be upheld and otherwise would launch a complaint with your national data protection office.
Also make screenshots along the way, in case you need to escalate it to the last step.
I know this sounds tedious and it can be. But it can often help directly if the companies react or it helps building a case against them to get fined later.
I used the contact form on their website to ask if I can be excluded from whatever fingerprinting they are doing. They told me they do not collect any data themselves. Fair enough.
3 months later I started getting marketing emails even though it was a simple contact form. So I submitted a GDPR complaint for malicious collection of my personal details. A few weeks later I received confirmation from my national GDPR instance that it was indeed not allowed under GDPR and that they also found more things that were wrong. They told me they falsely claimed GDPR compliance but didn’t even have a European spokesperson.
The GDPR instance gave them some time to fix all the problems they found, and sent me a 13 page legal document by mail with all of the problems listed. I was part of the complaint and would be contacted if the process continued. It seems they fixed all the problems because the instance did not contact me anymore after that.
If you are in the EU write to their data protection contact that you demand your right to deletion under the GDPR to be upheld and otherwise would launch a complaint with your national data protection office.
Also make screenshots along the way, in case you need to escalate it to the last step.
I know this sounds tedious and it can be. But it can often help directly if the companies react or it helps building a case against them to get fined later.
I got some companies in trouble with GDPR complaints.
It takes some work but it’s really fun.
that’s interesting, can you give more details, i’d like to hear.
I’ll talk about fingerprint.com
I used the contact form on their website to ask if I can be excluded from whatever fingerprinting they are doing. They told me they do not collect any data themselves. Fair enough.
3 months later I started getting marketing emails even though it was a simple contact form. So I submitted a GDPR complaint for malicious collection of my personal details. A few weeks later I received confirmation from my national GDPR instance that it was indeed not allowed under GDPR and that they also found more things that were wrong. They told me they falsely claimed GDPR compliance but didn’t even have a European spokesperson.
The GDPR instance gave them some time to fix all the problems they found, and sent me a 13 page legal document by mail with all of the problems listed. I was part of the complaint and would be contacted if the process continued. It seems they fixed all the problems because the instance did not contact me anymore after that.
Yeah, I honestly have given up and stopped caring. But if I feel like it, I will.