Amendments to the PayPal Privacy Statement Effective November 27, 2024:
We are updating our Privacy Statement to explain how, starting early Summer 2025, we will share information to help improve your shopping experience and make it more personalized for you. The key update to the Privacy Statement explains how we will share information with merchants to personalize your shopping experience and recommend our services to you. Personal information we disclose includes, for example, products, preferences, sizes, and styles we think you’ll like. Information gathered about you after the effective date of our updated Privacy Statement, November 27, 2024, will be shared with participating stores where you shop, unless you live in California, North Dakota, or Vermont. For PayPal customers in California, North Dakota, or Vermont, we’ll only share your information with those merchants if you tell us to do so. No matter where you live, you’ll always be able to exercise your right to opt out of this data sharing by updating your preference settings in your account under “Data and Privacy.”
edit: update title to reflect this is for PayPal USA users
Ah yes, that thing that sites mention on those annoying popups before making us sign away our privacy anyway.
That thing which makes Meta and Apple so scared they do not release their new products in AI anymore in the EU to pressure us to loosen up the laws. That has already been costly to these companies.
That prevents Paypal from doing this change in the EU.
The law that has been awesome so far.
Yeah, critics don’t realise that headlines like that don’t phase me at all since GDPR.
Clicking on “deny all” is well worth the positives. I think there’s even add ons that do it for you.
Most of those popups are illegal, according to the GDPR. Both opt-in and opt-out need to be just as easily possible.
Exacly, these popups are completely unnecessary and just a form of malicious compliance by the website creators.
They are not even compliance a lot of the times.
They are the equivalent of begging on the street, some of them aggressive enough that it’s illegal.
It’s not illegal if it’s not being enforced.
You can pick out a company and sue them.
What? As a private citizen? in +this* economy?
Wasn’t the point of stuff like the GDPR that the governments would be the ones doing the enforcing and the suing?
Well, you can also file a formal complaint with your regional data protection officer. Usually, this is resolved outside of court, though, so it doesn’t necessarily prove that the behavior was illegal (although a judge might take the data protection officer’s opinion as expert input for future trials anyways).
No, GDPR is exactly what allows anyone to sue corporations with any chance of success and impact.
Yeah but still at the cost for a private citizen, right?
So, not in this economy.
Or is the cost of the lawsuit prepaid by the State?
Yeah, no. You can choose to say no. A privacy banner has to give you a single click option to decline the use of your personal data and if you don’t get that option, they’re not complying to GDPR.
I systematically file complaints against unlawful privacy banners and with every popup that gets corrected I made the world a more privacy friendly place. It ain’t much but it’s an honest job.