this post was submitted on 10 May 2024
232 points (96.8% liked)

Privacy

32120 readers
415 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Welp I guess this is the perfect example of companies not deleting your credentials and account info when asking for it... I deleted my Notion account several years ago. And completely randomly today got an email from them about data retention, assuming this is one of those "important" emails they have to send out. Sadly, years ago I wasnt using email-aliases like I am today, so still stuck with them having my email. Fuck I hate this so much. Thought I'd just share this lesson, use alises my friends!

all 25 comments
sorted by: hot top controversial new old
[–] Blizzard@lemmy.zip 79 points 6 months ago

Send a GDPR demand to delete your data.

[–] skeezix@lemmy.world 29 points 6 months ago (1 children)

Don’t sweat it pal, i got emails from FedEx for 8 years.

[–] Sunny 14 points 6 months ago

Yeah, I really shouldn't. It's just annoying, that's all.

[–] umbrella@lemmy.ml 12 points 6 months ago (4 children)

tell me more about how you use aliases.

you just using a new one for every service?

[–] lazynooblet@lazysoci.al 11 points 6 months ago (1 children)

Back when I used self hosted mail, I wrote an extension that requested a new alias based on the domain of the website.

Like website.net_d5g4j8@mydomain.com

If the site got compromised I would update the random characters.

I still have 800+ aliases left over from this. But after moving to hosted mail I never updated the extension.

[–] 9point6@lemmy.world 4 points 6 months ago* (last edited 6 months ago) (2 children)

Surprisingly little known fact, email addresses actually have the concept of aliases built in (and it's relatively well supported despite being a bit niche):

your.email+some.alias@gmail.com

Will end up in the inbox of

your.email@gmail.com

But will retain the alias in the To field

The downside is that if a sender is particularly shitty it could detect this and remove the alias again.

[–] lazynooblet@lazysoci.al 5 points 6 months ago

This is what I use today. However spammers can easily remove the plus address to send email normally so isn't quite so effective.

What frustrates me is so many websites strip the '+' from the address, either as inline JavaScript or even worse, after submission.

[–] gratux@lemmy.blahaj.zone 4 points 6 months ago

Note: not every provider supports this.

Also, gmail addresses ignore periods. my.email@gmail.com and myem.ail+service@gmail.com will end up in the same inbox

[–] Sunny 4 points 6 months ago

Yes indeed, password managers have the option to do this, at least Protonpass and Bitwarden. While Bitwarden you need to connect a third party email service. But it's relatively easy, especially with Protonpass as it will automatically suggest to do this when you create an account somewhere.

[–] toynbee@lemmy.world 1 points 6 months ago

With self hosted email and at least Proton Mail (and probably other paid solutions), you can set up a "catch all" address. With that, any non existing email gets redirected to one; for me, I have spam@domain.com so, while myname@domain.com goes to my inbox, thisaddressisinvalid@domain.com and, I don't know, walmart@domain.com both go to spam@domain.com. I don't need an individual entry for every alias and I can specifically block any address that's particularly spammy or compromised.

I hear that you can have a similar setup with something called SimpleLogin, but I've never tried that.

[–] NeroC_Bass@lemmy.dbzer0.com 6 points 6 months ago (1 children)

I got an email from century link yesterday asking how my service was, when I had it disconnected 8 years ago, and I got one from apple today about my account, when I deleted it 10 years ago. They don't care.

[–] Scolding0513@sh.itjust.works 3 points 6 months ago

yep, they couldnt give two shits, and all the lawsuits in the world are too weak to do anything meaningful.

Always protect yourself first and foremost, never trust anyone unless you have to!

[–] cosmicrookie@lemmy.world 4 points 6 months ago* (last edited 6 months ago)

This I would reply and CC my local data authority at the same time, asking for the info that the data authorities need when you file a complaint

Company official name, address, registration number and preferred means of communication with the data authority (phone number, email address, post adress)

[–] Scolding0513@sh.itjust.works 3 points 6 months ago

this is the company that Skiff sold out to. sad.

[–] jjlinux@lemmy.ml 2 points 6 months ago (1 children)

This is a shit show. But from what I've been able to see, when you remove yourself from the companies, as time goes by, there's not much of the data you leave behind that can be easily visible to others, other than whatever company has your data, or who they choose to sell it to.

I haven't been in any social network for over 8 years now, except X, that I killed my account, coincidentally, the day before the acquisition was announced. Last night I did a Google search for my name in my country, and another one global, and the only place I found info about me, after digging down 30+ pages, was linked-in, which my wife manages for our business. Granted, they all probably hold all the data they got from me when I was stupider, but I'm sure they understand how useless data becomes over time if it's not updated.

I guess my advantage is that I used Gmail accounts for absolutely everything back then, and since I killed all of them, I never get emails from anyone I'm not directly associated with.

[–] cosmicrookie@lemmy.world 6 points 6 months ago (2 children)

When you ask them to delete your account they should delete your account. There is no excuse for them to have your contact information if you dont have an account with them

[–] kevincox@lemmy.ml 1 points 6 months ago (1 children)

Often what happens is that when you sign up they also make an API call to their email list service. Then when you delete your account they remove you from their DB but often forget to remove you from the other services. This obviously isn't acceptable but often not intentional.

[–] cosmicrookie@lemmy.world 2 points 6 months ago (2 children)

In Europe you have to opt in to newsletters. Companies are not even allowed to have the opt in field pre checked!

You activelly need to tick the opt in check box.

[–] kevincox@lemmy.ml 1 points 6 months ago

This is also true in lots of places like Canada and (IIUC) California. But very frequently it doesn't happen. In Canada you can report it but then nothing happens.

[–] hikaru755@feddit.de 1 points 6 months ago* (last edited 6 months ago)

Except the email in question is not a newsletter. Companies often use separate mail list services for important product announcements and similar things as well. Obviously there should be a process in place that removes you from these external services too when you delete your account, but I assume this is what broke down in this case

[–] jjlinux@lemmy.ml 0 points 6 months ago

I have a hard time believing they actually delete anything.

[–] pedroapero@lemmy.ml 1 points 6 months ago

Had the same experience with Lydia advertising their new brand name by email yesterday.