I have for a long time been using the + format to create “unique” emails for companies. Nowadays I’ve levelled that up with using <word>@rnd.mydomain which is a wildcard for the domain. I’ll write a blog about why it’s better and how to do it sometime.
Either way, this is a repost of an old twitter thread.
Back in 2020, I was been repeatedly called by a bitcoin/CFD company who refused to accept a “I’m not interested”. Let’s call them Company MagicMoney. I had my suspicions on where they got my number from and I got confirmation when I asked them to email me the inf, and they sent me a mail to gabriel+somehwat-legit-trading-platform@mydomain.
And as the original company is EU based I sent them a #GDPR request to see what they are doing with my data and maybe get them to stop giving it to shady trade platforms based in St. Vincent and the Grenadines.
I did get a response with a what looks like a JSON dump which seemed to contain most relevant interactions I had with the site. And it was completed within 30 days so at least their compliance department was working.
But as for how the data ended up in St. Vincent and the Grenadines? They denied ever sharing or selling it.
Which might be true or not, either way I just exercised my right to have my data deleted and called it a day.
Endnote
This happened in 2020, I don’t remember which companies were involved or why had signed up with Somewhat-Legit-Trading-Company. Interestingly, after I asked them to delete all my info, the calling stopped. Coincidence? Maybe.
Blaugust
Another blaugust post tagged as draft.