Amendments to the PayPal Privacy Statement Effective November 27, 2024:
We are updating our Privacy Statement to explain how, starting early Summer 2025, we will share information to help improve your shopping experience and make it more personalized for you. The key update to the Privacy Statement explains how we will share information with merchants to personalize your shopping experience and recommend our services to you. Personal information we disclose includes, for example, products, preferences, sizes, and styles we think you’ll like. Information gathered about you after the effective date of our updated Privacy Statement, November 27, 2024, will be shared with participating stores where you shop, unless you live in California, North Dakota, or Vermont. For PayPal customers in California, North Dakota, or Vermont, we’ll only share your information with those merchants if you tell us to do so. No matter where you live, you’ll always be able to exercise your right to opt out of this data sharing by updating your preference settings in your account under “Data and Privacy.”
edit: update title to reflect this is for PayPal USA users
Most of those popups are illegal, according to the GDPR. Both opt-in and opt-out need to be just as easily possible.
Exacly, these popups are completely unnecessary and just a form of malicious compliance by the website creators.
They are not even compliance a lot of the times.
They are the equivalent of begging on the street, some of them aggressive enough that it’s illegal.
It’s not illegal if it’s not being enforced.
You can pick out a company and sue them.
What? As a private citizen? in +this* economy?
Wasn’t the point of stuff like the GDPR that the governments would be the ones doing the enforcing and the suing?
No, GDPR is exactly what allows anyone to sue corporations with any chance of success and impact.
Yeah but still at the cost for a private citizen, right?
So, not in this economy.
Or is the cost of the lawsuit prepaid by the State?
Well, you can also file a formal complaint with your regional data protection officer. Usually, this is resolved outside of court, though, so it doesn’t necessarily prove that the behavior was illegal (although a judge might take the data protection officer’s opinion as expert input for future trials anyways).