230

Randomly getting Notion email, after having deleted my account years ago... (slrpnk.net)

submitted 3 weeks ago by Sunny@slrpnk.net to c/privacy@lemmy.ml

24 comments fedilink hide all child comments

Welp I guess this is the perfect example of companies not deleting your credentials and account info when asking for it... I deleted my Notion account several years ago. And completely randomly today got an email from them about data retention, assuming this is one of those "important" emails they have to send out. Sadly, years ago I wasnt using email-aliases like I am today, so still stuck with them having my email. Fuck I hate this so much. Thought I'd just share this lesson, use alises my friends!

all 25 comments

sorted by: hot top controversial new old

[-] Blizzard@lemmy.zip 79 points 3 weeks ago

Send a GDPR demand to delete your data.

[-] skeezix@lemmy.world 30 points 3 weeks ago

Don’t sweat it pal, i got emails from FedEx for 8 years.

[-] Sunny@slrpnk.net 15 points 3 weeks ago

Yeah, I really shouldn't. It's just annoying, that's all.

[-] umbrella@lemmy.ml 12 points 3 weeks ago

tell me more about how you use aliases.

you just using a new one for every service?

[-] lazynooblet@lazysoci.al 11 points 3 weeks ago

Back when I used self hosted mail, I wrote an extension that requested a new alias based on the domain of the website.

Like website.net_d5g4j8@mydomain.com

If the site got compromised I would update the random characters.

I still have 800+ aliases left over from this. But after moving to hosted mail I never updated the extension.

[-] 9point6@lemmy.world 4 points 3 weeks ago* (last edited 3 weeks ago)

Surprisingly little known fact, email addresses actually have the concept of aliases built in (and it's relatively well supported despite being a bit niche):

your.email+some.alias@gmail.com

Will end up in the inbox of

your.email@gmail.com

But will retain the alias in the To field

The downside is that if a sender is particularly shitty it could detect this and remove the alias again.

[-] lazynooblet@lazysoci.al 5 points 3 weeks ago

This is what I use today. However spammers can easily remove the plus address to send email normally so isn't quite so effective.

What frustrates me is so many websites strip the '+' from the address, either as inline JavaScript or even worse, after submission.

[-] gratux@lemmy.blahaj.zone 4 points 3 weeks ago

Note: not every provider supports this.

Also, gmail addresses ignore periods. my.email@gmail.com and myem.ail+service@gmail.com will end up in the same inbox

[-] Sunny@slrpnk.net 4 points 3 weeks ago

Yes indeed, password managers have the option to do this, at least Protonpass and Bitwarden. While Bitwarden you need to connect a third party email service. But it's relatively easy, especially with Protonpass as it will automatically suggest to do this when you create an account somewhere.

[-] toynbee@lemmy.world 1 points 3 weeks ago

With self hosted email and at least Proton Mail (and probably other paid solutions), you can set up a "catch all" address. With that, any non existing email gets redirected to one; for me, I have spam@domain.com so, while myname@domain.com goes to my inbox, thisaddressisinvalid@domain.com and, I don't know, walmart@domain.com both go to spam@domain.com. I don't need an individual entry for every alias and I can specifically block any address that's particularly spammy or compromised.

I hear that you can have a similar setup with something called SimpleLogin, but I've never tried that.

[-] helenslunch@feddit.nl 1 points 3 weeks ago* (last edited 3 weeks ago)

Yes, exactly like that.

I've had companies just not respect your opt-out preferences. I've seen regularly they add new email categories (presumably maliciously) so that they can continue spamming you.

Less commonly they will sell your contact info to third parties

With an email alias you can simply disable that address, and any emails sent to it will be bounced back to the sender.

Also keep in mind that email is one of your main personal identifiers (PID) on the web. When data mining companies buy up information from various sites and services, they use it to link together your activity in order to expand your profile.

[-] NeroC_Bass@lemmy.dbzer0.com 6 points 3 weeks ago

I got an email from century link yesterday asking how my service was, when I had it disconnected 8 years ago, and I got one from apple today about my account, when I deleted it 10 years ago. They don't care.

[-] Scolding0513@sh.itjust.works 3 points 3 weeks ago

yep, they couldnt give two shits, and all the lawsuits in the world are too weak to do anything meaningful.

Always protect yourself first and foremost, never trust anyone unless you have to!

[-] cosmicrookie@lemmy.world 4 points 3 weeks ago* (last edited 3 weeks ago)

This I would reply and CC my local data authority at the same time, asking for the info that the data authorities need when you file a complaint

Company official name, address, registration number and preferred means of communication with the data authority (phone number, email address, post adress)

[-] Scolding0513@sh.itjust.works 3 points 3 weeks ago

this is the company that Skiff sold out to. sad.

[-] jjlinux@lemmy.ml 1 points 3 weeks ago

This is a shit show. But from what I've been able to see, when you remove yourself from the companies, as time goes by, there's not much of the data you leave behind that can be easily visible to others, other than whatever company has your data, or who they choose to sell it to.

I haven't been in any social network for over 8 years now, except X, that I killed my account, coincidentally, the day before the acquisition was announced. Last night I did a Google search for my name in my country, and another one global, and the only place I found info about me, after digging down 30+ pages, was linked-in, which my wife manages for our business. Granted, they all probably hold all the data they got from me when I was stupider, but I'm sure they understand how useless data becomes over time if it's not updated.

I guess my advantage is that I used Gmail accounts for absolutely everything back then, and since I killed all of them, I never get emails from anyone I'm not directly associated with.

[-] cosmicrookie@lemmy.world 5 points 3 weeks ago

When you ask them to delete your account they should delete your account. There is no excuse for them to have your contact information if you dont have an account with them

[-] kevincox@lemmy.ml 1 points 3 weeks ago

Often what happens is that when you sign up they also make an API call to their email list service. Then when you delete your account they remove you from their DB but often forget to remove you from the other services. This obviously isn't acceptable but often not intentional.

[-] cosmicrookie@lemmy.world 1 points 3 weeks ago

In Europe you have to opt in to newsletters. Companies are not even allowed to have the opt in field pre checked!

You activelly need to tick the opt in check box.

[-] kevincox@lemmy.ml 1 points 3 weeks ago

This is also true in lots of places like Canada and (IIUC) California. But very frequently it doesn't happen. In Canada you can report it but then nothing happens.

[-] hikaru755@feddit.de 1 points 3 weeks ago* (last edited 3 weeks ago)

Except the email in question is not a newsletter. Companies often use separate mail list services for important product announcements and similar things as well. Obviously there should be a process in place that removes you from these external services too when you delete your account, but I assume this is what broke down in this case

[-] jjlinux@lemmy.ml 0 points 3 weeks ago

I have a hard time believing they actually delete anything.

[-] pedroapero@lemmy.ml 1 points 2 weeks ago

Had the same experience with Lydia advertising their new brand name by email yesterday.

this post was submitted on 10 May 2024

230 points (96.7% liked)

Privacy

29356 readers

442 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

k_o_t@lemmy.ml

tmpod@lemmy.pt

TheAnonymouseJoker@lemmy.ml

Yayannick@lemmy.ml

ranok@sopuli.xyz