I know, dating is hard, and services like Meetic look like they can help but they quite instantly try to make you pay. Granted, if you use my email to register, it’s even harder.
I know it’s hard to onboard new users. I assure you that however violating the privacy by registering and activating an email that never authorized you is not a good way to proceed. Sure, everyone makes error, but not even a link to remove the email? That’s bad practice, don’t you think?
It’s even worse because… we already had this discussion in August 2017. And your customer support told me that they were to fix the issue. Why then are we still here, GDPR and all, and my email is getting used without authorization?
- Prologue: this is the second time. Meetic wasn’t validating the emails already in August 2017, where someone registered an account with my email and I had to jump through loops to get it deactivated. At the time took them about a day to reply.
- 2018-06-01 — Received an “Activate your Account” email. I don’t activate.
- 2018-06-01 — Received an “Your photo has been approved” email. Clearly the account is active and the email has been used without authorization.
- 2018-06-01 — I try to check the account. Password recovery works – again, clearly representing that the email is active in the database.
- 2018-06-01 — I gain access to the profile, but the “email” field can’t be edited. I try to edit the profile because it’s moderated and maybe some humans will see it. I’m stuck.
- 2018-06-01 — I contact their customer care from inside the service, from the email reply account, and from their Terms of Privacy email contact.
- 2018-06-01 — I click on “Stop contacting me” on the email that contained the “Activate your Account” link.
- 2018-06-01 — I receive a new email that my update to the profile wasn’t accepted. Clearly again the email is still active, and the request to not receive emails anymore isn’t respected.
- 2018-06-01 — I look for support documentation, and I figure out that even for some reason I can’t update the email address, I seem to be able to close the account. I close the account.
- 2018-06-01 — To cross-check if closing the account worked, I try to do yet again a password recovery. I get a message that I’m going to receive an email: it looks like my email is as such still in their database unfortunately.
- 2018-06-02 — Their support team replies confirming that the account has been deleted, but they also add “That’s not an issue with our systems, someone probably played a prank on you”. So I registered their customer support email to their own service.
The GDPR is now in effect, so let’s see how much things improve with the issues this blog is tracking about unauthorized registration of emails and the challenges to have them removed.
As a long-time player of Unreal and Unreal Tournament – the originals! I know! – I understand how amazing Epic games are. Yet, I think it would be better that you use your email address to register, otherwise you will have some major problems later to keep your scores and your game profile. I know very well how precious they are.
I understand you want to have as many users as you can – growth! right? – yet if I never click on “Verify Your Email”, why is my email still in your database? I really hoped you were going to do the right thing… yet we are. A month later, and my email is still recorded.
Possible privacy violation:
- Email stored in a database without authorization
- 2018-04-07 — Received “Verify” email, I archived without clicking.
- 2018-05-07 — I receive an email warning me of multiple attempt to login to “my” account (note: I do have an Epic account, but it’s associated to a different email). I double check to be sure, this time it’s the email address I never authorized.
- 2018-05-07 — I try to access the account to contact their customer care. I contact them, asking to delete the account associated with my email.
- 2018-05-09 — I receive a reply that to proceed with the deletion I have to… verify the email first.
- 2018-05-09 — I reply asking to remove my email as they are not authorized to store it.
- 2018-05-09 — Epic answers that the account seems “verified” already (WAT?!?) and they are “escalating” to the “next step”. It also adds: “Please await our email, as any response to this ticket will reset the escalation process and may lead to a delay in handling your request”.
- 2018-05-23 —Received an email warning me of multiple attempt to login to “my” account. Again.
- 2018-05-23 — I now reply to the “escalation” email above, since it’s now two weeks since then!
- 2018-05-31 — Received an email warning me of multiple attempt to login to “my” account. Again.
- 2018-06-01 — Finally Epic deleted the account (was it necessary? couldn’t have they just changed the email?). Case closed (even if it seems they still allow users to register without authorizing the email, and the email address can’t be updated).
- 2018-06-13 — Unfortunately, even if Epic confirmed the account deletion, I received yet another email providing details on how to secure my account (“Mantieni al sicuro il tuo account”).
- 2018-06-18 — They replied they haven’t my email in their database. Yet I received the email, so they asked for more details.
- 2018-07-01 — After a couple emails, I send them the email header of the latest email I received from them.
- 2018-07-19 — They now confirmed they have now “updated a few things on our side” and I shouldn’t receive emails anymore.
I don’t know you, but I think it’s great you decided to try out an app to track and improve your diet. Unfortunately, I’d also have appreciated you used your own email instead of mine.
Possible privacy violations:
- Email registered without authorization
- No-reply sender for the emails sent
- 2017-04-15 — Received email.
- 2017-04-15 — Sent email to email@example.com (no-reply, bounced back), firstname.lastname@example.org, email@example.com (their legal firm).
A broken email case from Sandy:
Dear Richard and Sandra,
I hope you all have a great trip heading to Florida! If you’re wondering why it is taking so long for your boarding passes to come through email, you’ll be waiting much longer. As you can’t seem to get your own email right you may just want to print them out when you make it to the airport.
A broken email case from Sandy:
Glad you’ve been able to find a new job, or that your current job moved into paperless pay stubs. Make sure you give your email address for important financial emails though. Had I not contacted back your employer after the second pay stub came through you might not get important tax forms at the end of the year.
Best of luck in the new venture,
A broken email case from Sandy:
My Spanish is not great (non-existent) but from the looks of it, and the translation, you’ve ordered some kind of laser and it is on it’s way to you now. I’m not sure if I should be curious about what you’re up to, or report you to the authorities as an evil genius building the ultimate weapon to take over the world. In any case just remember that I was nice and didn’t log into your homecenter.com.co account and cancel the order when I first saw it come through. In other words don’t aim your laser at me!
Thanks in advance,