Out of a reflex of distrust, I refuse to participate in any kind of loyalty program of the outlet of the large retail store around the corner.
I tell myself that by refusing to join the loyalty program (which basically comes down to scanning an anonymous loyalty card every time I make a purchase), I prevent them from adding my correlations (what products I buy, in what combos, at what time) to their data.
But since I normally pay by card, I guess they can (and do) already do that with my bank account information?
If I would pay with cash, they can still see those correlations per purchase, but they can’t track my purchases over time?
Wouldn’t this be illegal under GDPR as you didn’t consent?
You do consent often enough.
At least in Germany, there are at least two companies (Schufa and Experian) who will analyze your account data/money transfers to calculate a score.
Technically, this is legal because they claim to have a legitimate interest in the data and you do have to tick a checkbox.
In terms of physical POS, I’ve never ticked any boxes in that process.