Surely on more than one occasion you have received a call, an email or a text message, from a company you had never heard of or perhaps from a known company but one you have no business with.
How do these companies know your data? It is an advertising technique widely used in the world of marketing, with companies that buy databases of potential customers in which there may be everything, including your personal data with names and surnames, your email addresses, your number of mobile or even your physical address.
The law tries to be increasingly restrictive in this regard with the objective of guaranteeing data protection, expressly prohibiting the purchase of databases from other companies. However, in many cases it is data that we have legally transferred, freely accepting conditions that we have not read when filling out a form for any service or registering on certain websites as users.
This data then becomes legally available and there are companies that make money from it. It is companies that carry out marketing with “leads” or with a person’s verified data, , which can reach up to €15 per person if this lead has accurate and detailed personal information.
An investigation by the Federal Trade Commission of the United States revealed that the latest technique in order to nurture these databases is through popular Apps. The data that the investigation found was surprising:
In addition to marketing third-party data, of the 110 most downloaded mobile applications that were analysed, 47% sent the location of the App user; while between 16% and 18% were programmed to automatically send the name of the users and their email address.
Both in Spain through the LOPD, and in Europe with its own regulations, the fine for serious infringements is considerable as companies can be a fined between €60,000 and €300,000. Because of this, it is usually a fairly controlled business in Europe. Despite that, the law is actually breached a lot more often than one would expect as it is very difficult to control the sale of third-party data when the company is foreign and they carry out these transactions exploiting legal gaps.