Search
ATMs in Netherlands are deployed by a partnership of several banks -- what about privacy?
cross-posted from: https://fedia.io/m/privacy/t/312963
> There’s a huge chain of ATMs in Netherlands called Geldmaat which is a partnership of Ing, Rabobank, ABN AMRO, possibly others. > > So I have several questions w.r.t privacy: > > * when you draw money out, do all those banks have access to the transaction? > > * if you use a Rabobank card, does Ing see the transaction? > > * if you use a foreign card that is not associated to any of the partnered banks, which bank handles the transaction? > > This trend is picking up in other countries as well and it seems no articles that announce these changes are talking about the #privacy consequences.
A cashless shop in Amsterdam uses Zettle (paypal) - what are the privacy ramifications?
I went to a cafe in Amsterdam which turned out to not only be cashless, but their payment processor was “Zettle”. Zettle is owned by #PayPal (who shares customer data with over 600 corporations).
So my question is, apart from the expected privacy consequence of your bank & the recipient’s bank recording your transaction, what does Paypal walk away with? Paypal is a data-abusing US-based company. But OTOH the shop is in a #GDPR region. Does the GDPR give any protection in this case?
IIUC, customers consent by default to their data being processed by the merchant & whoever the merchant hires (Paypal), and from there whoever paypal shares with & on down the endless chain. The only notable GDPR protection I can think of is that the data must remain in the EU. So the transaction data cannot be sent to Paypal’s servers in the USA -- correct?
BTW, I asked the owner why he trusts Zettle & also why he does not accept cash. He conceded right away that he didn’t like it either. He said he’s cashless for security and that when he looked at a number of electronic payment systems, Zettle was the cheapest. For me, “cheapest” is a red flag. It’s probably cheap because the data is probably being monetized.
Concrete question: if an American feeds a US-issued credit card into a #Zettle terminal to buy a creme-filled artery-hardening pastry in Amsterdam, is there anything to stop Paypal from doing the processing on the US-side of the transaction before selling that info to a US health insurance company?