
Ask HN: Why am I getting all these GDPR emails? - TekMol
My inbox is full with emails from various companies and individuals. In one form or another they are all stating this:<p>&quot;You once gave us your email so we can send you newsletters. If you don&#x27;t want that anymore, please tell us. Otherwise we assume that we still have the right to send you our newsletters.&quot;<p>How does that make sense? If I once gave consent to get newsletters why would the GDPR invalidate it? And if so, how would this mail and me doing nothing create a new type of consent?
======
jacquesm
They're panicking. Their precious lists will be useless soon (already are, but
that's besides the point).

For one the companies probably have not saved you giving consent, for another
plenty of them bought lists and mixed those with the lists for which they did
have consent.

You doing nothing does not create any consent, the consent has to be active,
so the default is that you did not give your consent and only a positive
confirmation can change that.

Finally, they probably don't have the right to send these emails in many
cases.

~~~
TekMol

        have not saved you giving consent
    

What do you mean? That they had a form like this:

    
    
        Enter your email: ______
        Check to receive newsletters: [_]
    

But did not save if the checkbox was ticked?

Since them sending this mail and me doing nothing does not create consent, why
do they send it? How did they get the idea to do so? The emails all look
pretty similar.

~~~
yulaow
Under gdpr (and also old privacy eu directive) you have to link a explicit
privacy policy with the "check the inbox" to confirm consent, if there was no
privacy policy linked the consent is not valid (not before, nor now, nor
anymore)

So even those companies who had your email for newsletter at the time cannot
use it anymore after the 25 may if you don't give a new full informed consent

~~~
TekMol

        if there was no privacy policy
        linked the consent is not valid 
    

Which article of the GDPR states that? I cannot find a single occurance of the
term "privacy policy" in the GDPR.

~~~
yulaow
Privacy policies were already mandatory in the previous eu privacy directive
over which the GDPR directly extends.

[1][https://termsfeed.com/blog/gdpr-privacy-
policy/#Have_a_Priva...](https://termsfeed.com/blog/gdpr-privacy-
policy/#Have_a_Privacy_Policy)

[2] [https://termsfeed.com/blog/privacy-policy-mandatory-
law/#In_...](https://termsfeed.com/blog/privacy-policy-mandatory-
law/#In_the_European_Union_EU)

~~~
TekMol
These type of sites often write nonsense. I prefer to look at the actual text
of the regulations.

------
snthd
[https://www.theguardian.com/technology/2018/may/21/gdpr-
emai...](https://www.theguardian.com/technology/2018/may/21/gdpr-emails-
mostly-unnecessary-and-in-some-cases-illegal-say-experts)

------
chris__butters
Where do you live?? If you are within the EU you must have been living under a
rock for the past 6 months.

GDPR is new legislation that evolves most data protection laws to make it
better for consumers to be in control of their digital information.

This includes your name and email address for marketing purposes as well as so
much more. If the organisation didn't follow best practice and full gain
consent to be able to contact you to establish this beyond a point of doubt.

