Somewhere someone could be selling your data for money. I can imagine the below happening. After all, all corporates are hand-in-glove with each other when it comes to public's privacy.
This is probably what your ISP is doing. Take your MAC Addresses, try to find the phones in your house which is connected to the wifi, take those MAC addresses to all the telecoms, get the SIM card number and the phone number associated with those MAC numberss, send those phone numbers to the banks to find matching bank accounts and the associated credit card number, along with your registered email address, get the purchase history from the bank on the credit card number, compare it with your browsing history and sell all of this to another company and make money.
In Recital 43, the GDPR adds a presumption that consent is not freely given if there is “a clear imbalance between the data subject and the controller, in particular where the controller is a public authority.” Importantly, a controller may not make a service conditional upon consent, unless the processing is necessary for the service. Also, data subjects have the right to withdraw given consent.
they had similar wording to the cookie things. you had to say for what feature the cookie would be used, at the time the user was actually starting use of the feature. advertising? logging in? ....in the end everyone just says "to use this website" and use for whatever (but mostly ads)
This is probably what your ISP is doing. Take your MAC Addresses, try to find the phones in your house which is connected to the wifi, take those MAC addresses to all the telecoms, get the SIM card number and the phone number associated with those MAC numberss, send those phone numbers to the banks to find matching bank accounts and the associated credit card number, along with your registered email address, get the purchase history from the bank on the credit card number, compare it with your browsing history and sell all of this to another company and make money.