In Germany they're Schufa, Rundfunkbeitrag collection service, copyright predators. In Poland I don't even know the names, but if you ever leave your phone number at any doctor, dentist, or blood test lab, starting from next day you'll receive tons of phone calls offering "free products", invitations to "product presentations". Especially if your age is > 50.
> In Poland I don't even know the names, but if you ever leave your phone number at any doctor, dentist, or blood test lab, starting from next day you'll receive tons of phone calls offering "free products", invitations to "product presentations"
I don't know where you are getting your information from but that's not true.
Personal experience of mine and within circle of my acquaintances. Most of the times there is some "GDPR form" you have to sing to receive any service. The blood test results leak from time to time as well. We might be living in different Polands though.
So, it’s anecdotal to your circle. Maybe you're just using some shady providers? Because that’s not my experience or the experience of those in my circle. You should be more careful when buying stuff online; this is where these things happen, not in doctors' offices.
Nope, it's the healthcare service providers. What do you mean by "shady" how do I recognize them? The blood test lab where local legit doctor sends blood is shady?
> careful when buying stuff online
I know what I'm doing online. You sound like communication from most of retail banks.
If my experience differs from yours, where you claim that something illegal is happening, it obviously suggests that you might be using some kind of shady services. The only time I've had experiences like the one you’re describing is when I was using online shopping or other non-medical services.
If you are so certain that you are right and that you 'know what you are doing online,' have you reported this incident to law enforcement? It would benefit everybody. Could you also specify which healthcare service providers you believe sold your data? This information could help others avoid using them.
If that's really the case I recommend what I've done on the few instances I had my contact details shared between 3rd parties for marketing without my consent here in Sweden, contact them explicitly stating you want them to:
1. provide details about how the data was collected according to GDPR's Article 14 paragraph 1, I also request the information they should provide as delineated by paragraph 2.
2. send you all the data related to your person according to GDPR's Article 15.
3. complete erasure of all personal data they have collected in accordance with GDPR's Article 17.
So far I have not had to contact the Swedish DPA since the few times it happened the companies actually followed my GDPR request.
Edit: and even if you have given consent through some GDPR form you can withdraw it at any time, contacting the company with a GDPR request and explicitly stating you withdraw all consent to their processing of personal data should be enough.
