We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Gymbox - PT added me on Facebook
Comments
-
This forum does suggest on registration that users here should not post under their real names, but I agree that many people leave their Facebooks wide open and vulnerable.Blackbeard_of_Perranporth wrote: »Just FB'd Hannah Dee.
Interesting list with at least 6 with fully open profiles!
(My own original Facebook account was hacked for just that reason in the early days of Social Media, so I fully realise the potential consequences)0 -
ThumbRemote wrote: »
The key words are 'Reasonably expect'. If providing your phone number, you would reasonably expect to be contacted by phone/text - not by any other means. You would also expect to be contacted in a business capacity only.
I think there is a blur here, as her information is freely available.
It's likely that the PT added the OP's number to his phone. Facebook would then automatically (where relevant settings are selected) show the OP's profile to the PT as a suggested friend, where he has added her.
This is likely for legitimate business reasons as it is probably for arranging more sessions/providing a discount as others have highlighted - a lot of PT's conduct their business on Facebook, even through personal profiles.
There is a question over whether Facebook having access to the numbers in his phone would breach GDPR from a data storage perspective, but at the end of the day Facebook has only tied the number with the OP because she has specifically allowed it to.
If the OP is so concerned about privacy, she should really do more at her end.0 -
I think there is a blur here, as her information is freely available.
It's likely that the PT added the OP's number to his phone. Facebook would then automatically (where relevant settings are selected) show the OP's profile to the PT as a suggested friend, where he has added her.
This is likely for legitimate business reasons as it is probably for arranging more sessions/providing a discount as others have highlighted - a lot of PT's conduct their business on Facebook, even through personal profiles.
There is a question over whether Facebook having access to the numbers in his phone would breach GDPR from a data storage perspective, but at the end of the day Facebook has only tied the number with the OP because she has specifically allowed it to.
If the OP is so concerned about privacy, she should really do more at her end.
We're supposing her data is freely available. There's no information either way as to whether the OP does have her Facebook account linked to her phone number - if she doesn't, and the trainer has got her details from the gym office, then it's a data breach on the part of the gym as well.0 -
All this extensive discussion of possible GDPR breaches is losing sight of the OP's motivation in posting the thread;Deleted_User wrote: »I... did just want them to refund the months membership
0 -
I'd have to disagree with that statement. The GDPR covers pretty much everything on GDPR and that is shown by the very wide GDPR definition of processing.marliepanda wrote: »GDPR is mostly to do with how data is stored, rather than used.
@steampowered
The PECR (current privacy regulations) require consent except in circumstances when you can rely on the "soft opt-in" exemption. There are three conditions to be met and if I recall, the PECR stipulates that the soft opt-in only exempts you from marketing similar products or services by email or text. Adding a friend on Facebook is neither of these so the PT would likely be breaching the PECR. Likewise, I don't think the new e-privacy regulations have changed in that respect but I may be wrong.Good point, and this is exactly why the GDPR (and the e-Privacy Directive, which regulates marketing in more detail than the GDPR) allows organisations to market to their existing customers without needing customer consent.
From a common sense and practical perspective, the OP should ask the PT to delete her information that he holds about her since she has not taken up any further PT sessions so there is no need for him to retain it. Although I don't really use Facebook I assume there is a option to block that person so maybe that's something she should do too.0 -
ThumbRemote wrote: »We're supposing her data is freely available. There's no information either way as to whether the OP does have her Facebook account linked to her phone number - if she doesn't, and the trainer has got her details from the gym office, then it's a data breach on the part of the gym as well.
OP clearly states she gave her number to the PT, not the gym.0 -
I'd have to disagree with that statement. The GDPR covers pretty much everything on GDPR and that is shown by the very wide GDPR definition of processing.
.
Sorry my wording was off, GDPR (IMO) makes more CHANGES to the way that data is stored, and the old data protection act covered most of the usage issues we are talking about here.0 -
marliepanda wrote: »OP clearly states she gave her number to the PT, not the gym.
I never doubted that.
One scenario is that the trainer used her number to find her on Facebook.
Another scenario is that the trainer accessed her gym membership record and used information therein to find her on Facebook. This would be a more serious GDPR breach.marliepanda wrote: »Sorry my wording was off, GDPR (IMO) makes more CHANGES to the way that data is stored, and the old data protection act covered most of the usage issues we are talking about here.
It's very clear that Wiseguy knows more about the GDPR than you, so possibly best to stop proving your ignorance.0 -
ThumbRemote wrote: »I never doubted that.
One scenario is that the trainer used her number to find her on Facebook.
Another scenario is that the trainer accessed her gym membership record and used information therein to find her on Facebook. This would be a more serious GDPR breach.
It's very clear that Wiseguy knows more about the GDPR than you, so possibly best to stop proving your ignorance.
It’s also very clear that Wiseguy doesn’t agree with your statement that it’s a ‘clear breach of the GDPR’ (because it’s not)
You brought up GDPR with no knowledge, so who is the real ignorant one.
Like I said, the ICO wouldn’t care less so your suggestion to report it to them is a waste of everyone’s time.
A first name is more than enough to find someone on Facebook, especially if she has a photo of her face as her profile picture.0 -
Moneyineptitude wrote: »All this extensive discussion of possible GDPR breaches is losing sight of the OP's motivation in posting the thread;
But but she can use the GDPR to claim that back plus untold damages and a share of that 20 million euros that!!!8217;s going to be claimed from the PT!0
![[Deleted User]](https://us-noi.v-cdn.net/6031891/uploads/defaultavatar/nFA7H6UNOO0N5.jpg)
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.2K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards