Consumer clubs and privacy

I remember recently shopping something in "Turbo Sport", a sport equipment shop in Croatia. Some young girl (maybe 14-15 years old) in the queue before me has been offered a membership in the shop's "customer club". With each purchase you collect some points and when you collect enough points, you get some kind of discount or a gift. In fact, every customer is offered the membership, which I had declined.

The point is that the membership application asks you for a bunch of personal data like the date of birth, full name, the home address and so on (it took her few minutes to fill out the complete membership form). Although I'm not keen on giving away my personal data, another thing bothered me more than that at the moment.

It is the fact that each time someone uses his/her membership card, the shop has an opportunity to tie together all their past purchases and build their profile. Such kind of information is much more valuable to the shop than a few euros of discount it gives. Somebody may object that the shop can build a profile every time someone uses a credit-card, but note that Croatian citizens make their payments most often (like in more >90% cases) in cash.

Maybe I'm paranoid, but.. if they don't build your profile, why not just make a "stamp" scheme that e.g. Subway fast-food chain has. There is no single piece of personal information on that small piece of paper on which stamps are collected. When you collect 10 stamps, you get a discount and a new piece of paper.

Why does "Turbo Sport" make you fill out a form that takes a few minutes to fill out (i.e. they ask you for much data). What's worse, you have no idea what for are they using your data or how safely it is stored. Then I didn't bother to search for it, but I don't even think that there was some kind of privacy policy written on the membership form.

Croatia does have some regulations about securing personal data (I'm not acquainted with them at all), but I don't think that any law can forbid organizations to collect personal data. In the end, everyone gives it out volountarily when asked to.

And oh, BTW, I really like Subway's sandwiches. Much better (both in the terms of taste and ingredients) than McDonald's products :)


Anonymous said...

Unfortunately you're quite wrong about Croatians mostly paying cash. The living standard of most people is so low that they are forced to buy everything of value in multiple payments, this is in most cases being facilitated by a credit card (typically MasterCard). For them a credit card is not a luxury, but a necessity. The "Turbo Sport" shop is a great example -- I'd be willing to bet that most payments over 300kn ($50) or so in that shop are made with the use of a credit card.

Anonymous said...

Good post, hope more young Croatians would read it. Tempora mutantur.


I now live in North America. Consumers are daily bombarded with warnings about the need to protect their private information: it is often said how only a knowledge of your date of birth and/or Social Security Number is more than enough for some fraudster to rack up thousands of dollars of debt in your name. (With the full and unquestioned cooperation of the banks and finance companies).

It happens so that almost half a century ago I was a noted member of a club, prominent on the Croatian sports scene. Hey, today's management of the outfit even has a web page devoted to those "old-timers". Complete with their names and birthdays - all in the good old KaUndKa bureaucratic manner. So just by typing my name in a search engine...

Instinctive Zeljko's reaction (one should protect his personal information...) is understandable. But my reaction is different: there is something wrong with the world in which one must "protect" such innocent piece of information as the day when one joined the humanity!

zvrba said...

I agree that something is wrong in the world when it reached the state as it is now. Unfortunately, there's little that we as individuals can do about it. Information is power, in this age more than ever. What we really lack are good data protection mechanisms. Which preferrably won't include people (because people are always the weak link in any security scheme).

IMHO, it's better to be aware of possible risks than to be sorry later.

Anonymous said...

There is no way I could have "been more careful" when, as a high-school kid in mid-sixties, I filled out the birth-date box on that application form. Which of the things we do today will have similar, completely unforeseen consequences years from now? Our individual acts of resistance are futile; we have no option but to organize and change the way things are. To me, the encouraging thing is that we agree - across the generation gap - on the diagnosis, even if we prescribe different treatment. (but I'll take my soap-box, tired as it is, from cluttering your vrli blog now :).


zvrba said...

Oh, but you're not cluttering my blog! This has been an interesting discussion. :) Thanks for sharing your opinion.