• 0 Posts
  • 5 Comments
Joined 1 year ago
cake
Cake day: July 2nd, 2023

help-circle




  • This is just from memory and I haven’t double checked it but.

    There’s exemptions in GDPR, and some of them are related to financial, tax and safety stuff.

    A company has to be able to prove legitimacy of transactions for 10 years in most of Europe, so keeping your card details and transaction history etc for 10 years is within GDPR exemptions for sure.

    The real issue here is why the card of someone who has otherwise completely ended their customer relationship with the business was accessed in any way.