Members of the Irish Council for Civil Liberties penned a letter to the CEO of Tesco, a U.K. grocery chain, claiming its new practice of barring customers who have not enrolled in its loyalty program is illegal under the U.K. General Data Protection Regulation. Copies of the letter were issued to European Data Protection Board Chairwoman Andrea Jelinek and U.K. Information Commissioner John Edwards, as well as Tesco Chairman John Allan. The letter claims Tesco’s loyalty program “entails extensive data collection and processing” and “infringes the principle of data minimisation set out in Article 5(C) of the UK GDPR.”
27 Oct. 2022
Irish Council for Civil Liberties claims EU grocery chain's loyalty program violates UK GDPR
Related stories
Notes from the IAPP Canada: The intersection of crowdsourced rating sites and privacy
Notes from the Asia-Pacific region: Australia eSafety Commissioner launches social media age restrictions hub
EU Data operational impacts: The Data Act's interplay within the EU digital rulebook
Notes from the IAPP Europe: A focus on the Digital Networks Act
The 2025 Brazilian DPO: Navigating high risks with limited runways
