Hi,
I have received a claim for damages in respect to personal data processing routines amongst other things. I don’t understand how to address the list of claims. I am not an expert and don’t understand how Shopify processes data and therefore have no idea how to address the problems.
-
Co. has deployed tracking software within its website into the computers (or online devices) of any individual visiting the website.
-
Such tracking software facilitates the extration of the personal data of web-site visitors including as here; the claimant. This process is commonly referred to as ‘dropping-cookies’ where the extraction of personal date subsequently takes place (i.e. the cookies are ‘fired’.) Such extraction takes place by default, without the necessary or effective consent or notification of the web-site visitor as required by UK relevant data laws.
-
Extracts of personal data of the web-site visitor are then ‘harvested’ to 3rd party companies under bilateral agreements and T&Cs between the 3rd party and the web-site owner - i.e. excluding the web-site visitor. The most common 3rd party companies who harvest personal data are also the providers of the tracking software code the business will install to its website - these include Google, Apple, Facebook, Amazon and Microsoft (aka GAFAM or ‘big-tech’)
-
The scope of the claimant’s complaint and claim concern the personal data processing routines which have been and continue to be facilitated between the defendant and Facebook (now Meta Platforms Inc.) In partnering with Facebook and deploying the Facebook ‘pixel’ tracking software, the actions of the defendent represent the most egregious infringement of personal data rights.
-
UK data laws including the Privacy and Electronic Communications (EC Directive) regulations 2003 (the PECR) have been breached by the defendant the Data Controller for all the personal data it collects, processes or facilitates for extraction to multi-various third parties. Additionally, infringements to the Data Protection Act 2018; the “UK GDPR”, are evidenced in this claim.
Interested, also, to find out if anyone else in the UK with a Shopify store has received a similar claim in this regard.
Please help! Even if I pay the claim I’m afraid that I will still have a website that doesn’t comply and be open to another claim.
I don’t know how to fix it.