PayPal Community

v_ch · ‎Mar-13-2019

Dear Paypal community,

I have created a Paypal account in 2008 while being a resident of Russian Federation.

The paypal account has two e-mail addresses linked. I have access to primary e-mail address, while the secondary (ex-business e-mail address) is no lonegr accessible and the e-mail address could have been distributed to another person. Moreover the phone number listed in the acocunt information is also no longer accessible and according to the phone company has been distributed to someone else. Therefore access to my account and personal data is not protected.

Since 2012 I am a resident of the Netherlands.

Recently I received an e-mail from Paypal asking me to provide more personal details: Russian passport number and Russian taxpayer number. I decided to close the account as it hasn't been used for more than 8 years (or more). I tried doint it manually, but my access to account features has been limited by Paypal. I asked the customer support to delete my account and stated that account information is unprotected, but they refused to do so unless I provide additional personal information as listed above.

The personal data of all EU residents is protected by the recently introduced GDPR. I have informed the Paypal customer service about the violation of GDPR both in my data protection as well as in right-to-be-forgotten section of GDPR, but they replied with refusal.

I have submitted a claim to the Netherlands data protection authorites and am currently looking at any other solution that would assist the cause.

Thanks!

V.

annapw · ‎Mar-29-2019

I also have an issue with my personal data protection.

I use PP since 2009. Last week I needed to update my last name, because I wanted to withdraw money to my bank (and as PP states the data on PP account should be exactly the same as in bank).

In the account edit section, after clicking on update name option, I got an info that I should send to PP the copy of my ID cart with shown photo and number of document. I've sent the pic of my ID, with the photo, first and last name, number of ID card visible. The rest of info (my birth date, parents names, signature pattern, etc.) I've hidden with black stripes. Next day I got an answer from PP that they cannot accept masked out ID card. And that they require also expiration date of ID card and birth date. So I took the pic of ID card again and left photo, first and last name, b-day, ID card number and it's expiration date, my gender - visible. I've covered my parents names and my signature pattern - they are not needed for such operation as name change! The name was clearly visible on the ID. But I received answer that all of the info must be visible.

This is not right! I have the right to protect my personal data and PP should not require sending such sensitive data as signature pattern or the data that is not needed for the case (why the hell PP needs my parents names or signature to update my last name??).

Of course I didn't get my name changed and I received the message from PP that they are "absolutely adjusting their activities to the current act on the protection of personal data / GDPR". I don't think so PayPal! Shame on you.

alan_leavy · ‎Mar-03-2020

Hi v_ch,
Did you have any success resolving this?
I just had the same problem with them: Old account from 10 years back when I lived in a different country. All account details no longer valid (address, cards, ID expired etc). I asked them to just close down the account and delete all my data in accordance with GDPR and they are refusing to do it unless I send them a lot of personal data. I can still log into the account but the 'close account' option is disabled. The CSA said I have to comply with that paypal's processes (providing more data) before they will comply with GDPR.

PayPal Community

GDPR violation

Haven't Found your Answer?