Paypal selling personal information

Paypal has recently required more personal information from people so that people’s accounts “won’t be limited”. In the Paypal privacy policy it says that
“We may share your Personal Data or information for the following reasons:”. It gives many reasons including “With other third parties for our business purposes”.

My reading of that is that to agree to the Paypal terms and conditions, people agree that Paypal can sell personal information to make money. Because of that I have declined to provide more information to Paypal and I can now no longer use the service. I took it up with Paypal and got a call from one of their customer service people who just said she had never had privacy issues with Paypal. That didn’t exactly assure me.
Does anyone else have the same concerns?

3 Likes

I don’t use Paypal, but would like to know what sort of ‘personal information’ they insist on having to allow you to use their service.
I do not consider things like name, address, email, phone number, driver’s licence, et al, to be personal as they are fundamental details about you that many businesses and Gov need.

2 Likes

I am not sure they ‘sell’ data to anyone who wished to pay for it.

PayPal’s terms and conditions in relation to sharing user data they have is very clear. They don’t ‘sell’ information to make money, but provide user data to first, second and third parties they have partnered with. They also make it clear that will share data with other organisations required by law, which includes things like credit reporting agencies, law enforcement agencies etc.

Full terms and conditions associated data management and privacy can be found at:

This terminology is often used by scammers to gain personal information, including (phishing for) financial and private information. It is important that if one receives an email from any organisation indicating that the services they offer will cease or be restricted if information is not provided, that one checks the validity of such requests by logging into the website one uses for such purposes (do not use any links provided in any email received - but type in the URL or use a password manager to store the correct URL) and checking if such information is missing/required.

6 Likes

To me drivers licence and date of birth are not needed if I just want to do a credit card transaction. That’s all I used Paypal for and all I wish to use Paypal for. But Paypal has possibly changed if it is moving towards being a financial institution.

3 Likes

I agree that Paypal wouldn’t sell information to anyone. They would get lots of flak for that. But sharing information with partners for business purposes could very well entail a financial component. That could amount to selling to business partners, and that might include advertisers. I totally understand sharing data required by law, but this is in a different section in the “privacy policy”. Or “lack of privacy policy”.

2 Likes

Driver’s licence and DOB are widely accepted means of verifying who you claim to be. Can be verified via the motor licencing Gov department in your state.

I would much rather deal with a company handling my financial transactions who takes precautions to authenticate their customers, rather than one who is only interested in getting their hands on my bank or CC details.

3 Likes

Credit providers are mandated by law to verify your identity. PayPal holds a financial services licence to operate in Australia and will, like other financial service providers (banks, credit card issuers etc) require information to verify users of its services.

If you don’t provide information to verify your identity, they have the right to decline access to their services.

6 Likes

I guess they’ve changed. They didn’t need this a year ago, but maybe the issue was that they now operate more like a bank.

I can relate to them needing the information if they operate like a bank, but I’m not happy with such open ended wording on private information about my identity being transferred to other companies in ways which are not needed for legal reasons. And they make it clear in their privacy policy that this is separate from information transfers for legal reasons and it is also for their business purposes.

I guess it’s creeping lack of privacy, like having to agree if I want to use the features of my Samsung TV that they will search the web for information about me, build a profile, possibly keep that information outside Australia where privacy regulations are not so tight (they say this) and then also “share” the profile information about me with other companies.

3 Likes

As an exercise, have a read of the privacy policy of Choice. Their main site.
Information about you is shared, by necessity, among many other companies in order to provide the service.
That is the reality of the online world.

4 Likes

Or any privacy policy. Anyone who uses and online platform, logs into a website for uses the internet for carrying out a wide range of functions (inc. banking, insurance etc) will be subject to similar conditions.

An example being Australia largest bank (another licensed financial institution like PayPal) which has similar conditions about information sharing…

1 Like

Thanks for the Comm bank privacy policy. I’ve read it. It’s way better than the Paypal one: there’s no broad sharing personal information with business partners without being clear about the particular functions of those business partners. I have no problem with the Commbank policy.

2 Likes

Yes but Choice doesn’t have information that people can use to take on my identity: my drivers licence and date of birth.

3 Likes

I assume the worst (now or in the future) of any personal information I supply to any online entity. It’s easier to supply false details for information that shouldn’t be required, than to argue with them about it later. I have a whole persona created with set false information for such occasions. It’s often entertaining to get birthday offers at a different time of year.

2 Likes

This isn’t possible for information used for mandated verification information. Financial institutions (such as banks, credit card companies, PayPal etc) will carry out checks to ensure the information is correct, before access is granted. Many of these institutions are also using

as part of the automated process for verification checks. This process will ferret out false information. I would be also careful when using false information as doing so could land you in hot water (as it could be seen as giving a knowingly false legal declaration).

(Not withstanding this) However, setting up an account for other purposes where checks are not legislated (free email, log in with a retailer etc), false information could possibly be used. This might be a reasonable approach for information such as birthdays etc where unlawful access to such data could pose a risk.

1 Like

Sorry, I probably should have clarified, I don’t supply false information to governmental and similar level places - just to rando/social/shopping type sites.

4 Likes

“Sharing” information with “business partners” does not necessarily need to provide Paypal with a cash incentive.
But surely the benefit to Paypal of business partners adding a link to the Paypal platform at their product checkout DOES have a benefit that leads to more business, and thus more profit for Paypal. In that sense there IS a financial benefit, though not strictly classified as “selling” information.
So I agree with victor_vdh that some of the information rquired by Paypal is over-done, and “business partners” should not be given access to anyone’s date of birth, drivers licence, and email details.
When an unsolicited business contacts me, I report it as spam, and never use that business - I don’t care who they are. Spam is Spam, regardless of who their “partner” is.
And I for one am fed up with the kind of spam that keeps on coming even when reported, or unsubscribed.
And before I end this rant - unsubscribing just invites a plethora of further spam, as this can validate my email address for other spammers in their loop.

2 Likes

If possible put filters in your email client that catch the spam and send it to the bin or junk mail folder. It’s an easy way to help keep rubbish out of your inbox.

1 Like

It did change, or possibly more to the point, started being actively enforced in the last year or two.

Last year I had to identify myself, i.e. akin to the 100 point check, for both PayPal and for two ING accounts. I had been operating the PayPal account for 18 years and one of the ING accounts for a similar length of time.

PayPal I could do on-line, ING I could only do for one account (as I had an EDWARD Gough Whitlam issue with my name on the account opened in the 1990s). I closed the ING account.

They are getting close to being a bank. With most ( if not all ) major banks, when you make an interbank transfer, it will be OSKA- who I am informed is PAYPAL.

You have been misinformed.
I think you mean OSKO which operates on the New Payments Platform.
Part of Bpay, not Paypal.

5 Likes