Personal data request and "Legitimate Interest"

[Corgimajor]

When accessing the forum this morning (via weekly forum update email) I noted (I think for the first time) that I had to confirm or deny to the use of my personal data by both the owner of vwcalifornia.com and its vendors and as is ubiquitous these days to allow or deny the use of my personal data by the vedors for "Legitimate Interest".

This is really disappointing as I figure the owners of the website and forum have succumbed to the desire for website generated income through the selling off of its members personal data. If this is the case then can the owners of vwcalifornia.com confirm this and can they please add a button to the personal data request page that now acts as a digital drawbridge to the site that allows entrants to "reject all" (including vendors "Legitimate Interest" ) so that I don't have to waste my time clicking this option 'off' for every vendor on the vendor page.

If this option to "reject all" is not introduced then I shall stop using the forum.

 

[Corgimajor]

Sorry I meant the owners of vwcaliforniaclub.com. Always forget the club bit.

 

[dspuk]

The option to have "all off" is dependant on the provider the site uses to use data. The pop up is an external api link to the provider.

There will be no option for the forum admins to change this and as the site is actually part of a bigger group, XenForo. It's their site hosting and their rules.

You only have to do it once and your cookies will remember it, it's really not that big a deal. Easiest is to also have adblock installed or use a browser that blocks trackers for you anyway, like Safari.

 

[The Tall Luthier]

The reality of the situation is that if a product is free then you are the product not the customer.

Take Facebook or free local newspapers. These companies sell access to their readership (product) to their customers (advertisers)

The same is true for the creators of this forum technology. We are their product, our data is sold to their customers in order to generate an income for the developers.

Quid pro quo I guess

 

[calikev]

We never pass on or disclose any personal details. if someone contacts us about getting in touch with other members we always email and seek their permission we take data breach seriously

 

[Kayleigh]

To prevent the spread of personal information, I suggest using a service like Incogni for a year and let them do all the legwork to get your details removed from data brokers. You can then track individual data brokers through computer security software like McAfee and contact them individually to have your details removed. This makes it fairly easy to manage going forward.

 

[Corgimajor]

We never pass on or disclose any personal details. if someone contacts us about getting in touch with other members we always email and seek their permission we take data breach seriously

Hi @calikev, the attached screenshot is what I'm referring to, not any individual request for personal information from any site administrators. Unlike guidance from @dspuk this request box is put up each time I return to the site or access it via thr club weekly forum update email. Based on guidance from @dspuk this is controlled by XenForo, so potentially there is nothing you can do about it, but I would appreciate if you could advise whether this has recently been introduced to the site (I don't recall seeing this before) and if there is anyway to avoid giving consent without having to spend a few minutes managing consent via turning off individual consents and all vendors request for consent via legitimate interest?

I'm a free subscriber to the site so this may be relevant - as per guidance from @The Tall Luthier.

 

[calikev]

I have spoken to our web guy here are his replies
If he’s getting it constantly after he’s consented, it might mean his browser or his firewall/antivirus is preventing or removing cookies

When you physically “logout” the cookies are cleared. If you stayed logged all the time and got it to remember you. You’d prob never see that notice again

Sometimes people have aggressive cookie and JavaScript settings though because they are so worried about being spied on, if they have , they just have to put up with the consequences

i hope this goes someway to explaining why its happening

 

[dspuk]

I don’t get this pop up at all. Is your browser set to clear all cookies and settings for each new session @Corgimajor ?

 

[The Tall Luthier]

I don’t get this pop up at all. Is your browser set to clear all cookies and settings for each new session @Corgimajor ?

It is a little odd.

Cookies are text files read and writable by a website on your phone @Corgimajor , technologically harmless, but more often than not they can also be read by Google who use them to profile you.

The catch 22 is that unless you give some permission then they can’t write a text entry to your phone that flags “user has already been asked this question” hence there is nothing stopping it appearing next time.

If I were you I’d accept that Android is designed from the ground up to monitor everything you do and sell advertising that matches your profile. With that in mind just click the consent button. Every other option is akin to replacing the seals on your windows whilst ignoring that fact that your front door is missing.

 

[dspuk]

It is a little odd.

Cookies are text files read and writable by a website on your phone @Corgimajor , technologically harmless, but more often than not they can also be read by Google who use them to profile you.

The catch 22 is that unless you give some permission then they can’t write a text entry to your phone that flags “user has already been asked this question” hence there is nothing stopping it appearing next time.

If I were you I’d accept that Android is designed from the ground up to monitor everything you do and sell advertising that matches your profile. With that in mind just click the consent button. Every other option is akin to replacing the seals on your windows whilst ignoring that fact that your front door is missing.

On top of this there are fairly simple ways to counter ads, cookies and their ilk with modern browsers.

The days of needing to clear caches and cookies all the time are pointless and make for a crud experience, as the OP is finding out.

As you say, cookies are just a text file, good and bad. If you refuse all the advertising options, they are good - they keep that saved for every site that uses the same ad platform. Couple that with adblock and tracker blocking, the worst issue I have is the adverts I still see are not personalised to me based on my browsing, which is perfect.

You can't not see ads, even with adblock, you can just choose to have them un-personalised.

To blame the forum and the admins for the way the internet works in 2025 is a little off kilter.

 

[The Tall Luthier]

On top of this there are fairly simple ways to counter ads, cookies and their ilk with modern browsers.

The days of needing to clear caches and cookies all the time are pointless and make for a crud experience, as the OP is finding out.

As you say, cookies are just a text file, good and bad. If you refuse all the advertising options, they are good - they keep that saved for every site that uses the same ad platform. Couple that with adblock and tracker blocking, the worst issue I have is the adverts I still see are not personalised to me based on my browsing, which is perfect.

You can't not see ads, even with adblock, you can just choose to have them un-personalised.

To blame the forum and the admins for the way the internet works in 2025 is a little off kilter.

Agree with your last line entirely.

AdBlockers are interesting, I’m not too sure I’m a big fan. This site hosts a forum as it drives traffic to their online shop, it’s a no brainer of a business decision.

Other sites rely on advertising revenue to pay their staff and keep your favourite sites free. Adblockers allow people to take without giving back which is a shame.

I only have a half dozen sites I use regularly and I click an ad banner whenever I visit. It’s my way of paying for their good work I guess.

 

[dspuk]

Agree with your last line entirely.

AdBlockers are interesting, I’m not too sure I’m a big fan. This site hosts a forum as it drives traffic to their online shop, it’s a no brainer of a business decision.

Other sites rely on advertising revenue to pay their staff and keep your favourite sites free. Adblockers allow people to take without giving back which is a shame.

I only have a half dozen sites I use regularly and I click an ad banner whenever I visit. It’s my way of paying for their good work I guess.

Given we are both VIP members, we have given back in other ways financially. I use ABP but still see the ads on this site. Wrong type of ads I guess for ABP.

 

[shudycamps]

When accessing the forum this morning (via weekly forum update email) I noted (I think for the first time) that I had to confirm or deny to the use of my personal data by both the owner of vwcalifornia.com and its vendors and as is ubiquitous these days to allow or deny the use of my personal data by the vedors for "Legitimate Interest".

This is really disappointing as I figure the owners of the website and forum have succumbed to the desire for website generated income through the selling off of its members personal data. If this is the case then can the owners of vwcalifornia.com confirm this and can they please add a button to the personal data request page that now acts as a digital drawbridge to the site that allows entrants to "reject all" (including vendors "Legitimate Interest" ) so that I don't have to waste my time clicking this option 'off' for every vendor on the vendor page.

If this option to "reject all" is not introduced then I shall stop using the forum.

AMEN to that! I dispise having to go through paes of clicking off!!!!

 

[Tourdeyorkshire]

Nobody has mentioned GDPR. I train orgs in this, so I’ll have a stab at explaining as briefly as I can.

Legitimate Interest is simply one of the GDPR lawful bases to process data - ie to capture the details you submit when registering and visiting (and recording your comments like this) and then storing it. It was designed as a catch-all to allow regular businesses to process personal data (in your case, your email address and your name - you don’t need to give any more info to register, IIRC). The only other base they could use would be consent, which is fraught with all sorts of issues, such as your right to withdraw it at any time.

It has nothing to do with selling your data on to third parties - it is simply to be compliant as a business under GDPR.

 

[Corgimajor]

Thanks to all those that have been legitimately interested in helping me understand what might be happening when I access the forum. I haven’t seen any guidance as to whether this is a newly introduced opportunity to give digital vendors access to my data without my consent unless I click each of their "legitimate interest" - (which trumps consent it would seem) sliders to "off".

Rest assured I'm old enough, ugly enough and wise enough, to recognise my data is being harvested endlessly in our digital world, I was just disappointed to see this website chuck up another example in 2025.

Finally, sorry, I did vent in my opening post so understand @dspuk comments on apportioning blame. In hindsight I figure I over-reacted and never intended to blame anyone for this change. Maybe I'll now start seeing adverts for silent retreats, green tea and magnesium tablets. Can't wait!

 

[dspuk]

Finally, sorry, I did vent in my opening post so understand @dspuk comments on apportioning blame. In hindsight I figure I over-reacted and never intended to blame anyone for this change. Maybe I'll now start seeing adverts for silent retreats, green tea and magnesium tablets. Can't wait!

I guess the challenge is no-one is trying to do a crappy job - being a forum admin (in your spare time) is a thankless task. Having done it before I'll never do it again.

 

[Deskman]

Tapatalk, on the other hand, adds a whole layer of trackers over the site.