HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Re: [Ebook] How to Scale and Build a Thriving Developer Community (GDPR fail)

Today I received an unsolicited Email from Vanilla Forums Inc. Not only didn't they have my consent but they also transferred my email address to a third party (Hub Spot Inc, a Spam provider).

Please remove my email address off your marketing database and order Hub Spot Inc. to do the same asap.

Btw - your GDPR F.A.Q. is wrong. Consent is not always required, there are in fact a couple of reasons which allow someone to use personal data. One of those reasons might be that the data is required for the service to operate (e.g. the delivery address for UPS). However, in the case here, I am not a Vanilla Forums Inc. customer, but a openvanilla User. Selling me things doesn't make any sense, giving my email address to some obscure US company is not required to operate my openvanilla account either. So, in THIS particular instance consent is required but has not been given. This is a clear violation of the GDPR.

Also, tell your marketing staff about the new law.

Take note that I could have sent a compliant to the authorities which could result in dire consequences for Vanilla Forums Inc. In order to avoid such risks, please do your homework.


PS: no I am not going to reply to that mail as that would tell Hub Spot that the email address is valid.


  • Options
    AdrianAdrian Wandering Spirit Montreal MVP
    edited July 2018

    @tomx Thanks for bringing this to our attention. I have deleted you from all databases and we've made a small change to our process to ensure this doesn't happen again. Thanks

This discussion has been closed.