This is important, so please read carefully.
Yesterday you sent out a newsletter to
including myself. There is nothing wrong with your newsletter per
se, except one subtle but significant fact: all the recipients are
addressed on the same to: line. Which means all of these people can
now clearly see and identify all the other recipients. (The same
would be true for cc: addresses, so if you wish to send newsletters
this way, you need to use bcc: addressing. If you don’t understand
the previous sentences, please ask your friendly local IT support for
I wish to call your attention to the obvious privacy implications and
that I have personally NEVER authorised
$YOUR_COMPANY to disclose
my personal data (and the implicit fact that I have done any business
with you) to any third parties. I don’t expect the
recipients of your email to have done so, either.
Just to be clear: this is a serious breach of prevailing personal data protection principles. In particular, a violation of the Personal Data Act (Personuppgiftslag, SFS 1998:204) of Sweden, which is based on common EU rules. I trust that you are aware that violation of this law, even if only due to gross negligence, may be subject to penalties.
This is a friendly warning. I am not seeking any compensation, based on my trust that you will immediately take the steps necessary to remedy this situation going forward. However, I do expect a reply to this mail which makes me confident that the issue has been understood by the humans in charge and receives proper attention.