Corporates have yet to adopt GDPR, CCPA, and KVKK properly

I have a common family name in Turkiye, Koc with a not-so-unique first name, Selim. There are probably hundreds of people named Selim Koc in Turkiye. And, I own my first name + family name @gmail.com and @icloud.com accounts. As a result, I receive many emails which are not belonging to me for over 10 years.

Some Cases

• I received many credit card statements from banks related to Selim Koc-named customers.
• I received an email related job application to a European company for an engineering position. And Selim Koc wrote my email address to his resume as a contact email address. I informed the company about the issue to try to contact the job applicant with an alternative communication method.
• I got many bills related to electricity or the internet, and those companies also did not have an opt-out option.
• Recently I received a bill from Toyota for a new car purchase.
• I got many emails related to a university student’s email listing group, and although I warned them, they did not remove my email from the list.

Why I’m writing this blog?

Today I received an email from QNB Bank to confirm my email address as their customer. And I did not confirm, as I got used to this situation. After 12 minutes they sent emails related to the KVKK (GDPR, CCPA) statement. Moreover, after 36 minutes I received another email which has an insurance policy for their customer.

This is the point the companies reached after many years of privacy policies and regulations of governments. Simply an ignorant approach. Dear QNB, why did you ask for confirmation of email address if you ignored the response? And why don’t you put a simple link to opt out?