On the other hand, it's perfectly legal (and usual practice) to contract out the operation of people counting devices that just tally up how many persons go through a door.
(By the way, a gym can and usually does share contract data including personal information with numerous third-parties such as external bookkeepers. This is legal under the GDPR without explicit consent.)
>By the way, a gym can and usually does share contract data with numerous third-parties such as external bookkeepers. This is perfectly legal under the GDPR)
Why is it legal, does the gym need those 100 contractors to know my data for it to work? What are those for 100 different accountants? How did gyms or other businesses worked before the internet, did a guy walked to 100 different locations with papers in hand so those "partners" take a quick look?
Yes, before there was electronic bookkeeping businesses hauled stacks of paper to their accountant. This is standard business practice since literally centuries.
If they want to send you a letter, they have to give your data to the postal service. Again, no consent needed.
This is legal because our whole economy is based on devision of labor. Privacy laws account for that.
Maybe you are referring to required data.
I can buy some bread and the store does not need my ID for accounting purposes, so not sure what exceptional stores or gym need to send a copy of my ID and my activities to their accountant.
My problem is with the 100+ partners that are OBVIOUSLy not partners and not required to have my data.
Ok, now what's the difference between sharing "1 bread sold" (with no identifying information about the customer) with a third-party and "1 page visited" (with no identifying information about the visitor) with a third-party?
"1 page visited" (with no identifying information about the visitor) with a third-party?
False equivalence, no online stalking company actually works like that (that would require a server-side hook). They all make the visitor go to the third party's desk and increase the tally themselves (via http request), giving the tracker company access to all the contact details of the visitor.
"Why is it legal" is the wrong question. There is nothing wrong with freedom. You already know this. The problem is the lack of competition. You should be asking why is the competition so small for this particular service with bad terms that you can't find a better place around you that provides a better service.
The bookkeeper literally needs access to receipts and invoices to do their job. No bookkeeper is going to work from an anonymous list of payments; that's how you get swept up in a money laundering raid.
Before the internet, the owner took a shoe box of receipts to their bookkeeper every month. Those receipts had your name, date, etc. on them.
How, when I buy stuff in real world and pay with cash I don't ask for an Id Card, so why do you think the store needs names on the receipts? Is this something that happens in your country? For buying cars,land you need an Id, if I buy even an expensive electronics no Id is needed I just return the product and the receipt that has no name on it back.
I remember when my grandfather was doing accounting for a bar before Internet days, they papers were about the stuff not about people, like how many bear was bought, how much was sold stuff like that.
(By the way, a gym can and usually does share contract data including personal information with numerous third-parties such as external bookkeepers. This is legal under the GDPR without explicit consent.)