Vinyl Me Please (store, exclusives, swaps, etc)

Indymisanthrope said:
With respect to shipments getting sent to the wrong places, does anybody, particularly among our European friends, have any insight into how this might square with privacy regulations like GDPR? Because these shipments aren't just going to random places. They're getting sent to addresses that exist within VMP's database. Setting aside all of VMP's issues right now with getting their services executed correctly, I'd have some serious concerns right now with their data privacy integrity. If their system is capable of erroneously pairing my name with another person's address, how safe is that information? Can anybody more familiar with ecommerce tell me whether that's an irrational concern? How big of a leap is it go from that to pairing someone else's name with my payment information (knowing that Shopify adds a layer into that equation)?
Click to expand...
From VMP's website/privacy policy (emphasis mine):

Transferring Personal Data From The EU To The US. Vinyl Me Please is located in the United States. Information we collect from you will be processed in this country. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the General Data Protection Regulation (GDPR). In an attempt to comply with the GDPR’s requirements, Vinyl Me, Please collects and transfers to the U.S. personal data only: with your consent; to perform a contract with you; or to fulfill a compelling legitimate interest of Vinyl Me, Please in a manner that does not outweigh your rights and freedoms. Vinyl Me, Please endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Vinyl Me, Please and the practices described in this Privacy Policy. Vinyl Me, Please also minimizes the risk to your rights and freedoms by not collecting or storing sensitive information about you.

Data Subject Rights. The GDPR provides certain rights to online users located in EU countries, referred to in the regulation as “data subjects.” If you wish to confirm that Vinyl Me, Please is processing your personal data, or wish to access personal data Vinyl Me, Please may possess about you, please contact us at info@vinylmeplease.com. You may also request information about the purpose of the processing; the categories of personal data stored; who outside Vinyl Me, Please might have received the data; what the source of the information was (if you didn’t provide it directly to us); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by Vinyl Me, Please if it is inaccurate. Subject to certain exceptions, you may request that Vinyl Me, Please erase that data or cease processing it by emailing info@vinylmeplease.com. You may also request that Vinyl Me, Please cease using your data for direct marketing purposes. When technically feasible, Vinyl Me, Please will—at your request—provide your personal data to you or transmit it directly to another controller.
Click to expand...

I'm not a GDPR or privacy expert by any means, but I don't think that any of those regulations assume that the information a company holds on someone is correct at all times. I think it's more about that you have a right to any information kept on you, especially if it allows for personal identification or is sensitive, and that companies are required to disclose what information they keep and why. You also have the right to ask that they delete any information on you. Otherwise they would have to face the EU (I think?).

Data integrity is another matter, but in most cases that falls on the user. This seems different than that though since it was VMP's screw up during the migration.
 
Btsvinylfarm said:
Wow! Too funny. I made 1 trip there back in 2013(?)ish.

I've worked all over with Thermo (all in the US, never took an expat assignment) - Pittsburgh, PA; Kalamazoo, MI; Rochester, NY; Carlsbad, CA; Waltham, MA.
Click to expand...
Ahhhh so interesting! So cool you get to travel for work! There were so many office people at the Thermo Fisher in Melbourne. Our lunch break room was so small and just had a long table with school-looking chairs. The office people’s lunch room was a huge open kitchen area with sofa’s, like 7-8 microwaves, and it was all modern, contemporary and colourful. That pissed me off! 🤨

Thermo Fisher treated their warehouse staff like shit in that sense. They had cool event kinda things but we were never included......even if it was like a healthy food thing. Oh yeah, that reminds me, the office people always got free fancy lunches but we got nothing lol 🤷‍♂️
 
NathanRicaud said:
Thermo Fisher treated their warehouse staff like shit in that end. They had cool event kinda things but we were never included......even if it was like a healthy food thing. Oh yeah, that reminds me, the office people always got free fancy lunches but we got nothing lol 🤷‍♂️
Click to expand...

I have to guess that was a local manager-type issue. I worked in finance and operations management for them across a few different roles and functions, and ensuring a productive and cooperative work environment was always a priority (plus, we had competition for that labor - if a Costco opened down the street, we'd be fighting to keep our best workers from being poached).
 
trickyseven said:
From VMP's website/privacy policy (emphasis mine):



I'm not a GDPR or privacy expert by any means, but I don't think that any of those regulations assume that the information a company holds on someone is correct at all times. I think it's more about that you have a right to any information kept on you, especially if it allows for personal identification or is sensitive, and that companies are required to disclose what information they keep and why. You also have the right to ask that they delete any information on you. Otherwise they would have to face the EU (I think?).

Data integrity is another matter, but in most cases that falls on the user. This seems different than that though since it was VMP's screw up during the migration.
Click to expand...

Face the EU hehehehe! Trial by Donald Tusk in front of the commission...

EU member states are under an obligation to transcribe EU law into their national law. It’s actionable in court in the country in which the transaction took place (which is going to be where your computer was so your home country).

Indymisanthrope said:
Yeah, GDPR specifically may not have been the right thing to cite in my original comment. My question is really more about whether they're demonstrating that they have the right levels of control over their system to make this part true:



In other words, not the integrity of the data, but the integrity of the privacy being applied to the data, and whether those failures are indicative of any security/privacy vulnerabilities.
Click to expand...

It is GDPR that governs the controls you put in place over the data you hold and when you can use it and when you should destroy it. A data breach would be by its very nature a breach of GDPR.

The reason I don’t want to comment too far on the VMP end is that I have zero experience of GDPR in terms of eCommerce. I work for a government department and while we hold astronomically larger volumes of data than VMP we hold and use it in a very different way for very different reasons
 
Last edited:
Btsvinylfarm said:
116 responses, 71.6% in favor of a delay:

docs.google.com

Should Vinyl Me, Please delay or cancel February RotMs?

Should VMP push the pause button on February RotMs in order to fix their current issues?
docs.google.com docs.google.com
Click to expand...
Even I want VMP to have a delay! I voted for them to delay! I would have never wanted them to delay production/releases etc in the past. But now, I’m scared that they won’t exist next year because of all those mistakes they are making.....
 
Btsvinylfarm said:
116 responses, 71.6% in favor of a delay:

docs.google.com

Should Vinyl Me, Please delay or cancel February RotMs?

Should VMP push the pause button on February RotMs in order to fix their current issues?
docs.google.com docs.google.com
Click to expand...
If people here are correct about how much all of this is hurting their business, there is no way they could cancel a month. At this point they are probably flying by the seat of their pants from month to month. All of these situations where they are essentially giving away their product for free by shipping 25 copies of one record to a single customer have to be killing them.
 
RobbieBobby said:
If people here are correct about how much all of this is hurting their business, there is no way they could cancel a month. At this point they are probably flying by the seat of their pants from month to month. All of these situations where they are essentially giving away their product for free by shipping 25 copies of one record to a single customer have to be killing them.
Click to expand...
Yeah, it seems like they've painted themselves into a corner and are damned if they do, damned if they don't.

They need to halt to fix their data. Because their data is causing them to hemorrhage money.

But if they halt, they won't have any money coming in to stay up and running.

I really really really hope they have a back up of their data from prior to migration. So they can at least reset to a day that they know it was at least correct. And then somehow update that data with the past 2.5 months of chaos. Somehow. Lol. I just gave myself a bit of anxiety thinking about it.
 
Teeeee said:
Yeah, it seems like they've painted themselves into a corner and are damned if they do, damned if they don't.

They need to halt to fix their data. Because their data is causing them to hemorrhage money.

But if they halt, they won't have any money coming in to stay up and running.

I really really really hope they have a back up of their data from prior to migration. So they can at least reset to a day that they know it was at least correct. And then somehow update that data with the past 2.5 months of chaos. Somehow. Lol. I just gave myself a bit of anxiety thinking about it.
Click to expand...
Seems pretty simple, just mass email everyone asking to reconfirm their data. Wipe everything from the old database and start from scratch.
 
NathanRicaud said:
Even I want VMP to have a delay! I voted for them to delay! I would have never wanted them to delay production/releases etc in the past. But now, I’m scared that they won’t exist next year because of all those mistakes they are making.....
Click to expand...
I've only been actively on N&G for a few months, but you seem like one of the biggest VMP fans through thick and thin; so this sentiment from you is very telling about what the past month has caused. Thanks for your input!

TimmahTao said:
What is with the mod over there making shady threats to take it down?
Click to expand...
We talked it out offline. They were getting reports (if I had to guess, from that chemm person) and they just didn't want it to spiral. It's all good now.

RobbieBobby said:
If people here are correct about how much all of this is hurting their business, there is no way they could cancel a month. At this point they are probably flying by the seat of their pants from month to month. All of these situations where they are essentially giving away their product for free by shipping 25 copies of one record to a single customer have to be killing them.
Click to expand...
It'll come down to what's worse for their business - a temporary delay in recognition of revenues vs permanent profit lost by shipping their stock for free to people who didn't order it and having people get fed up and cancel/ask for refunds. I don't know the details so it's hard to say how dire the situation has become for them, but I can't imagine they're feeling good starting 2020 like this.
 
You must log in or register to reply here.
Back
Top