Readit NewsThis is absurd. A 1% fee to transfer USD to a USD bank account?
The alternative is to charge in another currency - which Stripe will put a 2% currency fee on.
This is already on top of their expensive transaction costs.
Will actively look for alternatives now.
So if we get paid out a USD payment, into a USD account. We get charged just because we're registered in the UK? That's a huge impact on our business.
Author here.
This investigation into email tracking attempts to deconstruct tracking links and pixels and highlight the data that is being collected. It covers Mailchimp, ConvertKit, Substack and other Mailgun retailers.
There's also some attempted (albeit unsuccessful) reverse-engineering of an opaque token in the Substack section (If you like reading stuff about reverse-engineering).
Happy to answer any questions.
Thanks.
Any purchase I make, the shop needs my address and my payment info. It's always the same. Every browser can autofill it, if they bothered using the correct forms. Once the transaction is done, the invoice mailed and the product shipped - there is 0 need for this data to still be stored in their database.
-> Address and payment info - browser auto fill
-> purchase history - invoice via mail
I used to be heavily biased to buy from Amazon, since it is basically one click. But lately, I'm more and more buying from smaller online shops which provide checkout without user account.
I'm sure there is many things where you need to store user data, but also, there is definitely more things were user data is stored although it is not needed.
And ultimately, that is the spirit of GDPR - ask yourself if you really need to store that data.
Then the invoice itself (containing your name/address/payment method) will need to be stored by the company in some form for accounting regulations.
From a GDPR standpoint, compliance means that the country where the data is stored has an agreement with the EU AND you must have enforceable and strong, negative consequences for the foreign party in your contract.
The EU can only make such an agreement for a foreign country if the data protection laws are sufficient. I do not know whether or not the UK laws are considered sufficient, but without any such agreement, you cannot assume that you can just store EU personal data in the UK.
With the death of Privacy Shield and its siblings, this first requirement isn't even the case for the US anymore as the US will not guarantee the safety of EU citizens' information from things like the patriot act. However, I haven't seen any country complain about storing data with Google, Amazon or Facebook yet so I don't think this rule will be enforced any time soon. Technically, though, storing PII in a foreign, non-EU country without the necessary requirements is still very much illegal with the full suite of fines available to the data processing agencies.
FWIW one of these was readily available from my existing bank (Barclays) last time I needed one (~10yrs ago). Bit of hoop-jumping to go through, but definitely worth it for $30k/year.