/ Shopping

Are you concerned about e-receipt data misuse?

Our latest research has revealed that just 29% of people trust retailers not to misuse their email address when sending an e-receipt. Do you have concerns?

An e-receipt can be a good way to cut out clutter and allow you an easy way of searching through your old records should you ever need to refer to them.

Personally I’m all for digitising records like this – I find it much easier, and it’s good to know you have access to those records wherever you are, via your smartphone.

But according to our survey, I’m in the minority. Four in 10 felt there weren’t any benefits to them in receiving a digital receipt, while as many as 79% of people had at least one concern about them.

Top five e-receipt concerns

Top e-receipt concerns

Despite the benefits, I have to admit that I also share the top concern from that list. When I bought a new TV a few months back I was asked for my email address so they could sent the receipt.

I’ll give the store credit in this case – they did promise that my email address wouldn’t be used for any other purposes, but I couldn’t help but feel it’d be easy to end up receiving marketing comms I didn’t ask for.

Our mystery shop

When we sent shoppers to do a snapshot test on stores, they made it clear to staff that they wanted no marketing when handing over their email address for the e-receipt.

Except for one instance, the retailers did not send any subsequent direct marketing emails, but we did see several instances of some including promotional marketing of other products and services in the e-receipt itself.

We suspect that some retailers aren’t aware that having a marketing message in the e-receipt template counts as marketing.

Take a look at the examples we found in our snapshot mystery shop

Which? managing director of home products and services Alex Neill said:

More and more shops are offering e-receipts, which can be convenient for shoppers, but our investigation suggests not all shops are aware of the law.

Retailers must do everything possible to ensure shoppers can have confidence that they won’t be bombarded with unwanted marketing emails and that their personal details are safe

Which? has undertaken the ‘Control, Alt or Delete’ policy project to explore the consumer data landscape and help improve understanding of how online data is being collected and used.

Have you opted to take an e-receipt recently instead of a traditional paper one? If so, did you receive any subseqent marketing emails or promotions?


I’m one of the four in ten. I often get a receipt/invoice within an on line package but have never been offered anything else. I would have objections to any of the events shown on the sample receipt at the beginning of this post. The least knowledge about me that is shared, the better. My receipt is the on line order and confirmation of delivery. It’s all I need.

E-receipts can be harder to lose than paper ones.

Unless, of course, the email address in question becomes overburdened with spam.

This comment was removed at the request of the user

Being a belt-&-braces type of person I tend to print off any receipts and product guarantees that arrive on-line via e-mails following an on-line purchase. I keep them with the other documentation relating to the product [purchase order, user manual, servicing information, etc] so it is no problem for me to have a paper receipt; when buying in a store I prefer it because I have it in my hand immediately and it is not liable to get accidentally deleted, or miss-filed in the wrong folder, or even not arrive at all.

I generally decline to give retailers my email address, for the reasons mentioned in George’s introduction. It would be interesting to know which retailers exploit their customers.

This comment was removed at the request of the user

Although I object to some of the selling practices of Amazon [two-pin plugs, etc] and have had occasional delivery problems, I have been buying books from Amazon for years and cannot find any fault with their on-line processes. I find they have the fastest and most easily navigable website in the UK; I have never experienced any misuse of data; I have no objection to the website showing my default delivery address – it prompts me to check that it is correct or to alter it if I am ordering something for somebody else; it is of no significance to me where their tracking originates; and I find the suggestions and details of related or alternative goods quite helpful. Overall I think Amazon gives good service and has earnt the popularity ratings it gets – as evidenced in the Which? report on on-line retailers in the December 2018 Which? magazine. It would be much more expensive and more inconvenient to buy books any other way. For nearly all other products there is nearly always a bricks-&-mortar establishment within walking distance that can supply our needs.

I have an idea of what’s going on, Duncan, but see no easy way of avoiding surveillance by multinational companies. Having failed to receive satisfaction from Amazon over three safety issues I avoid using them unless there is no alternative.

I think there are big risks for people who are highly active on social media because on-line retailers and service providers can construct links to the individuals concerned and garner much more intelligence on their interests and requirements than with a customer like me who keeps a low profile, has very few on-line accounts, and makes no use of social media. My e-mail address is known to on-line retailers but I have never suspected any unauthorised access [in any case there would lean pickings if they did attempt it]. I have a high level of e-mail traffic but it is almost entirely within organisations I belong to and I consider it to be of very little commercial interest.

This comment was removed at the request of the user

This comment was removed at the request of the user

Thanks Duncan. That’s an interesting share, even if it is published by a rival software house.

As we’ve noted before, the best way to avoid sneaky spyware is to only use fully free and open source software.

That said, many organisations seem effectively locked in to the use of M$ Office. But perhaps that could change…

” There is currently no way to object to these practices. If you use MS Office, you’re a willing participant.

That’s already enough to feel uneasy, but there’s more. Initially denied, Microsoft now admit to collecting personal data. With the help of audit logs (originally intended for admins), they can easily obtain email addresses, user ids, subject lines and much more. Time for data protection officers to get that rope ready and brush up on their hangman skills! Sure, Microsoft should (and must) collect data to improve their software or web-based services, but, this time, they’ve crossed the line. It seems they’ve completely forgotten that data collection must be governed by transparency and purpose.”

If you want to be safe from US snooping whether it be personal or business it would appear to be stupid to use M$ Office in anyway online. LibreOffice being free and non-US [EU] has a lot to be said for it.

For many years I have looked at file properties of Microsoft Office files that arrive by email. Many people do remove their name etc. but others do not. When I bought a house I never had any direct contact with the vendors but the estate agent forwarded a Word file with answers to my questions and the file properties indicated the file had been created on a computer registered to Capita. Looking at Exif data for image files is interesting too.

This comment was removed at the request of the user

In my experience, the file properties on my own Word documents often give wildly inaccurate information, except where I’ve taken the trouble to make sure everything is correct.

Duncan – Not me, other than doing research funded by our government-funded research councils.

Derek – Yes it can be inaccurate but it has helped me investigate plenty of cases of copying by students who were too lazy to do work for themselves.

A long time ago, I was warned about the inclusion of (a) hidden or tracked deleted data and (b) random additional data in Word files. Hence, where I worked, we preferred to send PDF files to clients (and others).

Yes, but PDF files may also show the name/organisation and date of the file and additionally what software and version has been used for creation. Exchanging Word files can affect pagination and result in font substitution, so unless the file is to be edited, PDF is generally the best option for sending files.