Facebook and Customer Data

Are you concerned that companies share unsolicited customer data with Facebook? Have you heard about security breaches in the past and your trust has been shaken or you just want to know how secure you data is? Let us investigate.

Email addresses, telephone numbers and home addresses; many companies send their customer files to Facebook, with the aim of displaying personalised advertisements on Facebook based upon this information. This is not allowed according to the privacy law unless the customer has given permission for this. The Consumer Association appealed to 17 companies suspected to be in breach of this.

It all started with a complaint from a member about the company NUON. NUON had provided unsolicited contact details to Facebook. We investigated whether there are more organisations guilty of this. We found that, for example, the ANWB shared the email addresses of its members with Facebook. Although on the website they say they do not allow the use of personal data by third parties.


Responses from companies: ‘Everyone does it’

Our small-scale research has already yielded 17 companies that send their customer files to Facebook without the customer’s consent. This is done in order to serve better advertisements. Usually it is just email addresses, but sometimes also home addresses, birth dates and telephone numbers. The kind of information that we don’t want others to have without our consent certainly.


Legitimate interest

A second argument for not requesting permission is that there is a “legitimate interest.” That provision in the privacy law states that companies do not have to request permission in the case of a compelling business interest. KLM and the Postcode lottery, among others, gave this as a reason. According to the Postcode lottery, the legitimate interest includes “approaching consumers as relevantly and personally as possible.”

Associated Press’ response: ‘Direct marketing to customers about other products should only be done with the customer’s permission. It is incorrect that the Postcode Lottery can invoke its legitimate interest here. “


Privacy law is being violated

It seems that there are a number of companies out there that are not up-front about their use of your data. The Postcode Lottery in particular was not happy with our investigation, quoting: “We hold you liable for all damage that results from your publication.”

Consumers’ Association finds it unacceptable for organisations to share unsolicited customer files with parties such as Facebook and considers that advertising is not a “legitimate interest”.



Do you not want Facebook to see less about you a customer? Using an alternative email address is a good place to start. There is no guaranteed way to avoid targeted advertising on Facebook. If you use WhatsApp, Facebook can also use your telephone number to see information about you as it is the owner.

As always, stay alert, and be cautious and diligent in your fight for security.

We use cookies to improve your browsing experience

For more information please refer to our .