How to protect your data – advice for seniors and more
On the occasion of Senior Citizen's Day, we would like to remind you of the data protection rules that will help reduce the risk of identity theft. They are universal, but seniors are often chosen by criminals as a target, because they cannot always identify the risk and are not as familiar with technological innovations as younger people. World Senior Citizens Day, which falls on 14 November, is a good opportunity to recall the key principles of personal data protection.
Personal data protection is a process. Therefore, the basic principles that each of us should apply in our lives should be constantly reminded. Let's remember to pay attention to our loved ones – especially parents and grandparents – to the basic rules that will protect our data, but also money from fraudsters who count on our lack of caution.
Remember to apply the principle of limited trust, especially on the Internet. Only caution and thorough verification of information and online contacts will reduce the risk of criminals gaining access to our personal data.
Below we present some tips that will help seniors, but also other people, to a large extent protect themselves from the use of personal data.
1. Be careful about what and to whom you share about yourself.
Do not hastily share personal information with unknown people and entities. Don't be afraid to ask who they are, what entitles them to obtain your data, why they collect it.
Be intentional about your data, especially on social media, which can be a mine of knowledge about you or your family. For example, avoid posting photos of documents.
2. Do not leave documents as a pledge
Do not give your ID card, ID card, passport or driving license as a pledge. According to the law, keeping an ID card without a legal basis is punishable, but not all personal data contained in the indicated documents are necessary to achieve the purpose.
As a rule, you should not agree to copy an identity document. Only in certain situations is it exceptionally permissible when the regulations allow it. When the administrator requests a copy of e.g. an ID card, ask him to indicate to you the legal basis that imposes on him the obligation to do so.
Remark! Some institutions may copy our documents, e.g. banks. However, they should only do this in exceptional situations, and not on every occasion. In addition, an employee of such an institution should provide us with a reason and legal basis.
3. Do not give out data over the phone when you are not sure it is necessary
Avoid giving data over the phone – especially when it is not you who initiates the conversation, but someone calls you. Sharing data remotely is fraught with risk, uncertainty as to whom the data is actually transferred. Do not be surprised, provoked to share data against your will, for unknown purposes, unexplained by the interlocutor. Make sure who you actually share your data with during the phone call, and if necessary, verify the contact, e.g. by calling back the entity that contacts you yourself and check whether the number and the person who talked to you actually represents, for example, a given office or company.
4. Be wary of the different forms through which you share data
Be careful when filling out and signing various types of surveys, forms or contracts. Especially on the Internet, you can come across competitions prepared by fraudsters, pretending to be real entities who, under the pretext of sending you a prize, e.g. a discount voucher, want to get as much data as possible from you.
Under no circumstances should you provide credit or payment card data in such "competition" forms.
5. Don't provide all the data
Do not provide data that allows full identification if it is not necessary in a given situation. If you need to use a given service, provide only the data necessary to perform it – think carefully about providing this information, which you can provide optionally.
6. Don't give up hastily
When filling out the form, before you tick all the consents, make sure what they apply to. Make sure they are not selected by default in the consent form. According to the law, this should not be the case. Also, read carefully what the consent clauses are about. In case of doubt, ask questions to the entities that gave you the form to complete. They should inform you about the period for which the data will be processed and about your rights, as well as whether your data will be transferred to someone else.
Remember that when you create a loyalty card, you often give consent to the use of data for marketing purposes not only by the administrator, but also by its business partners. If you can, verify who they are, what companies they are and how many of them there are, because the circle of entities to which the data is shared can be very wide. Consents to the so-called "other" marketing cannot be mandatory – you should be left with the possibility of choosing whether you give such consent.
7. Don't throw data in the trash until you've destroyed it
Any documents with your data are another source of knowledge about you, especially when they contain a lot of different information that allows us to draw conclusions about you. Therefore, before you throw documents in the trash, you should destroy them (e.g. invoices, bills, notes, stickers on packaging from correspondence or after delivered goods) in a way that makes it impossible to recreate the personal data contained in them.
8. Be vigilant when reading correspondence
Each person should read the correspondence they receive very carefully. Fraudsters can prepare messages that are deceptively similar to those we receive from banks, courier companies or sales platforms. They may also have a certain set of data about us and prepare a personalized message for the services we use every day.
9. Pay attention to who is the sender of the email
Do not respond to emails from people you do not know, e.g. from the so-called spammers, especially when they demand some information about you or persuade you to click on a sent link or open a sent attachment, suggest changing your ID and password.
Double-check which address the email is sent from. Also pay attention to whether the sender does not make mistakes. When you receive an e-mail with the content about the need to change, for example, your password at the bank, and it contains a link to renew your password, be sure that the correspondence was sent by fraudsters and under no circumstances click on the link.
10. Check the websites you use
Be careful also when using electronic banking services and making purchases online. Make sure that you log in to the online banking service from the bank's website that has an SSL certificate (visible in the address bar of your browser).
Also pay attention to whether the bank's online address bar has the correct address, whether there are no other letters, numbers, etc.
11. Check if the entity exists at all
Verify the stores where you want to buy something: whether they exist at all, whether and what opinions they have, whether they are identified entities, where they are based, whether the contact with their owner is provided and whether this contact is not limited only to electronic.
12. Verify terms and conditions and privacy policies
Avoid sellers who do not present such documents or present provisions that are too general, unclear or imprecise, grammatically or linguistically incorrect. This may mean that these are entities not subject to Polish or European law.
13. Use programs to protect your computer
Do you use a computer? Tablet? smartphone? Use software that protects your computer and mobile devices from unwanted external activity, such as malware. In addition to popular antivirus programs, those that protect against external interference, the so-called firewall and verify the websites you open or the applications you download, can also be useful.
14. Take care of strong passwords
For your own safety, it is worth using different passwords for different systems and not sharing them with other people. It is good that they have nothing to do with your personal life, place of residence, your name and surname, date of birth, the names of your loved ones or your pets, etc.
They should also not be written down on a piece of paper or in a notebook. It is best to memorize them, which is a big art when we have to log in to many services. Free password managers, for example, can be helpful in this regard, as they allow you not only to generate passwords that are difficult to crack, but also remember them for you. This makes it easier to change passwords more often, and the risk that someone will know them decreases.
15. Protect your Personal Identification Number (PESEL)
Take advantage of the possibility of restricting your PESEL number. As long as it is restricted, even if someone has a complete set of data about you, including identity document numbers and PESEL number, they will not incur any liabilities on you. And if this happens somehow, despite the restricted PESEL number, the bank will not be able to demand repayment of such a liability from you, for example.
You can reserve your PESEL number in the mObywatel application; on the mObywatel website; at the commune office.
Losing control of your personal data can leave you vulnerable to being used without your knowledge or will, which in turn creates a risk of identity theft. People who have a complete set of information about you can impersonate you and, for example, make various transactions to your detriment, such as taking a loan from a bank or renting expensive equipment and not returning it (e.g. a car).