Dubai: A man has slammed an online e-commerce company for allegedly storing his credit card details without his consent and automatically buying a deal while he was browsing its page.
Dubai-based resident V.K. Moorthy said he was browsing Groupon (https://www.groupon.ae/) on May 25 when all of a sudden the page changed and bought the deal he was looking at.
“I was trying to look at various hotel options because I had some guests at home and we were trying to book a hotel and all those things. So I was just browsing the Groupon site when all of a sudden the page changed and said I have purchased the item,” Moorthy, a chief financial officer, told Gulf News.
Moorthy’s bank statement showed that an amount of Dh2,200 was debited from his account for a Groupon purchase on May 25.
Moorthy said he called Groupon’s customer service several times to report the incident and reverse the unauthorised purchase but to no avail. Afraid that his money would go to waste, he went and proceeded with the hotel booking.
“What I did was, since these people were not responding and I didn’t want to let my money go, I called the hotel and booked myself. I booked it, just a tentative booking,” Moorthy said.
Moorthy filed a complaint with the consumer protection division of the Dubai Department of Economic Development, following which he got a call from Groupon.
When contacted, Nadia Fourie, Head of Operations of Groupon Middle East, told Gulf News: “With regard to Mr V. K. Moorthy’s allegations, we have investigated this matter and found that immediately after the transaction in question, Mr Moorthy independently proceeded to redeem [use] the purchased vouchers by contacting the hotel who had made the offer.”
“He then made a reservation and sent the hotel his Groupon vouchers. These actions led us to believe that the purchase was in fact intentional.”
Five days later, Groupon refunded Moorthy’s money after he cancelled his booking with the hotel.
Moorthy refuted the claim. “They said I bought the deal myself. I said, ‘Show me the proof that I bought it! If I did, why would I register a case with DED against you? This is your system flaw’,” Moorthy said.
Moorthy said his case was a small one compared to the bigger issue on security.
“First of all, you cannot store credit card information of the buyer unless the buyer opts for it. What they’re [Groupon] saying is, by default, they’ll store it and use for the next purchase, which the customer is not aware of. They will delete it only when you call and tell them. This should be the other way around.”
Fourie said Groupon’s customer details are never captured or used without authorisation or consent.
She said Groupon’s privacy policy and terms of use cover the types of information they collect and how they use it. This means if a resident uses the Groupon site, he has to agree to these policies.
“We encrypt certain sensitive information [such as credit card information] using Secure Socket Layer (SSL) technology to ensure that your Personally Identifiable Information is safe as it is transmitted to us,” the privacy policy reads.
Fourie further said Groupon employs commercially reasonable security measures to protect data.
“Groupon Inc has been awarded TRUSTe’s Privacy Seal signifying that our privacy policy and practices have been reviewed by TRUSTe for compliance with TRUSTe’s programme requirements including transparency, accountability and choice regarding the collection and use of personal information.”
Fourie said Groupon users who do not want their credit card information stored can get in touch with their customer support.
