The second time I was contacted in my private Email address was 16.09.2024 – a month later. This time, I was asked by a very well known publisher in Germany to be a guest editor. By that time I have contacted lawyers who specialized with private data protection, and I had a standard answer for all those cases: “I kindly request you to provide me with all the necessary information about how you got my private email address, or there will be legal consequences. I do not recall giving consent or authorizing, and I am concerned about how my personal data, specifically my private Email address …, was obtained and used for this purpose. Under the European Union’s General Data Protection Regulation (GDPR), individuals have the right to access information about how their personal data is collected, used, and shared. Given this, I kindly request the following information: The source from which my Email address was acquired. Any other parties with whom my personal data has been shared. I believe in the importance of privacy and data protection, and I trust that your organization adheres to these principles and the regulations set forth by the GDPR. I would appreciate a prompt response to this inquiry, as it is crucial for me to understand the use of my personal information. Please let me know if you require any further information from my end to process this request. I look forward to your timely and detailed response. Thank you for your attention to this matter.” As one can see in the figure, old Email addresses from my affiliation at the MedUniGraz (which ended in December 2023) were also used: I’ve answered with two Emails, the one as advised and the other more personal. To this day (09.03.2025) I never got an answer.
