Comment by fuzzy2
5 days ago
They won't do anything. Had this exact scenario with two Shopify-based sites where my address somehow ended up with the second shop. Reported it, shop 1 investigated themselves and found themselves to be innocent, case closed.
Shopify shares these I think, no?
That would be illegal. I doubt Shopify are to blame here, it's more likely one of the gazillion plugins that every shop uses was the vector. Either way, it's highly likely the shop owner is the data controller, from a legal perspective.
(Scenario: E-Mail address A with shop A, address B with shop B, then received a newsletter I did not subscribe to [already illegal] from shop B to address A. Only common data point: PayPal account.)