I just signed up for proton vpn, before I read this post. So far so good other than this post, but I notice I can't access my own freshdesk help desk while on proton vpn. It says location not allowed.

> I don’t know about you, but I think that’s baloney. Proton Support had five full business days to come up with a better excuse. Please tell me, how can I have been any more explicit about opting out of Lumo emails, only to receive “Try Lumo” “From Lumo”, and be told that is not actually a Lumo email?

As someone who is in support in tech (not proton) I can tell you exactly what happened.

Day 1 they already knew which email it was, they probably had other tickets about this, they probably had an open discussion about this with marketing/product team.

Day 2-4 was the support agent arguing with marketing/product about how it's absolute bullshit to send out a AI newsletter when the user has it unticked and what they are going to do so it doesn't happen in the future.

Day 5 is marketing/product telling them that this is Working as designed and theu aren't going to stop this in the future. This is the day the support person works on this email with their team and potentially their manager.

It goes through a couple of "rewrites" for liability/protecting ass. The end result is the email you got, they know you are going to give a bad CSAT/NPS survey and it's going to kill their metrics.

They want nothing more to write and email that says, "Sorry marketing and product are fucking idiots and can't read. I fought for this to be disabled, but told me it's not going to happen, sorry" but culture and then not wanting to lose their jobs is why they didn't send this.

I really hope you didn't give them a bad survey.

Funny they mentioned the GitHub email. I got the same one and unsubscribed from every GitHub email immediately. I wonder if they track how fast people unsubscribe after opening particular emails.

Exactly the kind of whiny blogger I don’t want using Proton products with his squeaky wheel nonsense. Move over to Tutanova or go back to Gmail. What a trivial thing to whine about.

I dislike Proton's excessive marketing on privacy and encryption topics, especially in their posts on X, where they always claim that accessing the internet without a VPN is a bad thing. It reminds me of Crypto AG.

Everyone would be happier if they just focused on good products instead of excessive marketing. I'm tired of seeing their privacy slop all the time.

By the way, why does everyone need to spam people about their "AI" offerings?

"AI" is so good it basically sells itself right? Right?

Lumo is not end to end encrypted. The model is in some kind HSM? Are those trusted?

If they are, I see some people might be interested.

I also received the email from github about AI that the author mentioned. No matter what you do, they will keep pushing the AI slop onto you.

For me, these kinds of emails especially stick out, because I like to keep my proton inbox clean and unsubscribe from everything I can.

I also get pretty pissed of just ignoring gdpr, i just started to downright threaten them on support channels reminding that ignoring gdpr may cost them 2% of annual company turnover or 2 mil. eur, whichever is higher.

You would be surprised how many ridiculous "oh sorry some error in system" excuses you're gonna get. Right, that email accidentally slipped INSERT INTO spam slop database on its own.

And since i started to not explicitly opting in anywhere i know that when i receive a marketing email its abuse of my personal information. Under gdpr you need to explicitly consent to marketing communication. When you register to a service and receive spam you need to opt out from - that's an abuse. Some company try to argue they do so under "legitimate interest" clausule but that's bs and would not hold in court. For example, purchasing a product is not a valid legitimate interest for sending out eshop spam, they would lose.

When the incident repeats or i just get really pissed i go full karen and report them to authorities. I know two busisses had legal troubles because of me because i received deeper follow up emails while solving the case and i am happy for it.

One company that abused my personal data that i ended up not reporting was Telekom: when i contacted their support about spam incident and asked them for log of personal data and all of my consent logs and physical signatures to prove my consent, after which they said "it was a db error" (lol), and when the incident repeated i told them i am about to report them and they offered me 1 year of free internet - i said ok and never received a single spam from them ever again.

Fight back, you have the screenshots, you have the logs, ask for proof, report.

There's one recruiting company I had contact with in 2017 (pre-GDPR, with no checked consent after) and they keep sending me marketing-disguised-as-GDPR emails. "Reply to tell us you want to keep hearing about our career insights newsletter that you never signed up for, or we'll delete your data in 30 days".

In the end I got sick of them repeating this and never deleting the data, so I sent them a SAR. I don't care what data they have but if they want to play the GDPR game so do I.