Customers database is surely an asset on which every B2C company bets. The security of this data from leaking out or getting further shared is one of the topmost priorities of the companies.

Recently, there as been a lot of buzz on social media, following a blog post by a customer, accusing a leading B2C brand for selling customer data.

Before I start with the actual story, just to give you a little background on what senior executives of leading ecommerce companies think, when it comes to sharing their own database. A few months ago I had covered a story on “DTDC going for online store” on iamWire, I had talked to a number of organisational heads of ecommerce companies about whether this initiative is acceptable for a company which is delivering products of various ecommerce stores and has the access to any part of the customer data? Well, maximum said “NO” and they were really worried about the same that what if DTDC starts using their database and the fear was of their losing existing customer.

Now this was DTDC. Moving on to our B2C brand which was grabbing attention for some time now and the story behind it. A couple of days ago, I came across a blog post, which I also shared for the same reason I am writing this post. The post made me think seriously about the matter – not only what the post talked about but also after consequences of it.

Lenskart.com online retailer of optical products and part of the Valyoo Technologies, which also owns Watchkart, Bagskart and Jewelskart was accused of selling out customer database with spammers.

When he contacted Lenskart on Twitter, he got following responses:

Click here to see the entire conversation.

Let’s first understand how one can figure out whether a company is selling or sharing out your email ids with third party companies or not

1. Buy a domain – say we got – @mydomain.com

2. Whenever you shop at any ecommerce store use an email id with initials of that store – say you are shopping at ABC store – the email id will be [email protected]

When you are done with this, never use this email id at any other store and if you start getting mailers of any other company on this email then – You know obviously ABC is the culprit.

The same was done by him, he made a unique email id with name Bagskart and registered on the said website. Soon he started receiving promotional mailers from other companies as well.

As claimed by him, he received about 6 spam emails promoting credit cards, other ecommerce websites, and some brands in the span of 7 days on the same email id.

Now, neither are we trying to favor the mentioned customer, nor are we trying to malign the image of “Lenskart” or any of its brands. We are just highlighting a point with all of its aspects to understand what actually had happened.

To verify the story and out concern, we contacted Peyush Bansal, Founder, Valyoo technologies, asking about the same and this is what he replied, “Regarding this allegation and tweet, this is absolutely untrue with no truth whatsoever involved. Our customers and their details are sacrosanct for us and there has never been an attempt or effort to leak out or sell customers details. The tweet is merely a mud slinging activity without any valid basis or proof.”

Moving further, we do believe in the words of Peyush, but still the Twitter handle of Lenskart do replied to one of the Tweet saying:

The Tweet does show that there was something going around with the customer email ids within the company.

“The privacy policy of the organization is the key reference document. However, the customers, when they sign-up with any organization, expect communication from the organization that they have signed up with and are open to it, but they definitely do not expect that their information be made public without their consent. We have come across a number of instances of consumer data being compromised during the logistics process, however, can’t understand why any organization would knowingly “sell” their own consumer data. Not sure if this was a case of co-marketing,” says a founder of an ecommerce company.

Later we received a call from the “Lenskart” team explaining that the response was a standard customer care response, adding to it, the person also said – “The person handling the Twitter account is new and joined a few days back and responded to the tweet without consulting any senior authorities or Team”.

We really don’t know whether the allegations made on “Lenskart” by the customer are true or not. As the founder of the company denies of any such malpractice in the organization and on the other side According to his management it was just a mistake by the ” PERSON ” handling the Twitter account.

If that is the case, then shouldn’t it be the responsibility of the company to make sure that the customer care team is capable enough to handle these kind of real time issues?

On the other side, a customer accuses a brand in public with a blog post, which is huge. Then there were Tweets which carves a different story altogether.

So it’s really dicey to say who is the real victim here.

I can think of one more possible explanation, a “PR ACTIVITY” but that’s just my thought!

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.