REPORTS that track-and-trace data collected in pubs and restaurants is being sold on to third parties could “weaken trust” in public policy and efforts to tackle the pandemic, a privacy rights group has said. 

Since September 18, the hospitality sector has been required by law to record the contact details of customers for the purposes of track and trace. 

Many pubs and restaurants have paid companies to collect the details via QR code apps as an alternative to pen-and-paper logs. 

But some firms have clauses squirrelled away in the small print stating that they can share customer information with third parties, according to a Sunday Times report. 

One firm, called Pub Track and Trace, requires customers to accept its privacy policy despite it containing clauses that data can be shared with third parties including “service providers or regulatory bodies providing fraud prevention services or credit/background checks.”

It may also “collect, use, store and transfer” records of access to certain premises including “time, ID number and CCTV images.” 

Eliot Bendinelli, a technologist at digital rights group Privacy International, told the Morning Star: “Offering a service such as this one, in the interest of the public, isn’t compatible with the forced collection of personal data.” 

“Not only might this weaken trust in any public policy to tackle the pandemic, it also normalises the exploitation of our personal information in contexts where it is least expected: in a restaurant or a pub.

“People shouldn’t have to be afraid to go to the pub because this might end up affecting their credit rating.”

Pub Track and Trace told the Sunday Times it had not passed on data to third parties.