I Fought a Data Aggregator That Created a Fake Profile About My Company

๐Ÿ“ Robert James Gabriel
โฑ๏ธ 8 min
When Data Aggregators Create Your Company Profile Without Permission (And Won't Delete It)

When Data Aggregators Create Your Company Profile Without Permission

Last week, I received an email that made my blood boil. A well-known business intelligence platform reached out, asking me to "review and update" information they were publishing about my company to over 100,000 professionals making investment decisions.

The problem? I never created a profile with them. I never gave them permission. And worst of all, every single detail they were publishing was completely, laughably wrong.

What followed was one of the most frustrating email exchanges I've ever had โ€” a masterclass in corporate gaslighting, policy theater, and the kind of circular logic that makes you want to throw your laptop out the window.

The Unwelcome Surprise

The email started innocently enough: "I am following up with the hope that you have a few minutes to review and update the information [we are] currently publishing for [your company]."

They then presented what they claimed was our "Latest Round of Financing":

  • Transaction Date: 01/01/2015
  • Transaction Type: Accelerator/Incubator
  • Transaction Amount: $0.015 million
  • Investor: [Redacted]

Every. Single. Detail. Was wrong.

My Response: Delete It

I kept my first response simple and direct: "Can tell you all the information is wrong and please delete the [company] pages as we didn't create it."

Seems straightforward, right? Wrong.

The Runaround Begins

Instead of apologizing and removing the inaccurate information, they asked me to clarify which information was incorrect so they could "have it corrected accordingly."

They wanted me to do their job for them. They wanted me to help them fix a profile I never asked for, filled with data I never provided, that they were profiting from by selling to investors and analysts.

I sent a follow-up: "Or respect my email and delete the page as requested. Never mind emailing me and signing me up to a newsletter."

Because yes, not only did they create an unauthorized profile, they also signed me up for their marketing emails.

The "We Can't Delete It" Defense

Here's where it gets really interesting. Their next response explained that they couldn't delete my company's profile because "the information we have gathered comes from publicly available sources, it is against [company] policy to delete profiles from the platform."

Read that again. They're claiming they have a policy against deleting inaccurate information.

Let that sink in. A business intelligence platform, trusted by 100,000+ professionals making investment decisions, has a policy that prevents them from removing information they admit is wrong.

Let me break down why this is absolutely bonkers:

The Public Data Loophole

Just because information might be "publicly available" doesn't mean you have the right to:

  • Aggregate it without consent
  • Publish inaccurate versions of it
  • Profit from it
  • Refuse to remove it when asked

They offered a "compromise": they could delete the public-facing profile but not the client-facing one (the one their paying customers see).

Let me translate that: "We'll hide the inaccurate information from people who don't pay us, but we'll keep showing it to the investors and analysts who do pay us."

How generous. How ethical. How completely insane.

The GDPR Mention

They mentioned GDPR compliance and removing personal data, but here's the issue: GDPR is about personal data, yes, but it's also about the right to object to processing. When a company repeatedly publishes inaccurate business information that can damage your reputation with investors, that's a real problem.

My Final Response

I didn't hold back in my last email:

"I'll tell you this directly, your sources are wrong or extremely lazy. I did not create the page about my company, and the information listed is super inaccurate. I also never requested or consented to any outreach from [company]."

"I'm not providing additional details, as I don't trust a site that emails me out of the blue with a profile I never created and that appears to profit from collecting and publishing company data without consent."

And I called out one more thing that really bothered me: their email footer said "Don't want to receive these emails? Manage your email preferences" โ€” but to manage those preferences, I'd have to create an account with them.

Think about that. To opt out of emails about a profile I never created, I need to create an account with the very platform I'm trying to distance myself from.

I specifically asked: "How exactly does that align with privacy laws?"

This was after they had just spent a paragraph explaining how "committed" they were to GDPR compliance. The irony was almost funny. They invoke GDPR as their shield for why they're removing personal data, but then require me to create an account (providing more personal data) just to stop receiving their marketing emails?

That's not GDPR compliance. That's GDPR theater.

And I think that's what finally broke them.

The Bigger Picture

This isn't just about one company or one email exchange. This is about a growing problem in the tech industry: data aggregation platforms that:

  1. Scrape and compile information without consent
  2. Publish inaccurate information that can harm businesses
  3. Make it nearly impossible to get information removed
  4. Hide behind the "publicly available data" defense
  5. Profit from this information while offering no value to the subjects

The Question We Should All Ask

When did it become acceptable for companies to create profiles about us, publish potentially damaging information, and then tell us we can't have it removed because they found it "publicly available"?

The internet has created incredible opportunities for transparency and information sharing. But it's also created a new kind of problem: platforms that aggregate, publish, and profit from information about people and companies who never asked to be in their database.

I'm still waiting to see if they'll actually delete the profile. But regardless of the outcome, this exchange was a reminder that in the age of data aggregation, we need to be vigilant about how our information is being used โ€” and willing to push back when it's being misused.

Update

They removed the profile. But here's the kicker: they never emailed me back to confirm it.

After all those back-and-forth emails about how they "couldn't delete profiles" because of their policy, about how they could only remove the public-facing version but not the client-facing one, about how they wanted to "work with me" to ensure accuracy โ€” they just quietly removed it and ghosted me.

No confirmation. No apology. No acknowledgment that they could, in fact, delete the profile they said they couldn't delete.

Here's what I think happened: The moment I pointed out the contradiction between their GDPR claims and their email opt-out process, they realized they had a problem. They were proudly citing GDPR compliance while simultaneously requiring account creation to manage email preferences. That's not just bad practice โ€” it's potentially a violation of the very regulation they were using to justify themselves.

So they did what any company caught in a contradiction does: they silently fixed the problem and hoped I wouldn't notice they'd just invalidated every excuse they'd given me.

Let's recap the absurdity:

  • They created an unauthorized profile with completely wrong information
  • They refused to delete it , citing "company policy"
  • They signed me up for marketing emails without consent
  • They claimed GDPR compliance while requiring account creation to opt-out
  • They offered to delete the "public" version but keep the client version (the one they profit from)
  • When called out on their GDPR contradiction, they quietly removed everything
  • They never confirmed they did what I asked in the first email

This proves what I suspected all along: they absolutely had the ability to remove it from day one. They just didn't want to. They made me jump through hoops, sent multiple emails asking me to help them fix their mistakes, invoked privacy regulations while violating privacy principles, and only when I caught them in their own contradiction did they do what I asked in the first email.

And they couldn't even be bothered to send a one-line email saying "We've removed your profile as requested."

That tells you everything you need to know about how these data aggregation platforms operate. They'll fight you on principle, wear you down with bureaucracy, hide behind policies that don't actually exist, and only comply when they realize you've caught them in something they can't talk their way out of. And even then, they won't give you the satisfaction of admitting they were wrong.

The whole thing was absolutely insane. They literally told me they couldn't do something, then did it the moment I pointed out their legal inconsistency, and never acknowledged any of it.

How scummy is that?

The best part? If I hadn't called out their GDPR contradiction, they probably would have kept the profile up indefinitely, continuing to profit from false information about my company while hiding behind policies that apparently don't actually exist.

This is the game they play. And they're betting you'll give up before you catch them in their contradictions.

Note: Company and individual names have been anonymized in this post, but the exchange is real and the issues are widespread across the data aggregation industry.

List of Supporters โค๏ธ

A huge thank you to all the users who have donated and made our work possible.

  • Boulo
  • Roger Nowlan
  • ์ด๊ด‘ํ˜„
  • Arturo Jimenez
  • OH JUNHO
๐Ÿ’ Donate to Coffee & Fun LLC

Contact Support

About Mystery Rank โญ

In Mystery Rank, you contribute to earn a spot in different categories. The more you give, the higher your rank. But here's the catchโ€”no one knows how much anyone else has paid. It's this mystery that makes the competition even more exciting.

Terms and Refunds for Mystery Rank

One-Time Contribution

When you contribute to Mystery Rank, it's a one-time payment that secures your spot in the credits. Please keep in mind that once the payment is made, it's finalโ€”there are no refunds or changes. We want to keep the process fair and transparent for everyone involved.

How Your Rank is Determined

Your rank within your chosen category is based on how much you contribute. The more you contribute, the higher your rank will be. However, the amount you've paid, and what others have paid, will remain private. This adds a layer of mystery and excitement to the competition.

When Your Credit Appears

After your payment is confirmed, your credit will be posted within 12 hours. We work hard to ensure that everyone's contributions are recognized promptly. If for some reason there's a delay, we'll do our best to keep you informed.

Handling Chargebacks

If a chargeback occurs, your credit will be immediately removed from the list, and unfortunately, you'll be blocked from participating in Mystery Rank in the future. We do this to protect the integrity of the rankings and ensure fairness for all contributors.

Updating Your Listing or Link

We understand that sometimes things change. If you need to update your listing or link after it's been posted, just send us an email at [email protected] . We're happy to make one-time updates to ensure your information is correct.

Need Help or Have Questions?

If you have any questions about the process, or if something isn't clear, please don't hesitate to reach out. We're here to help and want to make sure your experience with Mystery Rank is as smooth and enjoyable as possible.

โŒจ๏ธ Keyboard Shortcuts

Show Answer โ–ฒ
Hide Answer โ–ผ
Next Question โ–ถ๏ธŽ
Previous Question โ—€๏ธŽ

Coffee & Fun โ˜•

Our Apps ๐Ÿš€