I had an order and the order page said this customer had 4 previous orders in my store. I couldn't remember this user, so I clicked on the number, the page
https://www.brickowl.com/mystore/orders/history?customer=(blurred) listed 5 orders but for several users having the same username!
It seems this is a bug or general wrongful implementation.
Anyone has experienced this as well?
In case an admin wants to contact me, I can share more details including user Id's (which I won't put here for privacy reasons).
Comments
https://www.brickowl.com/mystore/orders/history?customer=363039
I would put a screenshot here, but that would disclose my orders and the user.
Seems strange to me.
This means: that user (or that account) is impersonating several, different actual physical persona's. Are these physical persona's aware of this? I doubt it.
It almost seems this user is actually a ghost-account used by some other person or system to place orders "on behalf of other persons".
The platform doesn't allow buyer/seller to get each other email address, but the thing that seems to go on as described above with impersonisation, would be allowed?
Actually, because the email address of the physical person is not disclosed, the system facilitates to place orders impersonating other physical persons.
Isn't this a potential GDPR issue as well? An order for a physical person that wasn't actually placed by the person? Did that physical person give consent to share his data with the buyer, the seller and in general the BrickOwl platform?
The other less likely explanation is that they are ordering for family members who live around the world. I've done this over the years (family in the UK, France, Finland, Belgium and Australia) but not with Lego.
In dropshipping there are three parties:
1) consumer (= where the order will be shipped to)
2) seller (= the one that is doing the actual transaction with the consumer; the seller is responsible for the order; you could call this one the "retailer")
3) supplier (= me, where the stock is and that is doing the order fulfilment and shipping)
There are actually 2 streams of contractual obligations here. One between consumer and seller (not me); one between seller and supplier (me).
In this situation, where the seller is acting not only on behalf of a consumer, he is actually pretending to BE that consumer. On my order note, there is no indication of the seller, only of the end consumer (shipping).
In the contract between the seller and the supplier, the seller has the data of the supplier, but the supplier has no clue who is the actual seller. No name, no address, no country, not even an email address. And that is what is a major difference with the dropshipping.
Another feature of dropshipping, would be the items will be shipped as coming from the seller. Since I have no idea I'm used in a dropshipping context, the sender's data will be mine (as the supplier, not the seller). I don't want a consumer knowing my name and address, when I'm merely the supplier and not the seller.
I don't think it's a friends/family situation here. In one order, the seller asked to ship only the parts without invoice or notes.
The impact would be minor for me (except maybe the disclosure of the supplier address and not the seller's address to the consumer). I do believe it should matter to BrickOwl.
Extend the system to technically to allow dropshipping (or update the general T&C saying you can't use BrickOwl data systems to store user data other than the physical user data that is actually doing the order. So basically: user impersonization isn't allowed.)
I wouldn't go too lightly over this.
Just my 2 cents of course sharing some potential privacy and general identity issues. What BrickOwl actually does with these 2 cents, is up to BrickOwl of course.
- You and your buyer
- Your buyer and their buyer
A third contract exists regards shipping:
- You and your shipping agent
So long as you fulfil your end of the deal, you're okay. If your buyer's buyer has a problem, they would need to take it up with your buyer.
Your buyer would have incredible difficulty invoking consumer law to seek a remedy from you because they're not acting as a consumer in this transaction, they're acting as a business. I can only speak from a UK perspective but I imagine it's the same in Belgium too, there's no obligation on anyone to disclose whether or not they are a consumer, nor to use their own name when ordering online (unless the store or marketplace makes it a requirement to do so). But by doing otherwise, they risk losing their legal right to enforce the contract and thus their right of redress. However, if a payment processor is involved, you still have a contractual obligation to meet their requirements - PayPal for example will reserve the right to refund your buyer regardless whether they're a consumer or a business. You also have to meet Brick Owl's requirements (which probably state you should fulfil an order) or risk losing your account.
Your buyer's buyer would have no chance invoking consumer law against you because no contract exists with you.
One other thing - someone asking you not to include paperwork is a clear sign that your buyer is a drop-shipper. From your point of view you can accommodate your buyer unless the order crosses a customs border - so EU to non-EU for example, or USA to Canada, etc. in which case an invoice should always be included.