Iām not in any way opposed to contact tracing, I have the NHS Contact Tracing App open whenever I walk up to a premises I am about to visit. There are certain companies however that are operating a policy of both the NHS QR Code scanning and "contact tracing data collection".
This is not in line with Government Guidance or Regulations.
"In England, you do not have to request details from people who check in with the official NHS QR code poster, and venues should not ask people to do both."
Regulation 7 (Requirement to request certain details of individuals), Paragraph 3: "The requirement in paragraph (2) does not apply where A [an individual] has scanned the QR Code displayed and made available in accordance with regulation 6(2).".
This information gathering practice that companies are doing needs to stop.
If a business can't even be responsible when storing merchant receipts from a card transaction (as required under PCI DSS), they sure ain't going to handle my personal information properly either. The rating I give venues is out of 5 on their data collection practices, 0 being so terrible I didn't continue and left, and 5 being exactly what's mandated by the Government.