Being in the UK, and still under GDPR (for now), both companies I've worked for during this period have taken GDPR incredibly serious. Thankfully it's the punishment is so severe that I imagine a large number of companies are scared of it.
But if they weren't, I'd certainly look for another job and likely anonymously report them.
That’s bold man. 😊
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.