[butterknife]

> But they already have that if you always use the same debit or credit cards like most people do.

Don't they have only the last 4 digits and the issuer of the card? It is likely enough but there will be some noise.

Not to mention any potential legal trouble if they used the card details without explicit consent. App contracts will get around that.

[crazygringo]

They have your name too. From what I understand, the tracking is generally done via something like the hash of the card number though. I've never heard of any legal or compliance issues with that, since the card number itself is not stored.

[butterknife]

Submitted a Subject Access Request to McDonald's here in the UK. I'll update here on progress.