Nine in 10 people have no idea what companies do with the personal information the firms hold about them, a survey suggests.
The Chartered Institute of Marketing (CIM) survey of 2,500 people also found 57% did not trust the companies to handle their data responsibly.
And 51% complained that they had been contacted by organisations that had misused their data.
The CIM says personal data policies on websites should be clearer and simpler.
It says businesses have failed to persuade people to read their online terms and conditions to understand what they do with personal details.
Instead, according to its research, people are in the dark about data and scared of being spammed or scammed.
The CIM questioned more than 2,500 consumers and marketing professionals, to help businesses looking for new ways to sell to us over the internet.
But rather than discovering an army of well-informed consumers who were happy to share their data, the research unearthed a wall of public bewilderment and mistrust.
Some 92% of respondents did not fully understand how information that companies gleaned about them was being used, and they were highly sceptical about marketing practices.
Most said they did not trust the way organisations handled data, and most also complained that they had been contacted by someone misusing their personal information.
"People are nervous about sharing personal data," said Chris Daly, from the Institute. "Fear of data breaches and misuse has them on high alert."
Businesses are keen to cash in on our individual wants and needs by learning from our previous shopping habits and internet activity.
But there is a mismatch between public feeling and commercial ambition.
For instance, 71% of consumers did not feel comfortable with businesses tracking their whereabouts through their smartphones. Yet, 20% of businesses are already collecting this geo-location data.
Most people do not like sharing data from their social media profiles. Yet, 44% of businesses are collecting it.
The bewilderment about what happens to our data is made worse by lengthy and turgid terms and conditions and privacy policies.
Only 16% of people read them, the CIM found.
The danger is that most internet surfers agree to a website's terms without mugging up on how any information they give away will be exploited.
The CIM says organisations will have to be simple and clear about their policies in order to have any chance of improving trust and confidence.
Among the results discovered by the CIM:
- 92% do not understand how personal information is used
- 57% do not trust organisations to us data responsibly
- 51% say their data misused
- 16% always read T&Cs