The rule in my book is pretty simple: opt-in is perfectly fine, opt-out is shady at best, and morally wrong. This applies to every service and/or subscription, from mailing lists to purchases.

This case is a clear "opt-out" case. If their offer is good enough, they could just explain why properly and people would opt-in. If they need to resort to this kind of tricks to get people enrolled, their offer is not so good and they are feeding on tricking the customers.

In any case, you should never trust a business resorting to these practices. These people won't have a problem selling your personal data whenever they (legally) have the opportunity, or doing anything even when its harmful for you (so long as it's legal). The parentheses are the differentiating point between "shady" and "scam" businesses.

This doesn't necessarily mean that you shouldn't buy from them occasionally (hello ryanair), but you should take every measure at your hand to avoid it and/or protect yourself from them. This includes using throwaway email addresses, refillable debit cards, etc.

If I happened to be an investor in that company, I would first push for good practices before it's too late. If that fails, I would do anything possible to get my money out of there. Apparently you and others like you do not think the same way, so "shady" business practices won't die. I just hope that your grandma doesn't ever get tricked into losing much because of that, or you will feel really really bad that day.