Please note that threads in this topic are removed from the archive 90 days after the thread was started. If you would like your thread to be retrievable for longer than that, please choose another topic in which to post it.

Bounty - don't understand how they are selling my details when I didn't give them any?

(30 Posts)
fledermaus Tue 03-Jun-14 12:57:24

I received a letter this morning with a special offer from a photography studio. In it they say they got my details from the Bounty pack I received in hospital. The letter is addressed to Mrs F. Maus when I am a Ms but they have the correct address etc.

In the letter it states "your name and address came to us through the Bounty Pack which you received when you were in hospital".

Now, when I was on the postnatal ward there was a pack left on my bed, but I didn't see or speak to a Bounty person or fill anything in.

So how on earth are Bounty now selling my details??

littleducks Tue 03-Jun-14 12:59:24

They took it off your medical records? Wrong on so many levels bibutt I have seen it happen.

FatalCabbage Tue 03-Jun-14 13:02:37

I agree - they have been at your notes. Complain to the hospital, and complain to Bounty with instructions to remove your details from their database. Copy the Information Commissioner so they know you're serious.

DillydollyRIP Tue 03-Jun-14 13:04:12

It sounds like they've taken your details from medical notes or a mw. Either is naughty.

PartialFancy Tue 03-Jun-14 13:06:21

Write to Bounty asking them to show evidence that you have both given them your details, and consented to these being sold.

I think this might come under a Subject Access Request through the Data Protection Act. There'll be information at the Information Commissioner's Office.

If you can word this as "I'm making a SAR under the DPA," they have a legal obligation to respond within so-many days.

If you just phone Bounty, they may say, "Oh we'll just take you off our list, no harm done, no we can't get back your info that we sold."

If you want to stop bad practices, you'll have to do everything in writing and use the information obtained to complain formally to them or the ICO.

RedToothBrush Tue 03-Jun-14 13:06:33

Complain to Bounty. Complain to the hospital.

Sounds like your privacy has been breeched.

RedToothBrush Tue 03-Jun-14 13:07:29

You have to complain to Bounty before the ICO unfortunately.

PartialFancy Tue 03-Jun-14 13:13:58

Yes, the hospital is in the shit as well, because they're the ones who have failed to keep your data safely.

You need the response from Bounty first, where they're unable to show you handed over the details or consented to sharing.

SavoyCabbage Tue 03-Jun-14 13:14:19

I would follow it up as I would want to make the point.

fledermaus Tue 03-Jun-14 13:17:38

Right, have just spoken to the hospital who have said no one would ever give the Bounty woman my details and no way would she had been able to see my notes hmm

Have spoken to someone in the call centre at Bounty, who assures me I must have told the Bounty woman or filled in a form myself. Apparently she has no way of knowing how they got the information/who put it on the system, just that they have it. She offered to take me off the list but I pointed out this was a much bigger issue and I want to know how they got my details. She has promised a call back from a supervisor within 48 hours.

PartialFancy Tue 03-Jun-14 14:02:58

... And this is why you don't bother doing anything on the phone.

I could have told you word for word what their responses would be before you called.

The next thing that will happen is that they will spend all of the next contact saying "We've taken you off the list so we don't see what you're complaining about. You must have given us the details you must have given us the details you must have given us the details."

Which is why you need to go through the tedious written processes above.

Look, if the call centre person said over the phone, "Oh yes, our rep illegally nicked your details and the midwife helped," they'd be admitting to various people committing a criminal act.

Of course they won't. They're going to deny deny deny.

PartialFancy Tue 03-Jun-14 14:09:43

Don't expect any more from the calls. They may even promise "a full investigation" to shut you up.

So, what you need to do now is draft that letter to "The Data Controller, Bounty". Ask them to send you the written evidence that your data was obtained legally, and that you gave consent to sell it.

An organisation's Data Controller is the person legally responsible for their database, and will be the one in court defending their actions. They will not be amused to have been landed there by the actions of a ward rep.

PartialFancy Tue 03-Jun-14 14:12:45

Actually you have achieved a small win already. The call centre person admitted you were on the database.

Document this - you can add it to your letter" "In my conversation with your call centre today, your operative agreed she could see my data in your system..."

RedToothBrush Tue 03-Jun-14 14:54:29


They have to record any complaint made in this way, and can not ignore it in the same way as a phone complaint. Especially with regard to the hospital.

Even if they issue a denial over this, they will STILL have on file a record of your complaint, so if they get similar complaints they will be forced to investigate.

Everything else PartialFancy said is spot on. If Bounty fail to give you a response you are satisfied with (eg prove you signed up legally) then you can take it to the ICO and you also then have cause to follow up your complaint with the hospital.

Info on making a Data Subject Access Request here.

Keep a record of everything including dates you contact them.

RedToothBrush Tue 03-Jun-14 15:01:05

Incidently, technically speaking, if you do not recall having signed up for Bounty there is already an issue here, in that legally they have to make it very clear what you are giving any details for.

I think I'd probably also contact PALS & complain about the hospital's poor data security.

Winterwardrobetime Tue 03-Jun-14 15:01:49

Message withdrawn at poster's request.

fledermaus Wed 04-Jun-14 12:05:19

Someone called me back today and confirmed that the source of my details was the "distributor" at the hospital.

FatalCabbage Wed 04-Jun-14 12:52:42

o rly

Write asking for a copy of the consent form.

MollyGetsHerWandOut Wed 04-Jun-14 12:59:00

Distributor of what Bounty or your Data at the hospital? Something dodgy going on here.

fledermaus Wed 04-Jun-14 13:01:14

Distributor (of Bounty Packs) I think - Bounty Lady.

I was only on the post natal ward for a couple of hours so didn't even see the Bounty woman, let alone give her my name, address and child's date of birth.

fledermaus Wed 04-Jun-14 13:06:18

Does anyone know who I need to write to at Bounty and at the Hospital? Can I email?

RedToothBrush Wed 04-Jun-14 14:17:53

Personally I would write and send it via delivery that is signed for to both. This way there can be no argument that the complaint was received. Emails have a habit of being ignored unfortunately.

At the hospital I would address it to the Head of Midwifery (try and find a name rather than just the title) detailing your complaint and how to pursue this. Be sure to state that you think your privacy has been breached in the complaint as you never even saw the Bounty Lady. They can not just say 'oh well you must have done' because if you are adamant you haven't then there is an issue in itself, in either data being stolen illegally or Bounty Representatives are failing to a) identify themselves properly b) identify what you are giving your information for properly (which is illegal).

here are details of how to raise a complaint against the NHS which isn't particularly helpful if I'm honest, but it more or less says the above (with additional details of how to take it further - though there may be additional ways not listed there, if the hospital fails to take this seriously - most notably through the CQC).

It may be worth pointing out rather gently to the hospital, that this is a serious issue and they have a duty to safeguard your personal details, and this is falls under the CQC Essential Standards Of Quality and Safety and that indeed after a meeting with Mumsnet in March, Dan Poulter the Health Secretary and agreed to "write to Professor Sir Mike Richards, Chief Inspector of Hospitals, to ensure that the CQC undertake inspections on this specific issue, and to outline their plans for ongoing monitoring."

Secondly, I would write to Bounty and address it to the Data Compliance Manager stating you believe that your data has been stolen and you would like a copy of the form that you apparently signed to verify it is your signature or that of your partners. Unfortunately I'm not sure who this is; it was Sarah Wragg, but the details mysteriously vanished from linkedin. Stressing of course that failure to do this, will mean you have no alternative but to raise this with the ICO as they have failed to provide you with sufficient reassurance that this was done with your permission.

Mumsnet were asking for anyone to share their experiences here, so they could also write to the hospitals / share with Dan Poulter on this thread from a couple of months ago

Just so you are aware for you own sanity which may start to question whether you did indeed unwittingly speak to Bounty (and may wish to mention it either to the hospital or both) there was this article published last year in the telegraph in which a whistle blower, highlighted that reps were being encouraged to steal personal information.

You really do sound like you have a case to be answered here.

fledermaus Wed 04-Jun-14 14:29:04

We were only on the PN ward for about 6 hours, and DP has also confirmed we didn't speak to any Bounty rep so I am absolutely sure I didn't give my details to anyone. The pack was already at the bedside waiting for me when I transferred there and I wonder if my notes were already there, and so accessible, too.

Join the discussion

Join the discussion

Registering is free, easy, and means you can join in the discussion, get discounts, win prizes and lots more.

Register now