Gdpr people I need your help

[GdprSanityNeeded]

I seem to have been sucked into some kind of kafkaesque maelstrom!

Several weeks ago I received to my address a letter from the same bank as I use. The name wasn’t visible in the window so naturally I opened it assuming it was meant for me.

It wasn’t.

So I called the bank naively assuming it would be a simple matter to get the error corrected.

Oh
My
God!

It’s the proverbial banging head against brick wall.

The first person I spoke to plain said there was no way of correcting the issue.

I quickly googled and from what I could see such mistakes should be corrected under Gdpr rules as it means incorrect data is held against my personal data - my address.

Cut to weeks later and a couple of escalations and I’m STILL being told there’s basically nothing they can do.

They’re claiming they know who the customer is but only have this address and their email address recorded under their contact info!

How in this day and age do they not have at least one phone number?

In addition they are saying they’re not allowed - under gdpr rules - to contact the other customer in order to clarify and correct the address info (which I’m pretty sure was the banks mistake in the first place as I can’t see an individual getting their own address wrong!)

I have been offered a significant sum of money to pretty much stop complaining and stop bothering them about this.

I have rejected that offer as I am concerned such a mistake could have financial consequences for me.

Can anyone familiar with retail banking and/or gdpr rules please advise?

And if you do I’d be immensely grateful if you could link/signpost me to the relevant clauses in gdpr legislation.

Also can/should I complain to the relevant gdpr authority? Would that get this resolved?

The person I’m currently communicating with is also insisting that I cannot further escalate the complaint and as always with these things you can’t go to the ombudsman for a set period of time.

So so frustrating.

There should be a data protection manager at the bank. Their privacy policy should give you contact details. Assuming the letter was not about your affairs it is not your data which has been compromised. The ICO is the body to report it to.

I mentioned gdpr right at the start of this. Not once have they mentioned a data protection manager or privacy policy in several conversations.

I understand what you’re saying about it’s the other customers data that has been breached but in my opinion and from what I’ve read of gdpr it’s both of us that have been made vulnerable by this mistake.

What’s absolutely maddening is their refusal to even try and correct it via what seem to me obviously simple options - ie contact the other customer (which I agree as their data has been compromised too they should be informed) and confirm their CORRECT address rather than leaving it on their system incorrectly.

I’d drop it and every time you get post for that person, send it back saying “not known at this address”. It will just be endless Kafka circles otherwise.

I would report it as fraud, someone is saying your address is yours falsely.
My local police has a online service you can use.

I think she and the bank are misunderstanding the “proper reason to use” Personal data in terms of they think that means they cannot contact the customer who’s Mail was sent here incorrectly.

From what I am reading of gdpr and their privacy policy (thanks for the tip) they are not only allowed but obligated to contact him because his data is also recorded incorrectly by them.

Are they trying to avoid a “black mark” under the ico?

Not found info for a data manager yet though

Theirs soz

@LilacTree1 I would if it were something innocuous but as it’s a bank and the same bank I’m with I don’t feel secure in doing so

@homemadecommunistrussia I’m seriously considering contacting action fraud or even the police for advice.

Absolutely ludicrous that they can’t simply delete MY address from the other customers info as it’s clearly incorrect

I totally would, gdpr is a red herring.

I’ve been with this bank a long time and until now received good service but this is really pissing me off!

And worrying me that they’re clueless about data protection laws!

Could you not complain that it is a GDPR issue for you - as your credit history could be negatively impacted by having another person "registered" at your address.

And if you do not get anywhere then threaten and follow through with contacting the the ICO

Probably also worth contacting one of the credit referencing agencies to ensure you are "disassociated" from this third party in case they do have a bad credit rating.

all banks have a data manager - if they are not being helpful just go straight to ico.

Could you not complain that it is a GDPR issue for you - as your credit history could be negatively impacted by having another person "registered" at your address.
That’s rubbish though , credit files are not based on address.

Return to sender, addressee unknown. You won’t need to talk to anyone that way

I have a similar thing though I think the person did live here at some point. The bank have said they can’t stop sending letters as they have no other address.

It won't affect your credit rating if this person is a 3rd party.

Also, it may not be a gdpr issue for the other person if they provided your address to the bank. You can prove that you live there but you can't prove that that the 3rd party doesn't live there.

When I used to work financial services we would flag any accounts where mail was returned to sender. We wouldn't actively contact the customer. We definitely wouldn't tell the person who flagged it what we'd done because that would be an actual data protection breach.

“Return to sender, addressee unknown.” Is really effectively what I’ve done - informed the sender that the addressee is not at this address and never has been to the best of my knowledge.

They’re saying they can stop sending his post to this address but that is all they will do! That’s meaningless if according to their system (and possibly impacting on credit checks) he is registered as being at this address!

I know they SAY the address makes no difference but it’s not just the address, if the customer they have recorded as being at this address isn’t that attaches his name to my data and potentially affects my credit history.

Which I have worked hard to achieve and maintain a good one.

Not to mention any potential fraud linked to my address and possibly my name by default!

The anxiety this is causing is significant and the person who called today went to great lengths to make it clear I would be unable to speak to anyone else but them on the matter.

They have a thing where in banks if you return post continuously they block that persons account and then they just submit proof of residency, you can also email and write stating that this person does not live at this address if they do not respond you can go to the FOS and raise it to them they will then be inclined to respond in 14 days or get a fine. Double check with Experian or equifax that you are not associated to anyone else as If a person with bad credit history lived in that house - it can raise Cifas set against your name as you are associated to that property .

I know they SAY the address makes no difference but it’s not just the address, if the customer they have recorded as being at this address isn’t that attaches his name to my data and potentially affects my credit history.

No it doesn't attach his name to yours at all. You've asked for advice from people who have banking experience, please listen to it.

I am listening but I also have prior experience of a similar situation resulting in my credit history being negatively affected, that’s why I’m so worried.

An ex flat mate after we were no longer living together continued to use the address, racked up a load of debt and it impacted my ability to get credit. Took years to sort out.

Were you financially associated with them?

Morbid, but return with “deceased, no longer at address” and see if that works?

You would only be impacted by their credit history if you have a financial connection (ie applying for credit together, joint account, acting as guarantor).
Your credit history is not affected by anyone who lives with you, or lived at the property before you unless you have a financial connection. (I work for a Credit Reference Agency).

the councils have lists for who are registered at which address-for voting at elections.
that person wouldnt be registered at your address. wouldnt that help in your case to show them as proof?

Not being on the electoral roll doesn't mean you don't live at the address. Also banks can see electoral roll as part of the credit file so they wouldn't need to be sent a copy.

Ok well disappointingly and infuriatingly bank have proven to be plain obstructive!

I contacted ICO for advice and they confirmed I was correct in requesting the data be updated and told me the procedures that should occur and signposted me to the relevant parts of gdpr.

Spoke again with bank and still refusing to even acknowledge the mistake.

I had with help from ico obtained correct contact info for correct dept in this bank to write to by email and have done so using a template they recommended on their site.

It really shouldn’t be this damn hard to get a simple error corrected.

The point of gdpr isn’t to make such things difficult but to ensure companies hold accurate data on us.

That a bank seems not to understand that is just astounding!

So I’ve sent that email and also contacted ombudsman. But the time scales are CRAZY for this stuff, minimum 8 weeks from first complaint until ombudsman will get involved.

There should be quicker and easier ways to hold such companies accountable for poor practice.