Active discussions

Meet the Other Phone. A phone that grows with your child.

Meet the Other Phone.
A phone that grows with your child.

Buy now

Please or to access all these features

Talk
AIBU?

Share your dilemmas and get honest opinions from other Mumsnetters.

Original poster

AIBU - or has “data protection” gone mad?

13 replies

BinkyBuntyFintyCunty · 03/10/2018 10:54

I placed an order to collect at my local Seasalt store. Just rang them to find out if it was there ready as the track & trace for parcel wasn’t clear. Was told that my parcel wasn’t there yet but should be in later today...“however, I can’t take your name and phone number to let you know as I’m not allowed to write it down because of data protection”.

Not allowed to write my name and number down THAT I WAS HAPPY TO GIVE TO THEM?!?! Obviously, I appreciate there need to be safeguards in place at times to prevent fraud, but seriously?...

OP posts:
SneakyGremlins · 03/10/2018 10:54
Confused
safariboot · 03/10/2018 10:55

Jobsworths have been a thing for ever.

Satsumaeater · 03/10/2018 10:58

I've said it before on here, but a little knowledge...

I wish companies would train their staff properly but they don't really know the rules themselves.

Anyone remember the case of M&S refusing to tell someone who'd sent them flowers when the DPA 1998 came in?

CuriousaboutSamphire · 03/10/2018 10:58

That's a really stupid misapplication of the GDPR!

Mind you, it is going to be really hard for them to run a business without taking names and numbers... which are part of their core business, just like your name and address is... essential for delivery! It isn't even Section 9 Sensitive Data!

MrsStrowman · 03/10/2018 10:58

Mamas and papas wouldn't let my mum collect an order from their store because it was in my name she had all of the collection documents, showed them a chain of messages with me asking her to collect it (from the phone number they had listed on the order) and I spoke to the store manager on the phone to confirm everything about the order and that I was fine for mum to collect it. It was a pram suit. They said they couldn't let her because of GDPR!

Pickupthephone · 03/10/2018 11:03

Data protection law hasn’t gone mad but a lot of people don’t understand it.

Shoxfordian · 03/10/2018 11:05

Don't go blaming Data Protection when it's just idiots not understanding it properly

Original poster
BinkyBuntyFintyCunty · 03/10/2018 11:19

Just to clarify, I put “data protection” in quote marks as this was what was said to me. Absolutely agree that it’s not data protection per se that’s the issue but some employees understanding of it. My experience, and others above, just leave the impression of a lack of common sense at times in the interpretation of this law.

OP posts:
FedUpWithBriiiiiick · 03/10/2018 11:38

As a DPO, organisations not properly training/scaring the shit out of their staff about GDPR/DPA2018 to the point of nonsensical policies being introduced really boils my piss.

Data protection legislation should not be an inhibitor to business/customer service. It should be a benefit!

NicoAndTheNiners · 03/10/2018 11:42

We’ve been told at work that in internal group emails we have to use BCC rather than CC so people can’t see each other’s email addresses.

I pointed out they can just go on the global address book and see each other’s email addresses but apparently they’re right and I’m wrong. Hmm

CuriousaboutSamphire · 03/10/2018 11:59

INTERNAL emails?? Again, someone has no idea! And they are forcing you into being a 'secret' organisation, instead of an open and transparent one!

You do have to wonder where people's' common sense went. No part of the new GDPR asks for such stupidity!

melj1213 · 03/10/2018 13:18

Don't go blaming Data Protection when it's just idiots not understanding it properly

The problem often is that companies aren't explaining it to their staff properly. That doesn't make the staff idiots.

I work in customer services in a supermarket so I deal with customer data on a daily basis. When the GDPR regulations came in our management went into overdrive to make sure we complied and issued new store policies to cover it ... but they didn't actually explain the GDPR regulations, they just told us how they were implementing it.

For example, they gave us a locked cupboard to keep any information with customer details in and we were instructed that anything that had customer information must be stored there. This applied from the lost purse with all of a customers ID and personal information to our handover book where we write down that Mrs Smith was very upset and will be in for a refund because she was overcharged 20p on some apples.

This started to affect our work as we couldn't quickly put our hands on information we needed (e.g. if a customer called to ask about lost property). Once we actually looked at the GDPR regulations and not just our store's interpretation of it we realised that the store's policy was overzealous and we had a meeting with our manager to show them this and we then we're able to come up with a new policy to ensure customer information was protected but we could still do our jobs (e.g. our handover book no longer has to be locked in the document cupboard as long as it is kept off the desktop unless it was in use)

NicoAndTheNiners · 03/10/2018 13:26

Yep, internal.

I pointed out the stupidity of it in a team meeting. Manager clarified it with the GDPR team who said yes internal emails need to be BCC’d. Oddly enough within our team we can CC, but to another team we have to BCC. But all on the same internal address book accessible to all.

New posts on this thread. Refresh page