Data protection breach app?

[Dontbeatool]

So I accidentally found out this week that my dog Walker had added me to a dog walking app several years ago, without my knowledge. This included my personal details- name, phone number, address and my dogs details. Am I right to be annoyed?

Oh don’t be so silly.

Out of interest, where do you store her phone number?

Who has access to this? If it's anyone other than the dogwalker (or associates for legitimate business use) I'd be raging! This would be a GDPR breach and she could get fined....unfortunately unless you can demonstrate 'harm' , all you get is an apology.
I'd definitely be raising this - officially.

That’s the point it isn’t secure how can it be when they’re not even aware it’s on there?

Why does it even matter? What do you think could happen?

You’re missing the whole point.

Who isn't aware it's on there?

My dog walker

You said there's no public access.
How did you access it?

Your data is on various applications EVERYWHERE! Do you think your bank just has your details written in a big notepad, no, they have it on their own applications.

You're being ridiculous.

If it's not publicly accessible then I'm really not seeing the drama with this. I think you've massively overreacted. Hopefully you haven't been rude to the dog walker!

Are you trying to stay 'off the grid'?

This was from some years ago and she forgot. It's just not something I would get worked up about.

Well done for embarrassing your dog walker who's probably struggling, like many, at the moment to make a living.

Do you check that every shop, company, app etc you use complies with GDPR?

Have you ever Googled yourself to see what information is out there about you?

She'd forgotten that's all. She obvs did know about it as she used to use it to store client details. The app will be secure.

It's the same as her finding an old notebook at the bottom of a drawer that she'd forgotten about.

I haven’t signed anything in regards to my data. And she will store my data on her laptop and on a hard copy I expect.

I think you should walk your dog yourself going forward. No need to involve anyone further.

I suppose yes as long as she deletes it I have no issue.

Oh stop catastrophising. It’s an app, it’s not going to be on her laptop.

I’m not she doesn’t use the app for data storage!! You asked where she stores my data was just telling you calm down

Well, there are two approaches. A generalised statement that third party applications with appropriate safeguards and contracts will be used is appropriate in most cases.

It's relatively rare for small businesses to list specific apps and seek permission to use or change them.

And it's pretty damn likely that the information contained will relate to financial transactions that need to be kept for a minimum of six years anyway.

Where do you store her number?
Is she the owner of the app?
How did you publicly access the non publicly accessible information on the App?
How do you pay her?
Is she a legally registered business that you pay legally for the service?

So many questions...

You’re making things up to suit your own narrative.

I wouldn’t be deleting it if I was the dog walker because you’re being ridiculous.

As you know your personal details are subject to data protection and GDPR, as information there clearly personally identify you.

However, you must also be aware that as a contractor or supplier to you, they have the right to use your personal details in the delivery of those arrangements. ie. If the dog walker collects the dog from your home, then they must have your home address, in some sort of filing system. It’s expected that your contractor should advise you that your personal details will be retained and used for the delivery of said service. You would have to inspect their original paperwork with you to see where that is or isn’t mentioned. If not, and not mentioned subsequently, then that’s the measure of your complaint which holds water at this stage. Also it’s likely that because there’s a financial transaction somewhere along the line, the details of customers forms part of the 7 year rule for financial transactions under HMRC.

In terms of which app, how secure, that it’s old unmaintained data, it’s impossible to quantify at this stage. Which app? What measures are in place around it? The fact it’s been forgotton about isn’t really of much consequence, as your data is accurate and you have suffered no loss or injury. You’d be surprised just how many companies forget how much data they are holding and barely maintain it, or do so badly. But i suspect that your dog walker isn’t being particularly negligent.

I’ve tried to be fair with you and explain in fairly basic terms, and you may have a point which is the original paperwork should have explained their right to process. However at the end of the day if we are talking about a very small dog walking business, rather than a multi national, so clearly they may not have access to the same level of expertise and focus on delivery and accounts, rather than the basics and nuances of GDPR.

That doesn’t exscuse them, but i would ask, what loss have you suffered?

If nothing, and they have disclosed they are keeping the data to you in an app, thus giving you the opportunity to discuss and request deletion, i fail to really see why you are upset and have started bandying GDPR legislation around with your nose out of joint.

Fron what i’ve seen from your posts - you don’t actually understand GDPR (you aren’t alone in this - i know a lot of tech people who don’t - and i doubt myself as a dabbler rather than an expert).

So is it just a fear of your data being stolen?

If so, ask for deletion. You can also ask how they are storing your information now…. Chances are that it’s on invoices, seen by 3rd parties, open to theft there too and there’s legal requirements on how long that’s kept too and thus they won’t be able to delete.

Ultinately if you are dealing with a very small organisation you won’t get multi national expertise. But there’s costs associated with that’s. So choice is upto you.

But you don't know. What app is she using on her laptop do you expect? What security does she have on her laptop? Where does she back it up to?

I love your user name OP, very apt.