Marc Gander - The Consumer Survival Handbook


A 220 page introduction to all things consumer related by our own BankFodder.

Includes energy companies, mobile phone providers, retailers, banks, insurance companies,debt collection agencies, reclaim companies, secondhand car sellers, cowboy garages, cowboy builders and all the rest who put their own profits before you.

£6.99



Patricia Pearl - Small Claims Procedure - A Practical Guide


An excellent guide for the layperson in how to use the County Court - a must if you are intending to start a claim.

£19.99 + £1.50 (P&P)


+ Reply to Thread
Results 1 to 9 of 9
  1. #1
    Gold Account Holder paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton's Avatar



    Follow Real_CAG on Twitter
    Cagger since : Apr 2006
    Posts : 3,830 (0.84 post per day)

    Default ICO circumvent own GDPR guidelines?!!!!

    Thought id challenge the processing of my personal dataicon by a former employer in relation to my banking data, death-in-service beneficiaries and emergency contact details (wife and son's personal data). I left the company in June 2016.

    The ICOicon's public guidance is that the aforestated data should be deleted once the employee leaves the company.

    The ICO has just made a decision that is contrary to the public guidance???
    the decision states companies can process the data for seven years. This is bizarre - either the public guidance requires amending or the ICO decision in my case is plainly wrong. What chance has joe public got???????

    Below is the ICO's public guidance.

    Example

    An employer should review the personal data it holds about an employee when they leave the organisation’s employment. It will need to retain enough data to enable the organisation to deal with, for example, providing references or pension arrangements. However, it should delete personal data that it is unlikely to need again from its records – such as the employee’s emergency contact details, previous addresses, or death-in-service beneficiary details.

    An appeaser is one who feeds a crocodile, hoping it will eat him last. <br />
    Winston Churchill
    Follows
    0
    Following
    0

  2. #2
    Site Team steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered's Avatar



    Follow Real_CAG on Twitter
    Cagger since : Dec 2012
    Posts : 5,247 (2.45 post per day)

    Default Re: ICO circumvent own GDPR guidelines?!!!!

    Hi, what decision are you referring to? Are you referring to a published ICOicon enforcement notice?

    PLEASE HELP US TO KEEP THIS SITE RUNNING
    EVERY POUND DONATED WILL HELP US TO KEEP HELPING OTHERS

    Follows
    0
    Following
    0

  3. #3
    Gold Account Holder paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton's Avatar



    Follow Real_CAG on Twitter
    Cagger since : Apr 2006
    Posts : 3,830 (0.84 post per day)

    Default Re: ICO circumvent own GDPR guidelines?!!!!

    A complaint I submitted. The ICOicon has decided to make a decision in favour of big business contrary to their public guidance. The ICO are a disgrace.

    An appeaser is one who feeds a crocodile, hoping it will eat him last. <br />
    Winston Churchill
    Follows
    0
    Following
    0

  4. #4
    Basic Account Holder
    Do you record your calls?
    You'll regret it if you don't.
    CraigMcK Novitiate



    Follow Real_CAG on Twitter
    Cagger since : Jul 2012
    Posts : 190 (0.08 post per day)

    Default Re: ICO circumvent own GDPR guidelines?!!!!

    If you consider it from the employer's side. Let's say in a few years you decide to claim for hearing loss. If they have destroyed all reference to your existence how could they possibly defend a claim without any evidence.
    There are issues which I don't think were fully considered prior to the GDPRicon coming into force which will be coming to light now.


  5. #5
    Site Team steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered Authoritative steampowered's Avatar



    Follow Real_CAG on Twitter
    Cagger since : Dec 2012
    Posts : 5,247 (2.45 post per day)

    Default Re: ICO circumvent own GDPR guidelines?!!!!

    I see. It is difficult to comment without details of what they ICOicon said in their decision, unfortunately.

    PLEASE HELP US TO KEEP THIS SITE RUNNING
    EVERY POUND DONATED WILL HELP US TO KEEP HELPING OTHERS

    Follows
    0
    Following
    0

  6. #6
    Gold Account Holder paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton's Avatar



    Follow Real_CAG on Twitter
    Cagger since : Apr 2006
    Posts : 3,830 (0.84 post per day)

    Default Re: ICO circumvent own GDPR guidelines?!!!!

    Quote Originally Posted by CraigMcK View Post
    If you consider it from the employer's side. Let's say in a few years you decide to claim for hearing loss. If they have destroyed all reference to your existence how could they possibly defend a claim without any evidence.
    There are issues which I don't think were fully considered prior to the GDPRicon coming into force which will be coming to light now.
    The ICOicon state that employers should delete details of death-in-service beneficiaries and third party emergency contact details once the employee leaves the company. My complaint was that after two years the company was continuing to process said data. The ICO has ignored their own public advice and has stated that a company can hold it for seven years.

    If this is the case then surely the ICO guidance needs amending???

    https://ico.org.uk/for-organisations...ge-limitation/

    An appeaser is one who feeds a crocodile, hoping it will eat him last. <br />
    Winston Churchill
    Follows
    0
    Following
    0

  7. #7
    Site Team mariner51 Highly informative mariner51 Highly informative mariner51 Highly informative mariner51 Highly informative mariner51 Highly informative mariner51 Highly informative mariner51's Avatar



    Follow Real_CAG on Twitter
    Cagger since : Jan 2011
    Posts : 2,987 (1.06 post per day)

    Default Re: ICO circumvent own GDPR guidelines?!!!!

    IMO it is only ICOicon Guidance, without force of Statute, but poss 'Best Practice'.
    It says 'should' - suggestion, not 'must' - a command in the English lang.The Co should be able
    to defend their position.
    The Highway Code is only Guidance, but it does list the Primary legislation pertaining to most of the Sections, which you ignore at your peril.


  8. #8
    Gold Account Holder paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton Authoritative paulwlton's Avatar



    Follow Real_CAG on Twitter
    Cagger since : Apr 2006
    Posts : 3,830 (0.84 post per day)

    Default

    Quote Originally Posted by mariner51 View Post
    IMO it is only ICOicon Guidance, without force of Statute, but poss 'Best Practice'.
    It says 'should' - suggestion, not 'must' - a command in the English lang.The Co should be able
    to defend their position.
    The Highway Code is only Guidance, but it does list the Primary legislation pertaining to most of the Sections, which you ignore at your peril.
    The guidance perhaps needs re-wording to include “should be deleted unless the company retains the data pursuant to the administration of justice”

    The problemI have with the ICO's decision is that the company has never registered or paid the fee under the GDPRicon - they rely on exemption "processing only for staff administration"..... so they cannot rely on processing for the "administration of justice"

    Speaking with the ICO today and will appeal the descision on the above basis.

    Regards


  9. #9
    Basic Account Holder
    Do you record your calls?
    You'll regret it if you don't.
    steveod Novitiate



    Follow Real_CAG on Twitter
    Cagger since : Aug 2010
    Posts : 233 (0.08 post per day)

    Default Re: ICO circumvent own GDPR guidelines?!!!!

    No the guidance doesnít need rewording. The guidance is factually correct and based on the data minimisation principles.Itís the interpretation by the ICOicon lackey thatís the issue. The employer only needs to keep the SPECIFIC data required for statutory obligations or possible legal procedures such as unfair dismissal etc and 2 years is usually ample except perhaps for personal dataicon relating to pension. However in all cases of retention the GDPRicon enforces data minimisation. The employer in the OPs case has no reasonable reason for keeping the information above which is being processed. They have no reason for keeping the emergency contact details or the other info for any possible purposes. In my opinion I would not even bother with the ICO. Letter before claim to previous employer giving them 30 days to delete the data or provide the reason why they are not GDPRicon compliant as regards data minimisation and see you in court.



Reclaim the Right Ltd. - reg.05783665 in the UK reg. office:- 923 Finchley Road London NW11 7PE
We use cookies to personalise content and ads and to provide social media features. We also share information about your use of our site with our advertising and analytics partners. See details