Just how many secret credit agencies are there?

[militantconsumer]

This new thread has been inspired by this one, which suggests there is a secret credit referencing and/or anti-fraud agency called N Hunter Limited:

http://www.consumeractiongroup.co.uk/forum/credit-reference-agencies/148597-n-hunter-limited-secret.html

 

I was about to send a Subject Access Request to N Hunter to see what they had on me. But then I realised that I actually have no idea how many companies my bank might have shared my details with. Even if N Hunter held none of my personal information, how do I know there isn't a new version of N Hunter out there, or several new versions?!

 

The impression that is usually given by the banks is that there are just 3 credit reference agencies - Experian, Equifax and Call Credit.

 

This is obviously what they want us to believe. But is it the whole story?

 

I applied for a credit card recently but was turned down. There are no black marks on my credit files at the 3 main CRAs. How do I know there isn't another company out there holding much more information than they do? How do I know that the data they keep is accurate?

 

All pretty worrying if you ask me.

[militantconsumer]

So the first thing I did was check the terms and conditions of my Alliance & Leicester current account:-

31.3. How We use Your information and who We share it with

31.3.1 Apart from providing You with the product or service You have requested, We also use

Your information to:

- check Your identity;

- assess lending risks concerning You and Your financial “associate”;

- trace Your whereabouts to recover debt;

- prevent and detect crime including fraud and/or money laundering;

- for credit scoring, behavioural and statistical analysis and systems testing;

- meet any legal obligations on Us, including statutory and regulatory reporting.

31.3.2 We may also share Your information with:

- other members of the Group for the reasons stated above;

- Our agents and data processors who provide a service to Us and You;

- credit reference and fraud prevention agencies.

31.3.3 In order to provide You with the service You have requested, We may need to share

Your information with organisations outside the EEA*. We will not do this unless We

are satisfied that Your information will be processed as securely as if it were being

processed by Us.

31.3.4 We do not disclose Your information to anyone outside the Group, other than for the

purposes described above, unless:

- We have Your permission; or

- We are required to do so by law.

31.4 Your right to Your information

31.4.1 If You would like a copy of the information We hold about You, please write to The

Data Protection Team at Group Legal, Bldg 3 Fl 2, Carlton Park, Narborough, Leicester

LE19 0AL;

31.4.2 A fee may be payable;

31.4.3 For details of the credit reference and fraud prevention agencies We use, call Freephone

0800 068 1068.

[militantconsumer]

Well, that seems like a pretty comprehensive set of reasons for passing my personal data around.

I decided to start off by calling the freephone number to find out “details of the credit reference and fraud prevention agencies We use”.

I listened to the message about 20 times so that I could write it all down. Here it is:-

Welcome to Alliance and Leicester. Please note you will not be charged for this call. Please listen carefully to the following information.

If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information.

We, and other organisations, may also access and use this information to prevent fraud and money laundering. For example, when:

- checking details on applications for credit and credit-related or other facilities

- managing credit and credit-related accounts or facilities

- recovering debt

- checking details on proposals and claims for all types of insurance

- checking details of job applicants and employees

Details from where we obtain and share information about you are as follows:

Experian Limited - 0844 481 8000

Equifax PLC - 0870 0100 583

Call Credit Limited - 0870 060 1414

Experian Decision Analytics 01704 501 001

Synetics Solutions Limited 01782 664000

CIFAS - please write to: CISAS, 6th Floor, Lynton House, 7-12 Tavistock Square, London WC1H 9LT

You should be aware that Experian is the agency we most commonly use. Please contact these companies directly for more information. Calls will be charged at the national rate.

Please hold to hear this message again.

[militantconsumer]

So there are 6 companies, rather than 3. I have seen my credit files, and they are pretty boring. I wonder what the other 3 companies know about me? I think I am going to write to them and find out.

I am also struggling to understand what they can and cannot do with this information. “We … may also access and use this information to prevent fraud and money laundering … For example, when …. Recovering debt”.

Now, perhaps I am missing something here, but how would searching a database with somebody’s personal data prevent fraud when recovering a debt? To find somebody who has gone missing without paying a debt? Or perhaps see how much somebody is earning if they tell the bank they can’t afford more than £5 per month in repayments?

So, who decides whether the information is being used to detect fraud, or just to make life easier for the banks and the debt collectors? Can the DCAs access these databases when they’re deciding who to phone up, who to pay a home visit to (perhaps somebody with young children) or who to be more aggressive with (heart condition?).

Ok, I am being rather creative here, but you get the point. It’s scary stuff, and we deserve to know more about it.

[militantconsumer]

From the N Hunter thread

 

I contacted my bank (Alliance & Leicester) and found they do not use N Hunter Limted.

 

You certainly did not.

 

From your thread:

 

Details from where we obtain and share information about you are as follows:

 

Experian Limited - 0844 481 8000

Equifax PLC - 0870 0100 583

Call Credit Limited - 0870 060 1414

Experian Decision Analytics 01704 501 001

Synetics Solutions Limited 01782 664000

CIFAS - please write to: CISAS, 6th Floor, Lynton House, 7-12 Tavistock Square, London WC1H 9LT

 

Experian Decision Analytics ARE N Hunter.

How does it work?

[militantconsumer]

I have just called the above number given for Experian Decision Analytics.

 

I was told that the company "Experian Decision Analytics" was previously known as "NCL Software" and that they developed a computer program called "Hunter".

 

It was stressed to me that "Hunter" the program is not the same as "National Hunter" the database.

 

I was told that Experian Decision Analytics ("we") do not hold any data on customers.

 

I was then given the number 0115 941 0888 as their 'Head Office'. This turned out to be Experian's standard customer help centre for idiot questions about credit files. The woman I spoke to insisted that there were only 3 companies who share customers' personal data, and that Experian Decision Analytics are "the same company" as Experian Limited". She had never heard of National Hunter.

Edited May 6, 2009 by militantconsumer

[JonCris]

Don't be deceived by anyone as despite what they claim they ALL use Hunter or at least Experian does as it's owned by them

 

How it operates is that you apply for credit & your lender submits your data to the likes of Experian then they automaticaly submit your details to Hunter to cross check the info you have given in the past plus any other known details which would not normally appear on your main credit file such as marriage status, ethnicity etc;

 

To confirm I would SAR Hunter you may be surprised at what you discover is being held on you

[yourbank]

Fraud prevention and detection

 

In order to prevent and detect fraud we may at any time:

 

• Share information about you across the Royal Bank of Scotland Group and with other insurers;
  
• Pass your details to Insurance Hunter, a central insurance application and claims checking system, whereby it may be checked against information held by Insurance Hunter and shared with other insurers;
  
• Check your details with fraud prevention agencies and, if you give us false or inaccurate information and we suspect fraud, we will record this with the fraud prevention agency. We and other organisations may also use and search these records to:
  
• help make decisions about credit and credit related services for you and members of your household;
  

The above is from RBS legal information:

RBS | Car insurance | Cover you can trust

 

I am assuming that Insurance Hunter is part and parcel of Hunter Limited.

[Nagasis]

Teletrack also have their own cra database for subprime lenders

[militantconsumer]

Here is a copy of the letter which I have sent to N Hunter today.

--------------------

The Data Controller

N HUNTER Limited

PO Box 2756

Stoke-on-Trent

ST6 9AQ

 

Dear Sir / Madam,

It has come to my attention that your organization may hold information about me.

I wish to apply under section 7 of the Data Protection Act 1998 for a copy of ALL such information, and I enclose the statutory fee of £10 made payable to N Hunter Limited.

 

Here are my personal details:

Title: XX

Forename: XX

Middle name: XX

Surname: XX

Current Address: XX

Date of Birth: XX

Other addresses where I have been resident in the past 6 years:

XX

 

I look forward to receiving this information within the 40 day statutory period.

Yours faithfully

[militantconsumer]

N Hunter's website (Problems gaining credit) says:

Howto obtain details of the information we hold about you.

We maycarry out a search, on your behalf, under Section 7 of the Data Protection Act. In order to carry out this search, we will require:

Your date of birth.*

The addresses you have occupied during the last 6 years,with the dates you were at each address.

Payment of £10. Cheques or Postal Orders made payable toN HUNTER Limited.

A copy of a document that shows your authorised signature(e.g. a Passport or Driving Licence).

A copy of a recent utility bill, such as telephone, electricity,gas or council tax, which shows your

present name and address.

 

Wereserve the right to see original identification documents.

 

 

 

However, Section 7 of the Data Protection Act only says:

 

(3) A data controller is not obliged to comply with a request under this section unless he is supplied with such information as he may reasonably require in order to satisfy himself as to the identity of the person making the request and to locate the information which that person seeks.

 

 

I am already concerned about these companies holding too much information about me, and I have no intention of sending them even more information myself.

 

If they already know everything about me, I fail to see why they need all this - I particularly don't understand why they need to see a document with my photo on it.

 

Let's see who wins the argument about what they "reasonably require".

Edited May 6, 2009 by militantconsumer

[postggj]

subbing on this one

 

interesting to know all about hunter

[postggj]

Wereserve the right to see original identification documents.

 

now what statute demands that

 

get real

[militantconsumer]

About Synectics Solutions Ltd

 

Synectics Solutions is an independently owned data management company which was established in 1992.

 

.....

 

We operate from two secure sites and run managed database services solutions for many blue chip clients. We have billions of rows of data under active management in our secure data centres which are regularly audited by our customers, our suppliers and third party data security consultants.

[militantconsumer]

Registration Number: Z6791784

Date Registered: 10 July 2002 Registration Expires: 09 July 2009

 

Data Controller: SYNECTICS SOLUTIONS LTD

 

Address:

SYNECTICS HOUSE

THE HOLLIES

THE BRAMPTON

NEWCASTLE

STAFFORDSHIRE

ST5 0QY

[militantconsumer]

I just called Synectics on the number in Alliance & Leicester's terms and conditions (01782 664000).

 

Finding anything out was a convoluted process and I had to call them twice and I was then passed around a few people.

 

So I don't think they are too used to receiving these kind of requests.

 

Anyway, I was told to write a letter to Steve Sands in the Finance & Legal Department, setting out exactly what data I would like to see, enclosing a cheque for £10 and a copy of some photographic ID to confirm my identity.

 

I will send this off asap, and I will post a copy of what I receive back on this thread.

[militantconsumer]

More from the Synectics website:-

 

National Fraud Initiative (NFI)

 

The Audit commission's National Fraud Initiative (NFI) is a computerised data matching exercise to detect housing benefit, payroll and other frauds perpetrated upon local authorities, NHS bodies and other public and private sector organisations.

 

Run every two years, here is a summary of NFI 2006;

 

• 1333 participating authorities.

• 4994 submitted data sets.

• 230 million rows of data in total.

• 13.3 million matches to possible frauds.

New for NFI 2006 was the introduction of online results delivery, comprising of a secure web based application handling up to 30,000 concurrent sessions from 5,029 distinct users.

NFI 2008 will see further increases in the number of datasets causing exponential growth to the size of the project.

 

This project has saved in excess of £300m of public money.

 

 

SIRA Mail Order

 

Syndicated Intelligence for Risk Avoidance (SIRA) is an operation based around a shared database for the mail order sector which is designed to prevent fraudulent claims for Goods Lost In Transit (GLIT).

 

This solution is provided for the country's largest mail order companies. Containing over 18 million customers, 24 million accounts, 380 million orders and processing over 250,000 new product orders every day, many of these with detailed parcel tracking information. This system is a proven implementation of web technology which has been performance tested with over 1 billion transactions.

Each customer is scored for risk. Any customer who claims for goods lost in transit which require investigation are referred to the Mail Order fraud investigators by a set of rules which have been agreed with each organisation. All matching and analysis reports are provided securely over the Internet through browser based software applications.

 

 

SIRA Financial

 

SIRA Financial builds on the work of SIRA Mail Order. It's a new browser based software application that is being used in the finance industry to detect fraudulent applications.

 

Users have the ability to create and configure business rules which are used to check new applications for financial products (such as mortgages, bank accounts and loans) against known previous fraudulent and suspicious applications.

 

The system allows the users to access prioritised lists of applications to investigate. The priority is determined based on the needs of the business so that applications requiring a quick turnaround are investigated first. The view for each user can also be configured to allow access only to those applications which they are qualified to investigate.

 

Land Rover

 

Since 1995 Synectics Solutions have provided the database management service behind the multiple award winning Land Rover UK direct marketing activity. The database holds details of customers and prospects, their vehicle ownership history and all inbound and outbound contacts. Working together with Land Rover management and their marketing agencies Synectics Solutions help identify the key target groups for a range of strategic communications from prospect generation to customer welcome packs, in service communications, driver events and repurchase follow up.

In addition, a full range of campaign tracking reports are produced to help monitor the success of all communication activities.

 

 

 

Co-op

 

The Co-operative Group (tCG), based in Manchester is the largest consumer co-op in the UK. It now owns over 1600 food stores in the UK leading the top-up food shopping sector with their Welcome and Market Town stores. Synectics Solutions have been helping tCG with ordering seasonal lines since 2001 by providing a centrally run, sales based web browser solution aimed at ordering an appropriate product range and volumes.

The new streamlined allocation process has given the organisation much closer control over seasonal allocations, and has reduced the time that local store management have needed to spend on seasonal allocations.

The system has allowed tCG to provide allocations to over 600 newly acquired stores with little additional load on staff resources.

For Christmas 2003, the system allocated 827 product lines with a total retail value of £53.5 million.

[JonCris]

I just called Synectics on the number in Alliance & Leicester's terms and conditions (01782 664000).

 

Finding anything out was a convoluted process and I had to call them twice and I was then passed around a few people.

 

So I don't think they are too used to receiving these kind of requests.

 

Anyway, I was told to write a letter to Steve Sands in the Finance & Legal Department, setting out exactly what data I would like to see, enclosing a cheque for £10 and a copy of some photographic ID to confirm my identity.

 

I will send this off asap, and I will post a copy of what I receive back on this thread.

 

 

Don't be too specific State "that for the avoidance of doubt I require any and all data you have relating to me"

[BSC]

I wouldn't send photographic ID either - what do they want to do? Add it to your file?

[militantconsumer]

As predicted, here is the response that I have received from N Hunter.

 

I feel a big fight coming on.

 

[postggj]

It Seems Hunter Just Does Not Want To Release Data

 

Now Why Do They Need A Copy Of Your Signature

 

 

Could It Be To Compare Future Applications For Credit

 

Where In The Data Protection Act Does It State They Need A Copy Of Your Sig

[militantconsumer]

The Data Controller

N HUNTER Limited

PO Box 2756

Stoke-on-Trent

ST6 9AQ

 

Dear Sir / Madam

I acknowledge receipt of your letter dated XX May 2009.

I have already supplied you with my name, address, date of birth, and previous addresses over the last six years. This was all included in my letter dated XX May 2009, of which I now enclose a second copy.

I also re-enclose a cheque for the statutory fee of £10.

The Data Protection Act 1998 Section 7 (3) states that:

“A data controller is not obliged to comply with a request under this section unless he is supplied with such information as he may reasonably require in order to satisfy himself as to the identity of the person making the request and to locate the information which that person seeks.”

Nowhere in the Data Protection Act does it state that I am required to provide you with a signature, photo ID and utility bill, and it is my view that you are making excessive and unreasonable demands.

The address to which I am asking you to send this information has been my permanent address for several years, a fact which I am sure will be clear from the data you already hold about me. It is the address which my bank and mortgage provider use for all correspondence, and it is also the address to which Experian, Equifax and Call Credit were all willing to send copies of my Credit Files without seeing all the documentation that you have asked for. I note from your website that you are connected to the Experian group of companies.

Your statement that “N Hunter reserves the right to view original identification documents if requested” is also totally without basis, and I will not allow you to view such documents under any circumstances whatsoever.

I am already extremely concerned that a company with such a low public profile as N Hunter Limited may have acquired significant amounts of sensitive information about me without my knowledge. I have no intention of sending you even more such data when it is completely unnecessary and not required by any law.

However, notwithstanding the above, and as I am prepared to act extremely reasonably over this issue, I have enclosed a photocopy of my driving licence with personal information such as my photograph and signature blacked out. I am sure you will agree that I could not have sent you such a document if I was not the person that I am claiming to be. You will also notice that the same address features on this driving licence.

I would like to take this opportunity to remind you that I am legally entitled, under the Data Protection Act 1998, to see a copy of ALL information that you hold about me. If you continue to refuse this reasonable request, I will make a complaint to the Information Commissioner and will also consider applying to my local County Court for an Order against you. If I am forced to take this course of action I will seek to recover all legal and other costs from N Hunter Limited.

I look forward to receiving the information that I have asked for within 40 days of my original request, which I made on XX May 2009.

Yours faithfully

[Hand written "signature"]

Militant Consumer

[JonCris]

If you DO send them the proof they want also advise them that "this data I have supplied is for my SAR application only & should be returned. For the avoidance of any doubt note it is for identification purposes ONLY and should not at any time be retained by or proccessed by you or any other agency."

[militantconsumer]

Synectic Solutions have responded with the refusal letter below.

 

I will be sending them a similar letter to the one I sent to N Hunter yesterday.

 

[militantconsumer]

My address

XX May 2009

Carole Howell

Synectics Solutions Ltd.

Synectics House,

The Brampton,

Newcastle Under Lyme,

Staffordshire.

ST5 0QY

 

Dear Ms Howell

I acknowledge receipt of your letter dated XX May 2009.

I have already supplied you with my name, address, date of birth, and previous addresses over the last six years. This was all included in my letter dated XX May 2009, of which I now enclose a second copy.

You also confirm in your letter that you have retained my cheque for the statutory fee of £10.

Furthermore, and because I am prepared to be extremely reasonable with my request, I also enclosed with my first letter a photocopy of my driving licence with personal information such as my photograph and signature blacked out. I am sure you will agree that I could not have sent you such a document if I was not the person that I am claiming to be. You will also notice that the same address features on this driving licence.

The Data Protection Act 1998 Section 7 (3) states that:

“A data controller is not obliged to comply with a request under this section unless he is supplied with such information as he may reasonably require in order to satisfy himself as to the identity of the person making the request and to locate the information which that person seeks.”

Nowhere in the Data Protection Act does it state that I am required to provide you with a signature, photo ID and utility bill, and it is my view that you are making excessive and unreasonable demands.

The address to which I am asking you to send this information has been my permanent address for several years, a fact which I am sure will be clear from the data you already hold about me. It is the address which my bank and mortgage provider use for all correspondence, and it is also the address to which Experian, Equifax and Call Credit were all willing to send copies of my Credit Files without seeing all the documentation that you have asked for.

I am already extremely concerned that a company with such a low public profile as Synectic Solutions Limited may have acquired significant amounts of sensitive information about me without my knowledge. I have no intention of sending you even more such data when it is completely unnecessary and not required by any law.

I would like to take this opportunity to remind you that I am legally entitled, under the Data Protection Act 1998, to see a copy of ALL information that you hold about me. If you continue to refuse this reasonable request, I will make a complaint to the Information Commissioner and will also consider applying to my local County Court for an Order against you. If I am forced to take this course of action I will seek to recover all legal and other costs from Synectic Solutions Limited.

I look forward to receiving the information that I have asked for within 40 days of my original request, which I made on XX May 2009.

Yours sincerely

Militant Consumer