Jump to content

style="text-align:center;"> Please note that this topic has not had any new posts for the last 3559 days.

If you are trying to post a different story then you should start your own new thread. Posting on this thread is likely to mean that you won't get the help and advice that you need.

If you are trying to post information which is relevant to the story in this thread then please flag it up to the site team and they will allow you to post.

Thank you

Recommended Posts

Hi, please excuse the length of this email.


I am currently at my wit's end with regard to a certain company's lax security on a database and the way in which my personal details have been allowed to have been lifted without my consent.


Back in early 2009, I signed up to a large sporting venue's mailing list under the condition that I would receive regular mailouts from that specific company. The terms and conditions on the company's website actually stated:


"With Your express consent We, and if applicable, Our partners or other trusted third parties may use Your data for marketing, market research, promotions and related purposes.

With Your express consent, We may also send You offers from us, our affiliates and Our promotional partners based on the data You have given Us."


It was shortly afterwards that I started receiving emails from various other organisations offering me tickets to various sporting events and it was at this stage I realised the person(s) sending me these emails had previously worked for the company I initially asked to receive information on.


At no point have I given my express consent for my data to be passed on to a third party, affiliate or anything else.


Upon contacting the senders of these emails, it appears that they have removed my data from their previous employers without their consent, but for at least 3 different separate parties to be able to remove this data from their previous employer's database makes me smell a rat. Either my data is being sold on or the "secure database" they mention in their website's data protection section is not as secure as they would like me to believe. I was also advisedby these senders that they were in the right to send such correspondence, as they were affiliates with the original company in question. The company in question have stated this is not the case.


I have been in touch with the legal team of the company which legally has my data and to date have received two tickets to an event of my choice for the inconvenience caused. I'm not out to get anything here, except for people to stop abusing my personal information, but please could someone advise on the following:


  • What can I/the ICO do in order to reprimand the company I provided my data to in the first instance?
  • What can I/the ICO do to reprimand the individual who took my data without my express concsent?
  • What are the implications for both the company in legal possession of my data and the individual who took my data, as well as the company which now has my data?
  • Who would be the best to contact (without going down the route of the ICO) in order to resolve this issue? The company who legally have my data, or the company who are in illegal possession of such?

Again, I am sorry this is so long, but I do hope I hear from someone soon!!


Many thanks

Share this post

Link to post
Share on other sites

double post see other thread




Getting There Slowly



Advice is given freely but is in no way meant to be taken as Gospel:-)

Share this post

Link to post
Share on other sites

  • Recently Browsing   0 Caggers

    No registered users viewing this page.

  • Have we helped you ...?

  • Create New...