sar response

[dodgykebab]

ive requested a sar on my hsbc accounts. i followed all the correct procedures when doing so. i know my request was signed for on the 11/5/11.

should i recieve a letter saying they have received the sar request?

[cerberusalert]

It is courtesy & good business practice to acknowledge receipt, but not all do.

 

If you don't receive the information within 40 calendar days from them receiving your request complain to the ICO.

[dodgykebab]

is there anyone at hsbc who i could contact to check the progress of the the sar request?

[cerberusalert]

There's not much chance of them giving you an update, they won't know themselves until they've located and accessed all your information.

[dodgykebab]

so basically i wait until the 40 days pass since i know the request was signed for?

[Old Cogger]

Things do not happen over night with these people, time limits on all.

[ims21]

so basically i wait until the 40 days pass since i know the request was signed for?

 

Yep just wait out the 40 days

 

Frustratin innit?

[dodgykebab]

right im about aweek away from the 40 days. i have prove from royal mail it was signed for (even if the signature was a swiggle!) but ive got a name.

what happens if i dont see a response from them within the 40 days?

ive also seen that sometimes they ask for prove of identity? obviously this should only hold up them sending the sar out if they request it from me?

[ims21]

right im about aweek away from the 40 days. i have prove from royal mail it was signed for (even if the signature was a swiggle!) but ive got a name.

what happens if i dont see a response from them within the 40 days?

ive also seen that sometimes they ask for prove of identity? obviously this should only hold up them sending the sar out if they request it from me?

 

Hi dodgy

 

Don't jump the gun here...they still have time.

 

BUT, if they dont comply you can then force them to comply with a complaint to the Information Commissioner and/or by taking them to court.

 

They would be silly to ask for proof of ID at this late stage as they will clearly be guilty of a delaying tactic.

 

Sit tight until the 40 days is up.

 

ims

[dodgykebab]

13 days and counting then...........

[ims21]

13 days and counting then...........

 

Do I detect someone champing at the bit?

[dodgykebab]

LOL. ive just got that feeling that they wont respond as hsbc are so incompetent while ive been dealing with them. cant wait to put them straight really. LOL

[cerberusalert]

Well if they don't provide the information they will be in breach of the Data Protection Act.

[ims21]

And don't forget, then you have the upper hand

 

ims

[dodgykebab]

i recieved a letter today from HFC bank? they state they cannot find my account. the letter is stamped by hsbc and says uk data privacy compliance on it so i pressume its been to the right place. ive never heard of hfc

[ims21]

Hi dodgy

 

I assume you sent it to the correct address and gave some account numbers. HFC are part of HSBC but unusual to get a reply from HFC when you wrote to HSBC.

 

Assuming the above is correct I would send a letter informing them that they and their Data Controller are now in breach of the DPA and that unless you receive the information requested in your subject access request within 7 days you will be issuing in court to force them to comply. In that action you will also be naming their Data Controller and seeking damages at the court's discretion.

 

ims

Edited June 14, 2011 by ims21

[dodgykebab]

yeh sent to the address that i found on this forum. like i said its stamped by various departments on the letter saying they have received it at hsbc. i spoke to customers services today

and had to explain what a sar was because she didn't know what it was?????

ive had a few issues with them before this and it seams like they are giving me the run around hoping i will go away.

is there a template letter i can send now??

[BRIGADIER2JCS]

It is not surprising that ''customer disservice'' had no idea what a SAR is they are programmed each morning with the company script,

involve them in any other dialogue and they blow a fuse:madgrin:

[ims21]

Send them this

 

LETTER BEFORE ACTION

Dear Wallies

s7 Data Protection Act - Subject Access Request

I refer to my Subject Access Request dated (XXXXX) and received by you on (XXXX), copy enclosed.

I have today received a reply from a differnt organisation in your banking group and I enclose a copy of that letter for your reference.

You have failed to comply with my legal request made under s7 Data Protection Act 1998 within the prescribed time limits and as a result your organisation and your Data Controller are in breach of that Act.

Please be aware that if I do not receive all of the information requested in my aforementioned Subject Access Request within 7 days of the date of this letter (14 if you want to be kind) I will be issuing court proceedings to force you to comply with the Data Protection Act 1998 and I shall be naming your Data Cntroller in any action that I bring. I shall also request the court to award me damages in an amount to be decided at the court's discretion.

Yours faithfully,

"

ims

[dodgykebab]

thanks

[louby01]

Is it only banks you can make a sar to? I've just made one to a company (large company) and they have just refused with no reason! Can they do this. Any help appreciated.

[BRIGADIER2JCS]

No the Data Protection Act says that you can demand on payment of the prescribed fee (£10.00)

they must provide ALL data they hold and from what ever system they hold it, including recorded

phone contact.

A little more detail will enable the guys to help.

[cerberusalert]

If they refuse to comply with your request make a complaint to the ICO https://www.ico.gov.uk/Global/contact_us.aspx

[BRIGADIER2JCS]

Thank you Cerbs!!

[dodgykebab]

so i have sent the letter hsbc and i know theyve recieved it. do i class it as them not wanting to comply? why would they pass it to hfs bank??

 

is sending the second letter in this thread the next step?