BAYV - Data Protection Act

[renegadeimp]

You know the dpa doesnt apply here. Them giving you any info would constitute a breach otherwise.

 

Sadly it looks like your friend hasnt contacted them yet so bayv updated the thread to reflect it.

 

They certainly could have chosen a better way of saying it though.

[veganite]

hi,

why doesn't dpa apply here? i thought that a company could not give information out - whether it is on the internet or not... it would be different had my friend asked for advice, but i asked for advice on my friend - then data given

 

thats my understanding. if you asked for advice concerning one of your friends and then the store / bank etc gave you advice but then followed with personal information about your friend, then that would be a breach of the dpa which is what i consider to have happened here.

[citizenB]

Had BAYV named your friend or identified him/her in anyway - THAT would have been a breach of the DPA for sure. But they didnt, so it wasnt !

 

Those members of site team who take "pot shots" have also been asked to refrain. It is not easy to recruit Customer Reps and whilst their presence is usually self serving - some of them do help for example "Lee of Vodafone" . There have been one or two reps removed from the forum because of their lack of, shall we say, interest !! Unfortunately if those people asking for advice dont make contact when requested then there is little either CAG or the Rep can do. The Reps are asked to report back as best they can within the limitations of the DPA.

 

Obviously you are representing your friend so unless they update you and you update the thread - then when asked..all the Rep can say in order to stay within the rules.. is that no one has been in touch.

[BAYV]

hi,

why doesn't dpa apply here? i thought that a company could not give information out - whether it is on the internet or not... it would be different had my friend asked for advice, but i asked for advice on my friend - then data given

 

thats my understanding. if you asked for advice concerning one of your friends and then the store / bank etc gave you advice but then followed with personal information about your friend, then that would be a breach of the dpa which is what i consider to have happened here.

 

 

Dear veganite

 

The Data Protection Act 1998 (the ‘DPA’) applies only to information

which falls within the definition of ‘personal data’. The concept of

personal data is therefore key to the DPA and Directive 95/46/EC on

the protection of individuals with regard to the processing of

personal data and on the free movement of such data (the

‘European Data Protection Directive’ or the ‘Directive’).

 

The Act defines personal data as information which relates to a living individual who can be identified:

 

from the data or

from the data and other information which is in the possession of, or is likely to come into the possession of, the data controller

The information may be in either electronic or manual (ie paper) form

 

Kind Regards

BAYV

[veganite]

Hello BAYV,

 

Personal data (data that is relating to a living individual who can be identified) should always be processed in accordance to the rights of the data subjects under the Act.

 

In this instance, I asked you for advice on behalf of a friend - whilst you are able to provide me with general advice (as this does not cause a breach of the DPA), my friend / the data subject still has a right to privacy under the Act.

I asked for advice. You provided me with advice. I then provided advice to my friend.

 

IMHO, on 2 occasions within this thread the DPA has been breached by disclosing to me that my friend has not contacted you and this matter is still ongoing.

 

The data controller should at all times operate in accordance with the rights of the data subject. Whilst you can provide general advice, you can not legally provide me with any details of the data subject and can only provide general advice.

 

That is my understanding.

 

Regards

[silverfox1961]

Veganite,

BAYV have not nor will identify your friend and neither will you. This can only happen if your friend agrees to it.

 

As BAYV have not identified your friend by name, any information on this thread could relate to anyone-even me so again, no data breach.

 

If you don't believe what we are saying, please contact the Information Commissioner who will be able to enlighten you.

 

The Data Protection Act covers personal data and all we know is that you have a friend and he or she has an issue with BAYV and a duff TV. If you can show us where your friend has been positively identified, then we can take action.

[renegadeimp]

Simply by saying that the claiming party hasnt yet responded, does not constitute a breach of the DPA though.

[veganite]

BAYV have breached the data protection act in disclosing data - that my friend has not contacted them.

 

They breached the data protection act by informing me of this information.

 

As BAYV stated above:

 

The Act defines personal data as information which relates to a living individual who can be identified

 

The data subject / my friend has not given permission for any of his data to be disclosed to anyone.

[veganite]

Simply by saying that the claiming party hasnt yet responded, does not constitute a breach of the DPA though.

 

As BAYV stated above:

The Act defines personal data as information which relates to a living individual who can be identified

 

The living individual who is identifiable to myself is my friend. BAYV have processed their data within this thread.

[renegadeimp]

i give up. Your friend hasnt been identified by name, address or any other personally idenitifiable info. THATS what the DPA states. You are misinterpreting it. If the rep stated your friends name, address or ANY methof that would make him personally identifiable, then bayv would be in breach. If you tried to claim the above in court as a dpa breach or to the ICO, youd be laughed away.

[renegadeimp]

I obviously know who my friend is, therefore is identified to me.

 

 

Seriously? Admins i think its time this thread was locked :/

[silverfox1961]

obviously know who my friend is, therefore is identified to me.

 

bayv have breached the data protection act in disclosing data - that my friend has not contacted them.

 

They breached the data protection act by informing me of this information.

 

Before this thread was even started, you knew your friend has issues with BAYV therefore they could not divulge any data. You know more than we do about your friends identity. BAYV have given out not one jot of PERSONAL data. Just by saying your friend has not contacted them does not cause a breach of the DPA unless BAYV named them first.

 

Having said that, I know you will make up your own mind so I will leave it to you. No point

[veganite]

Where in the DPA does it state name / address ??

The personally identifiable info is in relation to myself only, nobody else reading this could identify my friend.

 

Thank you for advising me that the ICO and court would laugh at me.

[veganite]

Before this thread was even started, you knew your friend has issues with BAYV therefore they could not divulge any data. You know more than we do about your friends identity. BAYV have given out not one jot of PERSONAL data. Just by saying your friend has not contacted them does not cause a breach of the DPA unless BAYV named them first.

 

Having said that, I know you will make up your own mind so I will leave it to you. No point

 

 

Not one jot of personal data? Here is an example for you:

 

Silverfox goes to the local shop and asks the cashier advice about his friend. The cashier said his friend should call into the shop to pay a newspaper bill. Some 2 or 3 months later, Silverfox returns to the shop and the cashier says that the friend has not called into the shop. Perhaps the friend did not want Silverfox to know that the newspaper bill has not been paid yet.

 

In that example, whilst the cashier has not named the friend and other customers within the shop can not identify the friend, then there has not been a breach of the DPA. However, as Silverfox knows the identity of the friend, then Silverfox knows that the friend has not contacted the shop about the newspaper bill. This is a breach of the DPA.

 

The examples show my thoughts / opinions / understanding / interpretation etc etc etc....

 

Silverfox - I hope that the above examples make some sense to you. Having said that, I know you will make up your own mind so I will leave it to you. No point

[Rex Shepherd 7]

Veganite - your interpretation of the DPA is utterly flawed. It is a drum that you should cease banging promptly so as to avoid a total loss of credibility.

[citizenB]

veganite, as we havent a clue who you are, there is absolutely no way we could identify your friend via you !! or you via the posting by BAYV.

 

There has been NO breach of the DPA by anyone.

[veganite]

veganite, as we havent a clue who you are, there is absolutely no way we could identify your friend via you !! or you via the posting by BAYV.

 

There has been NO breach of the DPA by anyone.

 

hello, thanks for explaining again. Yes, I understand what you are saying and also understand what others are saying. You, and others consider there not to be a breach of the DPA as you can not identify the person.

 

However, I can identify - as he is my friend. Had I not known the identity of the living individual (my friend) then there would not have been a breach of the DPA.

 

Had I not know the identity of my friend, then there would not have been a breach of the DPA.

 

My friends rights under the DPA have IMHO been breached as BAYV have informed that said friend has not contacted them in order to sort out the issue. Perhaps my friend does not want BAYV to inform me on whether or not he has contacted them (as per my advice).

 

The object of the European Data Protection Directive, implemented

in the UK by the DPA, is to provide that “Member States shall

protect the fundamental rights and freedoms of natural persons,

and in particular their right to privacy with respect to the processing

of personal data”.

‘Personal data’ is defined in Article 2 of the Directive by reference to

whether information relates to an identified or identifiable

individual.

Above quoted from: http://ico.org.uk/for_organisations/data_protection/the_guide/~/media/documents/library/Data_Protection/Detailed_specialist_guides/what_is_data_for_the_purposes_of_the_dpa.ashx

 

Identified OR Identifiable individual...

 

It is important to note that, where the ability to identify an individual depends partly on the data held and partly on other information (not necessarily data), the data held will still be “personal data”.

Quoted from: http://ico.org.uk/for_organisations/data_protection/the_guide/key_definitions

 

 

Posting on a forum to update a thread to say no contact has been made (as shown above) would not normally be a breach of the DPA since usually it would be the customer rep and the customer and nobody is identified or identifiable. In this instance, it is not the customer rep and the customer, in this instance it is the customer rep and the customers friend. The living individual is already identified to myself only (and obviously BAYV). BAYV actions of posting to say no contact has been made (they have posted this on 2 occasions) has in my opinion breached the DPA since the individual is identified to myself.

 

The action of informing information / data about an identifiable person to another party without the consent of the identifiable person would IMHO be a breach of the DPA. This is the exact same thing that has happened within this thread. (obviously consent would be needed unless the action arose from a statute etc)

[leigh04]

I think I get what your saying....

 

Your friend is not identified on cag to the readers so no problem there but

 

As bayv commented saying your friend has not made contact with them , they have divulged that to you so here in lies the dpa breach?? As you obviously know your friend but you did not want to know if your friend had contacted them.

 

I may be wrong but is that what you ment?

[veganite]

leigh04, Yes! Eureka! I did explain this to BAYV before they posted an update (as shown above). BAYV then continued to ignore that and post a two further updates which is in breach of the DPA.

[leigh04]

I got ya I cant help on dpa breaches or things like that but at least I can see what you are trying to say

Hope it gets sorted for you

[citizenB]

It might be in your friend's interest to either ask for help themselves or make contact with BAYV.

[honeybee13]

leigh04, Yes! Eureka! I did explain this to BAYV before they posted an update (as shown above). BAYV then continued to ignore that and post a two further updates which is in breach of the DPA.

 

Hello there.

 

If you're sure of your ground, why don't you report bayv to the ICO? As I understand it, they are the people who can take action for this type of breach.

 

Edit: sorry, crossed post.

 

HB

[citizenB]

I find it absolutely bizarre - that you post the forum -on behalf of a friend - level an accusation at BH. Then just because YOU don't want to know if the friend has contacted them or not.. others aren’t entitled to? That is neither fair on other caggers or BAYV!

 

The whole point of CAG is that people update their threads in order that others can see the results.

[veganite]

Summary so far:

 

1. Complaint made to BAYV in respect of harassment, lies and intimidation, requested BAYV to stop all further home visits.

 

2. BAYV customer service and BAYV CEO Graham Clarke then refused to confirm that no further visits would take place. I clearly warned BAYV that legal action would commence if they would not confirm this.

 

3. I installed CCTV cameras on my property since I felt is necessary to protect myself from BAYV. Whilst I realise that there is CCTV covering the front of my property there is nothing covering the rear (which is just a wide open space not fenced).

 

4. The CCTV was a financial loss attributed to BAYV original act of trespass and their inability to confirm that no further visits would take place.

 

5. BAYV stated they would carry out an investigation into my complaint. I would question the validity of their statement, in particular, Graham Clarke the CEO of BAYV stated that he would contact Costcutter head office for CCTV, to which I advised that contact needed to be made at the local store since it is independent. BAYV stated that they would have their legal team obtain a copy of the CCTV. BAYV then stated that an area manager called into the shop in order to obtain a copy of the CCTV.

All may seem very well in regards to BAYV making an effort to investigate my complaint. However, the statement from the owners of the local store state that "no request for CCTV has ever been made!" - which sadly leads me to the conclusion that BAYV did not take my complaint seriously.

 

 

As someone else said within this thread:

The actions of their rep, their customer service and finally their CEO, Graham Clarke are all defining moments

 

 

Update:

 

I have spent considerable amount of time researching case law (most of it irrelevant though interesting) as well as time preparing documents, collecting statements from shop owners, reading and understanding and typing / printing out various documents and notes in order to support my case.

Most of the research was irrelevant because it was not applicable to my legal claim against BAYV.

 

As a LIP, I realise that I can claim £18 per hour in respect of my time it has taken.

To demonstrate a financial loss within the Court documents is a summary of my financial earning as a self employed programmer and analyst.

 

My question: Can I claim more in costs than the actual financial loss of the CCTV?

Using Mainwaring v Goldtech criteria for my costs, at a rate of £18.00 per hour, my total time is valued at far greater than my actual financial loss. Can this be claimed?

[veganite]

To update the thread, the reply from the Information Commissioner states the following:

"....... BAYV have not complied with the requirements of the Data Protection Act in this case.

 

This is because BAYV have confirmed to one of the forum contributors, on two occasions,

that the customer had not contacted them in order for the refund to be progressed."

 

I would urge anyone who has a complaint against BAYV concerning 'data protection' to contact the ICO.

 

This is because the ICO have stated the following:

 

"...,we keep a record of all the concerns we receive and will take these into account if we receive further complaints of a similar nature about BAYV.

 

The information we gather from complaints may form the basis for regulatory action in the future."

 

I will reply to the ICO and request that they now investigate the CCTV recording of the BAYV representative again breaking the Data Protection Act.

 

I do realise that the ICO can not investigate other areas of my complaint concerning the harassment, intimidation and lies, - however, this other complaint is ongoing and will be dealt with by the appropriate authorities.