Jump to content


victoria_siempre

GDPR SAR & Pre-action protocols tactics

style="text-align:center;"> Please note that this topic has not had any new posts for the last 446 days.

If you are trying to post a different story then you should start your own new thread. Posting on this thread is likely to mean that you won't get the help and advice that you need.

If you are trying to post information which is relevant to the story in this thread then please flag it up to the site team and they will allow you to post.

Thank you

Recommended Posts

Hi guys

 

These recent experiences may be helpful.

 

I submitted an email GDPR SAR request to Cabot based on CAG guidence regarding a threat with menace that is statute barred. I received an automated email the next day requesting name, rank, number, D.O.B. etc within two months (I kid you not). Two weeks later I receive a template postal reponse relying on Article 6 of the Regulation and a lawful base for processing personal data. Helpfully, Cabot confirmed that they were now the Data Controller and that they had received my SAR request (which is now some 28 days ago). Whilst my balls are not crystal... you can read the rest.

"

Dear Sir

I note your mailed letter dated xx August 2018 purporting Cabot Reference xxxx7666 (Corbyn might call this a lack of an English sense of irony).

I thank you for confirming that you are now the Data Controller. I thank you for confirming receipt of my Subject Access Request of xxth July 2018 and your 'relevant team's' response of xxth July 2018. You will be conscious that, under the new GDPR regime, you have one month from its inception to comply with my GDPR 2018 Subject Access Request.

"

On a different, yet related note, I received a letter before action (based on the new pre-action-protocol) from Robbers Way on an Egg account that is statute barred and submitted the advised CAG response. I have the standard response; account on hold blah-di-blah.

 

 

These two CAG advices that I deployed might be usefully signposted as powerful tactical weapons.

 

 

Love

 

 

 

vic

x

Share this post


Link to post
Share on other sites

"

At times, for the purpose of debt collection, we will need to share your personal data with other companies:

 

 

...

 

 

Whenever we engage with a third party we ensure that the third party has a similar level of safeguards and controls in place before sharing your personal data with them."

 

 

QED

Edited by victoria_siempre
typo

Share this post


Link to post
Share on other sites

Thread moved to the appropriate forum.Please continue to post here to your thread.

 

Regards

 

Andy


We could do with some help from you.

PLEASE HELP US TO KEEP THIS SITE RUNNING EVERY POUND DONATED WILL HELP US TO KEEP HELPING OTHERS

 

 Have we helped you ...?         Please Donate button to the Consumer Action Group

 

If you want advice on your thread please PM me a link to your thread

Share this post


Link to post
Share on other sites

Thanks Andy

 

 

They are on the bounce with a reply this am:

 

 

"

 

mwy6.png

Set-up a

payment plan

mwyq.png

Calculate

your budget

mw9s.png

Make us

an offer

 

mw9m.png

Update your

personal details

mw93.png

Make a

payment

mw95.png

Chat with a

Consultant online

 

 

Cabot Financial (Europe) Limited is an Appointed Representative of Cabot Credit Management Group Limited which is authorised and regulated by the Financial Conduct Authority with firm reference number 677910.

Cabot Financial (Europe) Limited is registered in England and Wales with Company No. 3439445. Registered Office: 1 Kings Hill Avenue, Kings Hill, West Malling, Kent ME194UA.

Cabot Financial (Marlin) Limited is registered in England and Wales with Company No. 4618038. Registered Office: Marlin House, 16-22 Grafton Road, Worthing, West Sussex, BN11 1QP.

 

 

CCM-Footer-With-Title-2015.jpg ics_awards_winner_2017.jpg

Cabot Financial (Europe) Limited is part of the Cabot Credit Management Group CabotCM.JPG

DISCLAIMER: The information contained in this message is confidential and is intended for the addressee only and may also be privileged or exempt from disclosure under applicable law. The unauthorised use, disclosure, copying or alteration of this message is strictly forbidden and may be illegal. If you have received this message in error please notify the originator immediately and delete it from your system and do not copy, disclose or otherwise act upon any part of this e-mail or its attachments. Cabot Financial (Europe) Limited will not be liable for direct, special, indirect or consequential damages arising from any use or alteration of the contents of this message by a third party or as a result of any virus being passed on. Cabot Financial (Europe) Limited reserves the right to monitor and record e-mail messages sent to and from this address for the purposes of investigating or detecting any unauthorised use of its system and ensuring its compliance policies are adhered to. Any opinion or other information in this e-mail or its attachments that does not relate to the business of Cabot Financial (Europe) Limited is personal to the sender and is not given or endorsed by Cabot Financial (Europe) Limited. Registered in England and Wales with company number 3439445. Registered office: 1 Kings Hill Avenue, Kings Hill, West Malling, Kent, ME19 4UA.

Cabot Financial (Europe) Limited is an Appointed Representative of Cabot Credit Management Group Limited which is authorised and regulated by the Financial Conduct Authority with firm reference number 677910.

Thank you for your email.

The security of your information is our priority; it is important that your email account is kept secure and does not become known to someone else. If this is a shared mailbox, is not your personal email or you do not wish to have your details disclosed by email please notify us and we will use an alternative contact method.

We are unable to provide any information by email without undertaking some security checks so we can ensure we have the correct person. Before responding to this email, we must stress that by completing the details below, you consent for us to use this email address for communication, which may contain information that is personal to you.

Please reply to this email with the following information: (this must be completed in full)

 

  • Are you the only person who can access this mailbox?
  • Full name
  • Date of Birth
  • Full Address including Postal Code
  • Home/Business or Mobile Telephone Number

Important: When communicating by email, please remember that it may be ‘insecure’. we would urge you to consider the personal information that you include and we will do the same. If at any time, you no longer wish for your personal information to be communicated by email, or you no longer have access to the mailbox provided, please notify us immediately.

Peace of mind has never been simpler

To make managing your account easier, you can register yourself onto our website MyCabot.

The process is simple and only takes a few moments. After that you will have access to many great features to help you:

 

 

 

"

 

 

My response is:

 

 

"

Dear Sir

You have failed to comply with my GDPR SAR request within the required timeframe. I serve notice that I shall commence proceedings in the County Court in fourteen days without further notice to you. I seek recompense in the sum of £9999 for the distress and embarrassment caused by your processing my personal data in breach of Section 6 of GDPR 2018.

A payment by cheque to the person at the address to whom you are demanding monies with menace will suffice to stop these proceedings.

Yours faithfully

"

There is no danger to me in being identified with a statute barred account; I am interested in the extent to which they wish to chance their arm in a blatant disregard of UK law. Wonga, Cabot, Wonga.

vic

 

 

 

x

Share this post


Link to post
Share on other sites
You have failed to comply with my GDPR SAR request within the required timeframe. I serve notice that I shall commence proceedings in the County Court in fourteen days without further notice to you. I seek recompense in the sum of £9999 for the distress and embarrassment caused by your processing my personal data in breach of Section 6 of GDPR 2018

 

A payment by cheque to the person at the address to whom you are demanding monies with menace will suffice to stop these proceedings.

 

If you were to actually bring proceedings for this, then a judge would likely see your actions as nothing more than vexatious.

 

Cabot have, rightfully, asked for further information to confirm your identity. This essentially puts your right of access request on hold until you respond. It appears that you haven't responded to their request for further information.

Share this post


Link to post
Share on other sites
"

At times, for the purpose of debt collection, we will need to share your personal data with other companies:

 

 

...

 

 

Whenever we engage with a third party we ensure that the third party has a similar level of safeguards and controls in place before sharing your personal data with them."

 

 

QED

 

I hope in your SAR you requested the name of any third party and the dates which they have shared your personal data including debt collectors, solicitors etc. If that is more than 30 days and those third parties have not written to you with the relevant article 14 information then you have a case against those parties under the gdpr

Share this post


Link to post
Share on other sites
I hope in your SAR you requested the name of any third party and the dates which they have shared your personal data including debt collectors, solicitors etc. If that is more than 30 days and those third parties have not written to you with the relevant article 14 information then you have a case against those parties under the gdpr

 

This is not correct.

 

If a data controller provides your personal data to a third party, in most cases they will be a data processor rather than a data controller. There are some scenarios when a third party will be a data controller and this will be determined by the relationship with the original data controller (the ICO may well ask to see the contract between the parties to establish the nature of the relationship).

 

If a third party is a data processor, they do not have to provide you with your personal data and they should just forward any SAR back to the original data controller.

 

However, if a third party is a data controller, then you would need to submit a new SAR to that third party.

Share this post


Link to post
Share on other sites

Hi guys

 

 

I have not heard a dicky-bird from Cabot since. Notwithstanding the barrack room theology of how many data controllers may dance with data processors on the point of a needle, the tactical request has achieved its purpose in that the account is now unambiguously statute barred. Should I hear from Cabot again, I shall instigate a small claim for the principled enjoyment of it.

 

 

On the Egg matter, Robbers Way have also maintained radio silence, and their's is unambiguously statute barred in any case.

 

 

So, after many long years of harrassment (about eight I think), I am finally free thanks to CAG. I started with 55k of claims: have paid 1k in part settlement (this was a mistake as dx rightly told me); have been to court only once, where I won against MKDP for 13k with £450 costs as a LIP, which was scary but boosted my confidence thereafter.

 

 

Go well all Caggers

 

 

 

Love

 

 

vic

xxx

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 Caggers

    No registered users viewing this page.


  • Have we helped you ...?


×
×
  • Create New...