UK Bank Phone Insurance Data Protection Breach

Specialboy27

It's recently come to my attention that my phone that was insured with a UK Bank, and returned to them under the policy due to damage; has since been repaired and subsequently sent to Asia. This phone, which contains all of my personal information, bank details, contacts, email, photos, apple ID, Apps etc.

My contacts which synchronises with my email list has been removed a few times which raised my suspicions. I've logged on to find my iPhone to find there are 2 accounts, one of which is in Asia! I've now got lots of foreign contacts (looks like Chinese). For this UK Bank which offer me my protection, I feel rather outraged and let down as this person in Asia has had access to my data for what could be months.

What would be the best course of action in contacting the Bank? Could this be a serious matter?

Would you like to know which bank can't even adhere to the Data Protection Act?

Rusty!

You should have wiped it before sending it in.

prowla

Rusty! wrote: »

You should have wiped it before sending it in.

Very clever indeed, but did you see the mention of damage in the OP?

Specialboy27

Phone would not turn on - but of course a wipe would have happened if it could.

Regardless of that, its the DPA aspect I'm more interested in. How could their procedure fail? How many other people is this happening to without them knowing?

prowla

Specialboy27 wrote: »

Phone would not turn on - but of course a wipe would have happened if it could.

Regardless of that, its the DPA aspect I'm more interested in. How could their procedure fail? How many other people is this happening to without them knowing?

Gary Glitter...

(Not implying anything in relation to yourself, but just an example of how the data on kit may be accessed during repairs.)

System

Specialboy27 wrote: »

It's recently come to my attention that my phone that was insured with a UK Bank, and returned to them under the policy due to damage; has since been repaired and subsequently sent to Asia. This phone, which contains all of my personal information, bank details, contacts, email, photos, apple ID, Apps etc.

My contacts which synchronises with my email list has been removed a few times which raised my suspicions. I've logged on to find my iPhone to find there are 2 accounts, one of which is in Asia! I've now got lots of foreign contacts (looks like Chinese). For this UK Bank which offer me my protection, I feel rather outraged and let down as this person in Asia has had access to my data for what could be months.

What would be the best course of action in contacting the Bank? Could this be a serious matter?

Would you like to know which bank can't even adhere to the Data Protection Act?

So basically you are saying that you haven't removed your old Iphone out of your account and now the new owener is setting his up it autoimatically syncs with your data because it is still registered there. Haven't you caused the breach?

The phone may have been wiped but the unique ID is still registered on your account and under your control.

Specialboy27

How can the phone have been wiped but still has my email account active and appleID? The point is, that it obviously hasnt been wiped and contains all my data and ive had no instruction to remove any account from anything.

This isnt about the technicalities of what has happened. I just wanted to see if the general concensus is that its a totally normal and acceptable procedure by said bank.

Rusty!

prowla wrote: »

Very clever indeed, but did you see the mention of damage in the OP?

'Damage' could mean any number of things.

sparkstertom

You'll probably find you signed for that anyway... Most of the companies state in the small print that they utilise third party companies, many of whom are not based within the EU and don't necessarily need to comply, or rather, are not required to comply with DPA/European legislation..

Worth a punt though I 'spect....

Bang in a complaint and see what they say...