📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

My credit card details held against my wishes

UKContractor
UKContractor Posts: 23 Forumite
Part of the Furniture 10 Posts Combo Breaker
edited 25 May 2017 at 6:14PM in Consumer rights
Hi

I've just renewed with Tesco car insurance for another year. Afterwards I asked them once again to turn off autorenew which keeps mysteriously turning itself on ;). Anyway never mind.

The transaction has taken place now but they still are holding my credit card details, I have asked them to take it off and they refuse saying this is industry standard etc, I even spoke to a manager.

So what out my rights here? I thought data protection act may cover this? I don't want them to retain my credit card details.

Thanks
«1

Comments

  • unholyangel
    unholyangel Posts: 16,866 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    Data protection would cover it however data protection only really sets out principles.

    For example you can object to a company processing your data - but that company doesn't have to stop processing your data if they have a valid reason.

    Even if retailers have systems that allow you to register & delete payment methods, they will undoubtedly keep a record of any transactions using whatever payment methods for tax purposes and to prove compliance with money laundering laws etc.
    You keep using that word. I do not think it means what you think it means - Inigo Montoya, The Princess Bride
  • meer53
    meer53 Posts: 10,217 Forumite
    Tenth Anniversary 10,000 Posts Combo Breaker
    What worries you about them keeping the details ?
  • ARandomMiser
    ARandomMiser Posts: 1,756 Forumite
    In this digital era i think we have to accept that companies hang onto information. Possibly because their systems have the means of collecting data but no facility to selectively delete items. The solution is simple ...... Only use companies that meet your digital needs.
    IITYYHTBMAD
  • agrinnall
    agrinnall Posts: 23,344 Forumite
    10,000 Posts Combo Breaker
    Possibly because their systems have the means of collecting data but no facility to selectively delete items.

    That wouldn't be a valid reason under the DPA. Any company claiming that would be in breach of (at least) Principle 5 of Schedule 1.

    https://ico.org.uk/for-organisations/guide-to-data-protection/data-protection-principles/
  • bris
    bris Posts: 10,548 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    It would only breach the DPA if they shared those details without permission.


    Companies can hold onto your info for six years as long as they keep them safe.
  • Hermione_Granger
    Hermione_Granger Posts: 1,418 Forumite
    Ninth Anniversary 1,000 Posts Name Dropper Combo Breaker
    bris wrote: »
    Companies can hold onto your info for six years as long as they keep them safe.
    That's not correct.
    There is no time limit specified in the DPA that personal data can be held for.
    However, it should only be held for as long as there is a valid reason for doing so.
    If the OP doesn't have a continuous payment agreement in place then I can't see a valid reason for keeping the card details.

    https://ico.org.uk/for-organisations/guide-to-data-protection/principle-5-retention/
    In brief – what does the Data Protection Act say about keeping personal data?

    The Act does not set out any specific minimum or maximum periods for retaining personal data. Instead, it says that:

    Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
  • [Deleted User]
    [Deleted User] Posts: 26,612 Forumite
    Eighth Anniversary 10,000 Posts Name Dropper Photogenic
    bris wrote: »
    Companies can hold onto your info for six years as long as they keep them safe.
    While six years is certainly the deadline most institutions choose to observe, it's not a statutory obligation. They can therefore delete the information sooner, or keep it for far longer, if they have valid reasons for doing so.
  • That's not correct.
    There is no time limit specified in the DPA that personal data can be held for.
    However, it should only be held for as long as there is a valid reason for doing so.
    If the OP doesn't have a continuous payment agreement in place then I can't see a valid reason for keeping the card details.

    https://ico.org.uk/for-organisations/guide-to-data-protection/principle-5-retention/

    That's how I see it.
  • martinsurrey
    martinsurrey Posts: 3,368 Forumite
    If the OP doesn't have a continuous payment agreement in place then I can't see a valid reason for keeping the card details.

    While the policy is active the OP could cancel and get a refund of unused premiums, that refund would be made to the same card as the payment was taken from, to help comply with money laundering and fraud, so they need the card details on file.

    That's a good enough reason.
  • Hoof_Hearted
    Hoof_Hearted Posts: 2,362 Forumite
    Part of the Furniture 1,000 Posts
    You could get a new card. Just tell the card company the old one has split and is unusable.
    Je suis sabot...
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.4K Banking & Borrowing
  • 252.9K Reduce Debt & Boost Income
  • 453.3K Spending & Discounts
  • 243.4K Work, Benefits & Business
  • 597.9K Mortgages, Homes & Bills
  • 176.6K Life & Family
  • 256.4K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.