We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Company dealing with my complaint Breaches Data Protection Act?
growler834
Posts: 209 Forumite
We are currently in dispute with a cruise company regarding lack of information & bad customer service received on a recent cruise.
I emailed my complaint to their Head Office & unbeknown to me another couple who had been in our large group of fellow passengers had also complained. This couple knew we were going to complain & it would appear they mentioned us in their email & they outlined the same issues (issues that affected all the passengers).
The reply we received from the company included the other couple's email address & it began 'Dear Mr & Mrs A and Mr & Mrs B'. I believe this was a Breach of Data Protection as my email address & the content of my complaint was shared to another person without my consent.
When I stated this to the company the employee wrongly stated that we were relatives & that because I had mentioned their names in my email he hadn't breached the DPA. At no time had I mentioned anyone's names in my email & we are certainly not relatives. We knew them from a previous cruise & we were all members of a Facebook group for the cruise.
I would be grateful if anyone is aware if I am correct about this being a Breach? If so & they don't accept it what is the next step I should take? They have already offered us a 'Goodwill gesture' for my initial complaint (which is unsatisfactory as it can only be used if we book another cruise with them) but I feel this breach needs addressing.
I emailed my complaint to their Head Office & unbeknown to me another couple who had been in our large group of fellow passengers had also complained. This couple knew we were going to complain & it would appear they mentioned us in their email & they outlined the same issues (issues that affected all the passengers).
The reply we received from the company included the other couple's email address & it began 'Dear Mr & Mrs A and Mr & Mrs B'. I believe this was a Breach of Data Protection as my email address & the content of my complaint was shared to another person without my consent.
When I stated this to the company the employee wrongly stated that we were relatives & that because I had mentioned their names in my email he hadn't breached the DPA. At no time had I mentioned anyone's names in my email & we are certainly not relatives. We knew them from a previous cruise & we were all members of a Facebook group for the cruise.
I would be grateful if anyone is aware if I am correct about this being a Breach? If so & they don't accept it what is the next step I should take? They have already offered us a 'Goodwill gesture' for my initial complaint (which is unsatisfactory as it can only be used if we book another cruise with them) but I feel this breach needs addressing.
0
Comments
-
You could sue them under the Data Protection Act for damages due to the distress caused by their breach.
Alternatively you could report their behaviour to the Information Commissioner's Office and let them deal with it.
Which you choose will depend on what you want to achieve.0 -
EDIT: I just re-read your post and can see that THEY mentioned you in their email, not the other way round.
I'd say follow the advice as above
0 -
Maybe it’s a devious way of checking if you too were dissatisfied or if the other parties lied.0
-
Email addresses are personal data. So this is arguably a technical breach of the DPA if your email address was shared without your consent.
The actual content of your complaint is unlikely to constitute personal data, so sharing that would not be a breach of the data protection act.
The Data Protection Act says you need to have suffered actual 'damage' to be able to pursue a case like this, which you can't do. Even if you did win the case what would the compensation be - £1 perhaps? It is completely pointless pursuing this.
It is unreasonable to feel that accidentally revealing someone's email address is a 'breach that needs addressing'.I feel this breach needs addressing.
Back in the real world, people do sometimes send emails to the wrong address. Humans will always make mistakes. The courts and the Information Commissioner's Office will not be in the last bit concerned.0 -
steampowered wrote: »
It is unreasonable to feel that accidentally revealing someone's email address is a 'breach that needs addressing'.
Back in the real world, people do sometimes send emails to the wrong address. Humans will always make mistakes. The courts and the Information Commissioner's Office will not be in the last bit concerned.
The employee didn't accidentally reveal my email address. He admitted he had sent us a joint reply as we were 'relatives' and had named each other in our emails. We are not relatives & I didn't name anyone else in my emails.0 -
I believe the main crux of steampowered posts was that you have not actually suffered any damages as a result of the 'breach' as such if you went down a lawsuit route it would be frivolous. Certainly report it to the ICO, though I'm not sure how steadfast they would continue with the enquiry.0
-
growler834 wrote: »We knew them from a previous cruise & we were all members of a Facebook group for the cruise.
I would be grateful if anyone is aware if I am correct about this being a Breach? If so & they don't accept it what is the next step I should take? They have already offered us a 'Goodwill gesture' for my initial complaint (which is unsatisfactory as it can only be used if we book another cruise with them) but I feel this breach needs addressing.
You actually know these people and have contact with them on facebook so your going to be sharing alot more personal information on there than has been sent to them by this company.
I think it's way OTT to think this is a breach that needs addressing and it sounds like you are blinded by pound signs in your eyes.0 -
I believe the main crux of steampowered posts was that you have not actually suffered any damages as a result of the 'breach' as such if you went down a lawsuit route it would be frivolous. Certainly report it to the ICO, though I'm not sure how steadfast they would continue with the enquiry.
Sorry but that's inaccurate....you don't need to prove any damages to get £250-£750 for a DPA breach...0 -
Computersaysno wrote: »Sorry but that's inaccurate....you don't need to prove any damages to get £250-£750 for a DPA breach...
Care to elaborate for the benefit of OP? 0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 354.4K Banking & Borrowing
- 254.4K Reduce Debt & Boost Income
- 455.4K Spending & Discounts
- 247.3K Work, Benefits & Business
- 604K Mortgages, Homes & Bills
- 178.4K Life & Family
- 261.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards