We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Online data privacy

2

Comments

  • CazzieT
    CazzieT Posts: 41 Forumite
    Part of the Furniture 10 Posts Combo Breaker
    edited 6 September 2023 at 3:48PM
    If the customer has given them your number (deliberately or mistakenly) then there's no privacy breach and nothing the business can really do except ask the other account to check and update their contact details if they can identify it.

    It's highly unlikely that your number has somehow migrated onto someone else's account much more likely someone has put a wrong number in the box. 
    I hope that's the case but the company could indeed have asked the other party (I gave them their name and address) to check their account for accuracy but they haven't done anything to address my concerns or report back to me.  After all, it's on their watch and it really shouldn't have been for me to have to write a card, stick a stamp on it and post it! 
  • born_again
    born_again Posts: 21,400 Forumite
    10,000 Posts Sixth Anniversary Name Dropper
    They may have done that, but if other party does not respond. There is nothing they can do.
    Life in the slow lane
  • CazzieT
    CazzieT Posts: 41 Forumite
    Part of the Furniture 10 Posts Combo Breaker
    They may have done that, but if other party does not respond. There is nothing they can do.
    They could let me know the results of their enquiries!! 
  • PHK
    PHK Posts: 2,422 Forumite
    Eighth Anniversary 1,000 Posts Photogenic Name Dropper
    I disagree with some of what has been said here. If you notify a data controller that you are receiving information intended for a third party AND you provide proof that the number is yours then a breach has occurred of the other person's data.

    Provided you have given proof that the number is yours and that you are who you say you are then the firm should remove the phone number. If they don't then contact the Information Commisioners Office (ICO.org.uk) who will advise you.

    The breach is not of your data but that you are receiving someone else's data.
  • CazzieT
    CazzieT Posts: 41 Forumite
    Part of the Furniture 10 Posts Combo Breaker
    Thank you for your response and advice.  Yes, I agree that the other person's data has been breached and, what is more, they are not getting notifications that are intended for them alone. I have not been asked for proof that the number is mine, nor anything else for that matter since the company appears not to have followed up my complaint.  However, it is my number that is receiving the other person's notifications and I can follow through the tracking given in them, hence my viewing their name and address on the proof of delivery photo.  The company can check my personal details in my own account.  For my part, I think the company should explain what reasons there could be for my phone number apparently being linked to someone else's account, even if it might be through that account holder's error in entering their phone number.
  • CazzieT said:
    They may have done that, but if other party does not respond. There is nothing they can do.
    They could let me know the results of their enquiries!! 
    Well they could but they wouldn't be able to tell you much.

    presumably these texts you are getting are not that frequent - couldn't you just ignore them?
  • PHK said:
    I disagree with some of what has been said here. If you notify a data controller that you are receiving information intended for a third party AND you provide proof that the number is yours then a breach has occurred of the other person's data.

    Provided you have given proof that the number is yours and that you are who you say you are then the firm should remove the phone number. If they don't then contact the Information Commisioners Office (ICO.org.uk) who will advise you.

    The breach is not of your data but that you are receiving someone else's data.
    If the third party provided that phone number then I can't see that there is any breach in providing data to the number that the third party provided for that data to be sent to. 
  • PHK said:
    I disagree with some of what has been said here. If you notify a data controller that you are receiving information intended for a third party AND you provide proof that the number is yours then a breach has occurred of the other person's data.

    Provided you have given proof that the number is yours and that you are who you say you are then the firm should remove the phone number. If they don't then contact the Information Commisioners Office (ICO.org.uk) who will advise you.

    The breach is not of your data but that you are receiving someone else's data.
    It’s highly likely that it’s through the other person’s negligence that the OP is receiving their data.

    I get texts from Barclays quite often. I don’t bank with them or have any of their cards, yet I receive updates and OTP’s. I honestly don’t care, I just ignore. 
  • I genuinely don't understand how people can get so worked up about stuff that is so inconsquential.
    Someone else has created an account with this company and accidentally entered your number instead of theirs.
    If you're expecting a delivery from the company, read the messages.
    If you're not expecting a deliver from the company, ignore the messages.
  • If you really wanted to have your information deleted you can - it’s under the GDPR. However, that doesn’t necessarily mean they can delete your number from the other persons account. 

    As others have said, it’s more than likely that the company can’t search for customers via phone numbers. I’m sure you can see why they can’t just start deleting data at third parties requests. 

    I don’t actually think there is a data protection breach. The company isn’t sending you the other persons address to you. The person who is ordering these things are being asked for a number to be sent tracking details, and the company is sending the tracking details to that phone number. Hence the customer is releasing that tracking information to that number, snd no breach. Certainly not a breach of your information. 

    If you want to complain, all companies should have a data protection officer. This is the person who is responsible to ensure that the data protection aspects of the company are correct. You could ask for the enquiry to be sent to them.

    It’s unlikely that you would hear from the enquiry - as the information could be sensitive or identify the customer or the employees personal information. 

    Phone numbers are inherently limited. And this person could have had your number before you did. Or they could’ve typed the number in wrong. I don’t think there is any wrongdoing here. In fact, I could put in any number for any online order I do. I can’t hold the company for ‘breaching my data’ because they sent a message to the number I gave them with a link to tracking my order! 
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 352.1K Banking & Borrowing
  • 253.5K Reduce Debt & Boost Income
  • 454.2K Spending & Discounts
  • 245.1K Work, Benefits & Business
  • 600.7K Mortgages, Homes & Bills
  • 177.4K Life & Family
  • 258.9K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.2K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.