We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Bank customer profiles how long is data held for
Comments
-
First Direct have long memories! Knowing I'd never had a current account with them, I recently applied with the expectation of netting their switch bribe. However, post application they told me I was not a new customer! I searched the memory banks and recalled nearly 2 decades ago having a savings account with them for an extremely brief period.blue.peter said:When I closed my First Direct accounts, I was explicitly told that they'd retain my data "in case you ever decide to come back to us". So the clear implication is that they (and, presumably, the rest of HSBC) will keep customer data indefinitely.0 -
The point is that they cannot always justify it, their business justification must be proportionate and balanced against the customers rights. As per the example, it may be proportionate to keep the name and ID details of a person to prevent them from receiving two introductory bonuses but that same justification couldn't be used for keeping their medical records. A company could attempt to say they want to keep the medical records such that if the customer returns they can be used for cross selling purposes but its highly unlikely such a justification would be considered acceptable by the ICO.Nasqueron said:
I'm not sure why my posts have to be replied to, in order to provide a correction that simply says the same as I already did. A bank could always justify holding data for business purposes - hence what they "deem necessary".DullGreyGuy said:
They do hold some data at least as was refused transfer bonus to FD as allegedly held an ISA with them over a decade earlier.blue.peter said:When I closed my First Direct accounts, I was explicitly told that they'd retain my data "in case you ever decide to come back to us". So the clear implication is that they (and, presumably, the rest of HSBC) will keep customer data indefinitely.
Not strictly true, they must have a legitimate business need and the ICO have fined firms for holding onto data "just because" and not having a need.Nasqueron said:
Yes banks, and any private business, is allowed to hold data as long as they deem necessary.artyboy said:Once LBG decides they don't want you, they say that if you ever try to open an account with them, they will immediately close it. That suggests they consider it appropriate to retain forever at least a basic record of you for identification purposes.
Its not too hard to have a legimate need, like being able to manage brand new customer only offers, but still that'd be limited to data to identify the person, if you were also holding medical conditions for the purposes of the free travel insurance it would be hard to justifying retaining knowledge that a customer is HIV positive for the purposes of managing new customer promotions.
Per forum team advice, I am adding you to the ignore list.0 -
I believe the information commissioner requires organisations to have a data retention policy. I worked for the NHS and they have a very comprehensive policy for different types of information. Ask the bank for their data retention policy0
-
The clear implication is that FD (and not necessarily HSBC) will keep some customer data indefinitely, i.e. enough to validate (in)eligibility for new customer incentives.blue.peter said:When I closed my First Direct accounts, I was explicitly told that they'd retain my data "in case you ever decide to come back to us". So the clear implication is that they (and, presumably, the rest of HSBC) will keep customer data indefinitely.0 -
You shouldn't have to ask them. It should be published on their website alongside a Data Retention Schedule, Privacy Policy, Data Protection Policy etc.GrubbyGirl_2 said:I believe the information commissioner requires organisations to have a data retention policy. I worked for the NHS and they have a very comprehensive policy for different types of information. Ask the bank for their data retention policy0 -
Are you sure? If so this site is in breach of the data protection legislation and so is every other one that I've quickly looked at.boingy said:
You shouldn't have to ask them. It should be published on their website alongside a Data Retention Schedule, Privacy Policy, Data Protection Policy etc.GrubbyGirl_2 said:I believe the information commissioner requires organisations to have a data retention policy. I worked for the NHS and they have a very comprehensive policy for different types of information. Ask the bank for their data retention policy
They must have a published privacy policy and it must cover certain topics but not heard of them having to publish the retention schedule. This site (https://www.moneysavingexpert.com/site/privacy-policy/) simply states...
We'll only hold your personal information on our systems for the period necessary to fulfil the purposes outlined in this Privacy Policy and/or in cases in which you've provided your consent (which you may withdraw at any time), or until you request it is deleted (unless a longer retention period is required or permitted by law).
Which is a vast distance away from the 20 page retention schedule a prior insurer had which equally isn't published on their website0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.8K Banking & Borrowing
- 253.8K Reduce Debt & Boost Income
- 454.6K Spending & Discounts
- 245.8K Work, Benefits & Business
- 601.9K Mortgages, Homes & Bills
- 177.7K Life & Family
- 259.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards