Business sharing my personal data to other businesses

Aylesbury_Duck

There are no businesses B, C or D.  Business A is bluffing.

EllieJade1995

Aylesbury_Duck said:

There are no businesses B, C or D.  Business A is bluffing.

I just don’t know why! They’re saying if they hear back they’ll report me, so what’s the point if they’re bluffing? I can’t actually work out what they’re doing because I haven’t even made a claim with them, they haven’t lost any money & they’re saying if they hear back from another business they’ll report! 

born_again

Or that A,B,C & D are one & the same company or part of a group trading under different names?

EllieJade1995

Grumpy_chap said:

DE_612183 said:

So you think t hat Business A who you had a problem with ( hoever minor ) has phoned up Businesses B, C & D and said - "Have you had an issue with Ellie Jade of Number 7 Nowhere St?"

EllieJade1995 said:

I would assume that’s what they’re insinuating too but it’s concerning someone can just do that, as of course there will have been problems with deliveries. 

 

I am failing to understand this - and DE_612183 expressed the issue as I understood from the OP.

Business A (selling party goods) experienced an issue with the OP possibly making a hasty claim for non-delivery / partial delivery / goods missing.
How would Business A select the other Businesses B, C & D to ask?
If Business A did make such a request, how would the other Businesses B, C & D respond?  Or even have an interest to find out?

Would B, C & D be other businesses selling party goods (so competitors of A)?
Would B, C & D be other businesses local to A or acquaintances of A (but quite possibly wholly different nature businesses of no interest to the OP)

Well that’s exactly what I can’t work out. All I can think is they’re saying they’ve asked similar small businesses to them, but even then.. would numerous people be stupid enough to give out customers personal data? There is a similar business who I do have a claim with, who I have now reached out to, to ask if they have done this.

That’s where it doesn’t add up for me, they’re supposedly contacting their competitors and supposedly these competitors are handing out information willy nilly? 

EllieJade1995

born_again said:

Or that A,B,C & D are one & the same company or part of a group trading under different names?

I had a look on companies house and it’s only them, although I’m not 100% what I’m looking for to find that info out. 

Grumpy_chap

born_again said:

Or that A,B,C & D are one & the same company or part of a group trading under different names?

If there are linked businesses, then data can possibly be shared without breaching GDPR.

EllieJade1995

Grumpy_chap said:

born_again said:

Or that A,B,C & D are one & the same company or part of a group trading under different names?

If there are linked businesses, then data can possibly be shared without breaching GDPR.

From what I can see there are no linked businessess 

sonearandyetsofa

Just a thought, but is it possible they're talking about some kind of fraud prevention database rather than them actually contacting other individual companies about you? I know the company that processes our online card payments uses one, and there's more than one available. If you have a dispute with DPD that's escalated to the point where they've put you on some kind of "don't deliver" list chances are this information or some of it is already recorded with one of these databases. Fraud prevention is recognised as a legitimate reason for organisations to process store and share information - more info on this web page which I sadly don't have time to read right now: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/data-sharing/sharing-personal-information-when-preventing-detecting-and-investigating-scams-and-frauds/

The database ours uses isn't limited to proven fraud, but also things like multiple returns, reported non-receipt of items, things like that. They give every transaction a score that helps the retailer work out how much risk they're taking by processing the order.

It's pretty unprofessional of them to be telling you this like it's some kind of threat, but it doesn't necessarily mean they breached GDPR.

EllieJade1995

sonearandyetsofa said:

Just a thought, but is it possible they're talking about some kind of fraud prevention database rather than them actually contacting other individual companies about you? I know the company that processes our online card payments uses one, and there's more than one available. If you have a dispute with DPD that's escalated to the point where they've put you on some kind of "don't deliver" list chances are this information or some of it is already recorded with one of these databases. Fraud prevention is recognised as a legitimate reason for organisations to process store and share information - more info on this web page which I sadly don't have time to read right now: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/data-sharing/sharing-personal-information-when-preventing-detecting-and-investigating-scams-and-frauds/

The database ours uses isn't limited to proven fraud, but also things like multiple returns, reported non-receipt of items, things like that. They give every transaction a score that helps the retailer work out how much risk they're taking by processing the order.

It's pretty unprofessional of them to be telling you this like it's some kind of threat, but it doesn't necessarily mean they breached GDPR.

I don’t think so, she specifically said she “contacted other small businesses” which I think was indicating similar brands to her, which would seem coincidental if they all seemed to be part of this and seemed to have an issue. She also contradicted herself as she said people had come back to her, but then at the end she said “if any businesses come back I will report” did you not just say they have? And then “you won’t hear from me again unless any of the businesses come back”. 

I contacted the only other companies i’ve ever had an issue with and they confirmed they haven’t spoken to another business and aren’t allowed to because of GDPR, one even said they “wouldn’t be so foolish” to discuss a customer if someone approached them. I’m pretty sure even if they had discussed on what you’ve mentioned, it’s still sharing your data which even if it’s not breaking GDPR laws they have to confirm they’d have done so. 

I’m honestly not sure what she’s doing to be honest, I’d think what’s the point of saying people have come back if they haven’t but then seemed like a weird email. I think they probably didn’t expect me to mention about ICO and trading standards.