GDPR anyone?
Options
jlfrs
Posts: 68 Forumite
Hello all,
I have never been comfortable with credit reference agencies sharing my personal data amongst themselves and in the case of Experian, selling it on (and subsequently having it put at risk through being hacked). I am wondering whether the upcoming GDPR regulations in May might curtail these practices - the fines could be enormous:
https://www.eugdpr.org/
Does anyone have the inside track?
I have never been comfortable with credit reference agencies sharing my personal data amongst themselves and in the case of Experian, selling it on (and subsequently having it put at risk through being hacked). I am wondering whether the upcoming GDPR regulations in May might curtail these practices - the fines could be enormous:
https://www.eugdpr.org/
Does anyone have the inside track?
0
Comments
-
What is it you want to know? It's a big subject.0
-
That GDPR will prevent credit agencies from collecting and sharing personal data without my permission in the main. According to what I've read, I could exercise my "right to be forgotten" and insist Experian et al delete my data completely.
Same goes for insurance companies who share personal data between themselves.0 -
It's unlikely to be that simple. It will depend on what basis the data is being collected and processed.
An interesting Experian article here, that addresses some of that. http://www.experian.co.uk/crain/index.html#question11
In particular, they reference the rights of others as an opposition to being forgotten.
If you are able to exercise your right to be forgotten, it will probably mean no access to credit, as few mainstream lenders don't use CRAs. There's little practical difference between a poor credit history and no credit history, once you get past 18.0 -
Appreciated ZX81. The thought of approaching companies and institutions to become a "non-person" does have a certain attraction! However, as it's permission-based as in "if you do not consent to our using your data in this way we cannot accept your application, etc" then I imagine it'll largely be business as usual, otherwise some industries simply couldn't continue to function.0
-
Appreciated ZX81. The thought of approaching companies and institutions to become a "non-person" does have a certain attraction! However, as it's permission-based as in "if you do not consent to our using your data in this way we cannot accept your application, etc" then I imagine it'll largely be business as usual, otherwise some industries simply couldn't continue to function.
Consent is also one of multiple "Lawful Basis" for processing of data.
They can say they have a "Legitimate Interest" in processing your data or a "Contractual".
There's more to it than just Consent.Save £12k in 2019 -0 -
That GDPR will prevent credit agencies from collecting and sharing personal data without my permission in the main. According to what I've read, I could exercise my "right to be forgotten" and insist Experian et al delete my data completely.
Same goes for insurance companies who share personal data between themselves.
You are correct in that you will have a theoretical right to ask for all data to be deleted but this will not apply to data that is held by organisations because they either (a) have a legal obligation to do so or (b) have a requirement to hold it in order to provide you with a product or service.
The other thing that you will need to consider if you want to be completely 'forgotten' is how you will be expecting companies to provide you with financial services (loans, banking services and insurance etc) when your identity and credit history cannot be checked? In this respect you will cease to 'exist'. Fine if you want to live off the grid but most of us cannot.0 -
A couple of things to look out for; how will this affect water companies credit checking you and reporting your account to the CRAs without your permission, given that there are no T&Cs or contract in connection with domestic water supply? And, will banks be forced to gain your EXPLICIT consent before they supply CATO information to the CRAs?
Also, when GDPR comes in, you'll be able to apply for a SAR at no cost, so it would be a good idea to apply to the CRAs. That is, apply for a SAR instead of, or as well as, your credit report.
Realistically I think there will be a whole host of exemptions that will permit the CRAs and others to carry on exactly as they are now. Data processing legislation is already shot through with get-out clauses and general vagueness, and that is set to continue.0 -
Banks have a legal obligation to keep records for 5 years for the purposes of financial crime prevention, so you won't be getting any data deleted for at least that long.
After that point, you still won't have much luck under the right to be forgotten as firms will still be able to retain data for commercial reasons i.e. if you ever defaulted they can keep that data for as long as it's relevant to them.0 -
Deleted_User wrote: »It's unlikely to be that simple. It will depend on what basis the data is being collected and processed.
An interesting Experian article here, that addresses some of that. http://www.experian.co.uk/crain/index.html#question11
In particular, they reference the rights of others as an opposition to being forgotten.
Well they would say that, would they not?
It seems under GDPR consent to share and process data has to be asked for, not just some click box of hidden T&Cs."Love you Dave Brooker! x"
"i sent a letter headded sales of god act 1979"0 -
Well, yes, they would say that because that's what they're saying.
If they go the consent route, yes, it needs to be asked for. Explicit and unambiguous is how it's referred to.
But of course, they don't have to go the consent route and may choose another basis.0
This discussion has been closed.
Categories
- All Categories
- 343.2K Banking & Borrowing
- 250.1K Reduce Debt & Boost Income
- 449.7K Spending & Discounts
- 235.3K Work, Benefits & Business
- 608.1K Mortgages, Homes & Bills
- 173.1K Life & Family
- 247.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards