Community
Classroom
Calendar
Members
Map
Leaderboards
About
1d • GDPR for Credit Card Loans etc
ICO INVESTIGATION BLAH BLAH BLAH
Depending on the circumstances, we will decide whether or not to take action against the organisation and what form our action will take. We do this by taking an overview of all concerns that are raised about that organisation with a view to improving their compliance with the data protection framework. Our decision will not affect your ability to enforce your rights through the courts.
Your complaint
My understanding is you are concerned you did not receive the information you requested in your subject access request (SAR).Please note that when you submit a subject access request (SAR), you are only entitled to receive copies of your own personal data. The data protection legislation considers personal data to be data that identifies you as a person. We have more information on what is personal data on our website, although this is aimed at organisations you may find this useful. Therefore, when you submit a SAR you are not necessarily entitled to receive copies of full documents. Rather, you are entitled to receive copies of your personal data contained within the documents held.Although the UK GDPR gives an individual the right to make a request to an organisation for copies of the information that is held about them, it does not require an organisation to provide copies of an original document, such as a deed and notice of assignment.I note that you wish for a copy of the deed of assignment as part of your SAR but please be aware that CF are unlikely to supply this document. This is because it does not identify you (either directly or indirectly) and so would not be considered your personal data under the UK GDPR. However, you will be informed of the passing on of your debt by the original lender as covered in the terms and conditions of your contract. If you feel the debt was not owed to the original lender then you should raise this with them directly who will then confirm this to CF. It is the responsibility of the organisation to ensure that they have appropriate security measures in place to protect the personal data they hold. This is likely to differ depending on the type of request or issue being dealt with. The UK GDPR does not define the security measures that organisations should have in place and we cannot provide a complete guide to all aspects of security in all circumstances.
Next steps
If, having considered the above guidance, you still believe that CF have not provided you with an adequate response to your request then please let me know.Your case with the ICO is now closed until we receive this additional evidence.We keep a record of all the complaints raised with us about the way
organisations process personal information. The information we gather from complaints may form the basis for action we may take in the future to ensure organisations meet their information rights obligations.
2
1 comment
Checkmate Attendee
6
ICO INVESTIGATION BLAH BLAH BLAH
Checkmate The Matrix
skool.com/checkmatethematrix
The Remedy Gym for mankind—train in rights, real law, and equity to beat the Matrix with discipline, balance, knowledge, and focus, win or learn
Become Affiliate For Checkmate
Check-Chatbot Ask Legal Questions
Create Your Own Skool Community
Leaderboard (30-day)
1
Ali Bee
+584
2
Kev Baker
+458
3
Rafal Suliga
+422
4
Checkmate Attendee
+324
5
Melanie Lambert
+251
Powered by