Free Personal Data Request - from 25th May
962°Expired

Free Personal Data Request - from 25th May

224
Found 17th May
With the new GDPR legislation coming in to play on 25th May, you will be able to request all of your personal data for free from anywhere which holds this ie. Your bank, hospital, utility company etc.

This will be ideal for anyone thinking about claiming PPI, or needing their personal information for a PIP claim.

Companies can currently charge upwards of £10 for this request.
Community Updates

Groups

Top comments
maxcxa5 m ago

This has always been the case. Cold.


Not for free it hasn't
greenflower1234 m ago

is there a template to send to companies to see the data held on you?


I want to build a platform to make it super simple - ideally sends request to every company in Europe for you with the press of a button.
What price will increase to cover the (lost) charge or are you all very naive?

Like the betting terminal saga - bookies threatening staff will lose their jobs. So bookies have been propping their business up with fobt? Staff are not needed for the terminals. Costs have to be covered some how.
GDPR is causing more problems than it intends to solve at the moment.
224 Comments
I thought a tenner was the limit
Thanks
not free
GDPR is a new EU-wide law meaning the £10 fee can no longer be charged by any company. And they need to respond in a shorter timeframe, I think?
Edited by: "LonDealHunter" 17th May
chridt11 m ago

2 comments from people that can’t read


That made me laugh.
Police subject access request is £10.
ssc120 m ago

Police subject access request is £10.


Nope.
MrBeansDrivingInstructor24 m ago

The timeframe is 30 days. But hey, thank heavens that we won't have to …The timeframe is 30 days. But hey, thank heavens that we won't have to benefit from all that EU-wide nonsense soon. What did the Romans ever do for us? https://www.theguardian.com/technology/2018/apr/23/europe-gdpr-data-law-employer-employee


Why are we only getting this in 2018.
robo9892 m ago

Why are we only getting this in 2018.


I'm not sure that I understand the question.
Avatar
deleted494932
robo98917th May

Why are we only getting this in 2018.


We could be like every other part of the world - and not have these safeguards at all...

(People will always find a reason to moan)
chridt58 m ago

2 comments from people that can’t read


Really? I thought under current DPA SAR laws a tenner was the limit. Op states you can be charged upwards of by companies (that's not government agencies or the NHS for example).

Gdpr is welcome as is the abolition of the ability to charge such fees as part of it.
Edited by: "Sid.Harper" 17th May
This has always been the case. Cold.
Will check if I'm eligible for ppi
is there a template to send to companies to see the data held on you?
maxcxa5 m ago

This has always been the case. Cold.


Not for free it hasn't
greenflower1234 m ago

is there a template to send to companies to see the data held on you?


I want to build a platform to make it super simple - ideally sends request to every company in Europe for you with the press of a button.
What price will increase to cover the (lost) charge or are you all very naive?

Like the betting terminal saga - bookies threatening staff will lose their jobs. So bookies have been propping their business up with fobt? Staff are not needed for the terminals. Costs have to be covered some how.
GDPR is causing more problems than it intends to solve at the moment.
jackbremer11 m ago

I want to build a platform to make it super simple - ideally sends request …I want to build a platform to make it super simple - ideally sends request to every company in Europe for you with the press of a button.


I'm impressed by your keenness to increase employment in Europe. However, I'm not sure who you expect to pay all those extra pen pushers.

GDPR is great as a weapon against the huge data-abusers, but it's an absolute PITA for the self employed, small companies, clubs and other not-for-profits who need to jump through hoops just because they hold a customer / member database.

I was reading recently how a paper entry register breaches GDPR. The article recommended moving to an all-electronic entry system. Yeah, right, like my club can afford to do that.
This is going to bring down the economy!
BluesFanUK7 m ago

GDPR is causing more problems than it intends to solve at the moment.


Are you sure? It’s not much more involved than DPA it just clarifies the rules so that everyone follows it in the same way. Yes it’s a nuisance if you’re not processing data fairly for the data subject but most of it is common sense.
Great idea for employees who think their employers have been treating them unfairly. Request all information held about you, so any emails that have been sent between management etc that they thought wouldn't be seen, could all come back to bite them
BluesFanUK9 m ago

GDPR is causing more problems than it intends to solve at the moment.


I'd agree with this, the scope of it is too wide. It's put many small businesses into a position where they HAVE to hire a DPO to keep tabs on things which for many is a cost they can't afford.

My girlfriends company employs 6 people and is now having to fork out for data protection officer causing financtial stain on the business.
Solado3 m ago

I'd agree with this, the scope of it is too wide. It's put many small …I'd agree with this, the scope of it is too wide. It's put many small businesses into a position where they HAVE to hire a DPO to keep tabs on things which for many is a cost they can't afford.My girlfriends company employs 6 people and is now having to fork out for data protection officer causing financtial stain on the business.



Do they need to hold all that data on people? Can’t see why an organisation of that size would need a DPO. Sounds more like they need to lean their processes and streamline data storage and retention policies - a bit of work for a contractor for a few weeks at best?
maxcxa27 m ago

This has always been the case. Cold.



wrong. Under current DPA 1998 it was 40 days to respond and allowed to charge between £10 and £50 depending on complex it was to respond. Most often it was the £10. Under GDPR its 30 days and no charge is allowed to be made. Its going to cost GP's and hospitals a fortune. I know that my local health board will lose £120 000 a year immediately. There are a number of companies who process these on behalf of GP practices who will be going out of business after 25th May as their entire strategy is based on getting the fees.
I've been getting so much spam about this.
As someone who's having to deal with the backlash of this, please don't abuse it. It's a total nightmare to process and enough requests can be potentially very damaging
Can we charge a fee?
In most cases you cannot charge a fee to comply with a subject access request.

However, as noted above, where the request is manifestly unfounded or excessive you may charge a “reasonable fee” for the administrative costs of complying with the request.

*****

This is a load of nonsense and doesn't even make any sense at all. The SAR is free, so this crowd can jog on.
DazLFC17th May

Great idea for employees who think their employers have been treating them …Great idea for employees who think their employers have been treating them unfairly. Request all information held about you, so any emails that have been sent between management etc that they thought wouldn't be seen, could all come back to bite them


The law doesn't require them to disclose any specific documents or correspondence, just the personal data contained in these. E.g. your name, DOB, etc.

This is why this really isn't necessary (or even sufficient) for PPI claims, where what you really need to ask is "Did I have PPI?", "What did it cost?", etc. None of which is "personal data" under GDPR or DPA.
alanbeenthere10 m ago

I've been getting so much spam about this.


It’s not spam. Under the new regulation, after the 25th of May, companies need new consent in order to send you any marketing. Therefore they are trying to get you to re opt in so that you can continue to receive their emails. Just ignore them and they will no longer be able to contact you.

For companies like google, you will have no option but to agree to their new privacy policy unless you don’t want to use them. Much or less the same as it is just now.

It’s a lot more complicated but that’s just in simple form.
Solado23 m ago

I'd agree with this, the scope of it is too wide. It's put many small …I'd agree with this, the scope of it is too wide. It's put many small businesses into a position where they HAVE to hire a DPO to keep tabs on things which for many is a cost they can't afford.My girlfriends company employs 6 people and is now having to fork out for data protection officer causing financtial stain on the business.


No it isn't. It's a good thing it is so wide. You should have a DPO either dedicated in-house or outsource one. Data protection is so important.
Pyongyang4 m ago

No it isn't. It's a good thing it is so wide. You should have a DPO either …No it isn't. It's a good thing it is so wide. You should have a DPO either dedicated in-house or outsource one. Data protection is so important.


Anyone can be the DPO within the company. Just appoint yourself. Make sure you know the responsibilities first though. Or should I say the consequences.
FoleyIsGood20 m ago

The law doesn't require them to disclose any specific documents or …The law doesn't require them to disclose any specific documents or correspondence, just the personal data contained in these. E.g. your name, DOB, etc.This is why this really isn't necessary (or even sufficient) for PPI claims, where what you really need to ask is "Did I have PPI?", "What did it cost?", etc. None of which is "personal data" under GDPR or DPA.



Wrong. You are entitled to see any emails or correspondence in which you are mentioned. Of course they have to redact any information which relates to another employee.
be careful with your bank as they can at there discretion close your account
djbarbee9 m ago

be careful with your bank as they can at there discretion close your …be careful with your bank as they can at there discretion close your account


33812917-kE6MU.jpgthis is from Natwest privacy policy
Just when I thought that GDPR was to pervasive that people could not avoid it. These comments make it abundantly clear that there are still enough people without a single clue:

GDPR replaces the DPA on the 25th of May 2018.
Banks cannot close your account at "there discretion".
Companies contacting you about GDPR are doing so because the have to, it isn't "spam".
It hasn't always been free.
GDPR requires disclosure of any documents in which you are mentioned, which is why the 'one subject per e-mail' policy is in place for many organisations.

Seriously, if some of you just take the time to take a GDPR training course, or just read the publicly available information, you might understand why GDPR is good. It is evident from the comments here that a lot of you have not so much as looked at any information about it.
djbarbee22 m ago

be careful with your bank as they can at there discretion close your …be careful with your bank as they can at there discretion close your account



there loss as another bank will take your business and your old bank still have to disclose your request for the information
they hold on you so it would make no sense for the bank to close you out
There is one caveat to all this. There is an option for the Government to reintroduction a charge if they decide that would be of benefit. The ICO appear to be leaning in favour of an reintroduction. The loss of the money is considerable to non-profit orgainizaitons.
Post a comment
Avatar
@
    Text