GDPR - anyone working in this area?

GDPR - anyone working in this area?

Author
Discussion

TheRainMaker

6,302 posts

241 months

Wednesday 13th June 2018
quotequote all
jonamv8 said:
TheRainMaker said:
Complaint gone into the ICO about the ICO, total incompetent shower of s*^t.

Let us see if that finally gets a response from them, all we want to do is give them money hehe

Over a month now to try and get DD payment details, no response from email, phones just ring and ring.
HAHAHA yeah I'd like to complain to the ICO, about the ICO and their utter lack of real guidance from SMEs or even awareness.

and for taking me away from making money to devise some bureaucratic policy that no one will ever read
Still no response hehe don't think I have ever dealt with a government department who are actually this bad.

Efbe

9,251 posts

165 months

Wednesday 13th June 2018
quotequote all
jonamv8 said:
Dixons Carphone hack: Millions of customers' details stolen in huge cyber attack - The Independent

Theyve fallen short in their data security according to their MD.

Is this the first big breach since May D/L? Will they get hammered by ICO?

I wonder whether they’d updated their provacy policy....
Just got a text from Carphone warehouse saying my details may have been had. Haven't had a contract with them for years, so I guess they haven't been following GDPR!
I'm sure they will claim it was from pre-GDPR, but in that case how can they contact me now!

plasticpig

12,932 posts

224 months

Wednesday 13th June 2018
quotequote all
Efbe said:
Just got a text from Carphone warehouse saying my details may have been had. Haven't had a contract with them for years, so I guess they haven't been following GDPR!
I'm sure they will claim it was from pre-GDPR, but in that case how can they contact me now!
GDPR said:
When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall communicate the personal data breach to the data subject without undue delay.

Efbe

9,251 posts

165 months

Wednesday 13th June 2018
quotequote all
plasticpig said:
Efbe said:
Just got a text from Carphone warehouse saying my details may have been had. Haven't had a contract with them for years, so I guess they haven't been following GDPR!
I'm sure they will claim it was from pre-GDPR, but in that case how can they contact me now!
GDPR said:
When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall communicate the personal data breach to the data subject without undue delay.
well maybe they do have the correct policies in place now!

ashleyman

6,962 posts

98 months

Wednesday 13th June 2018
quotequote all
Another first for me today. I'm a photographer so I sometimes post my photos to Instagram. My business email is on my profile so people can get in touch.

Today I received this, the image I've blurred is one of my own images. They're using my own image to sell to me. I'm tempted to send them a bill for use of my image in marketing which they shouldn't be doing as they don't have permission to use it.


jonamv8

3,145 posts

165 months

Wednesday 13th June 2018
quotequote all
TheRainMaker said:
jonamv8 said:
TheRainMaker said:
Complaint gone into the ICO about the ICO, total incompetent shower of s*^t.

Let us see if that finally gets a response from them, all we want to do is give them money hehe

Over a month now to try and get DD payment details, no response from email, phones just ring and ring.
HAHAHA yeah I'd like to complain to the ICO, about the ICO and their utter lack of real guidance from SMEs or even awareness.

and for taking me away from making money to devise some bureaucratic policy that no one will ever read
Still no response hehe don't think I have ever dealt with a government department who are actually this bad.
LOL Pathetic by them

Don’t think I’ve ever seen such a far reaching bit of legislation with so little promotion and such awful implementation. Heads should roll tbh

Makes me feel better about having done very little to satisfy GDPR or pay them any cash the robbing b4st4rds

Frimley111R

15,535 posts

233 months

Thursday 14th June 2018
quotequote all
TheRainMaker said:
Still no response hehe don't think I have ever dealt with a government department who are actually this bad.
They're all bloody useless. Not one commercial or common sense brain cell amongst them.

Hoofy

76,253 posts

281 months

Thursday 14th June 2018
quotequote all
It's not incompetence. It's really really effective GDPR at work. You send in your details, they delete it immediately.

jonamv8

3,145 posts

165 months

Tuesday 19th June 2018
quotequote all
Can anyone see the irony here:

Paul Bambridge <enquiries@gdprcomplianceservice.com>
GDPR: Does my website have to comply?

Hello,

With the official enforcement of GDPR ('General Data Protection Regulation') - the new data privacy law by the European Union effective 25th of May 2018, the biggest question that's in the buzz is "Does my website have to comply at all. If so, where and how to Start with GDPR Compliance?"

If you or your business is dealing in anyway with EU/UK customers then your website needs to be GDPR compliant to avoid paying hefty fines. It doesn’t matter whether you are residing in EU region or not, you are still liable.

We’ve taken our commitment to GDPR seriously and have done our best to beat all jargons, and in very simple lingo present the meaning and basic terminology involved with GDPR. Accordingly, we have listed 10 initial straightforward changes you should make to your website to be GDPR compliant. Please visit our page on www.gdprcomplianceservice.com for all the info surrounding GDPR and email marketing.

If you’d like to find out more or in case of any queries pertaining to GDPR compliance of your website, please do get in touch with us. We'd be more than glad to assist in every possible way we can.

Regards,
Paul Bambridge

P.S. To erase your name from our mailing list, simply reply to optout@gdprcomplianceservice.com

ashleyman

6,962 posts

98 months

Tuesday 19th June 2018
quotequote all
jonamv8 said:
P.S. To erase your name from our mailing list, simply reply to optout@gdprcomplianceservice.com
Breaking the rules to sell GDPR advice. Yeah, no thanks.

Jakg

3,451 posts

167 months

Tuesday 19th June 2018
quotequote all
ashleyman said:
Breaking the rules to sell GDPR advice. Yeah, no thanks.
Not breaking the rules if it's B2B.

ashleyman

6,962 posts

98 months

Tuesday 19th June 2018
quotequote all
Jakg said:
Not breaking the rules if it's B2B.
I meant in a sense that they assumed auto-opt-in and no unsubscribe link.

jonamv8

3,145 posts

165 months

Tuesday 19th June 2018
quotequote all
Jakg said:
ashleyman said:
Breaking the rules to sell GDPR advice. Yeah, no thanks.
Not breaking the rules if it's B2B.
No opt in, no legitimate interest. They have clearly purchased my details along with a million others and are spamming them. Surely this contravenes PECR too? Also an assumption that this came to a business email, well it actually came to an email I use for both so where do you stand on that? Surely out of the million leads they no doubt bought, there would be some none business emails in there so that would be in breach of GDPR, from a GDPR consultant at a GDPR company.

Already heard about a few scams, that's to be expected but this looks legit.

You wouldn't catch TinRobot doing this!!

Leithen

10,799 posts

266 months

Tuesday 19th June 2018
quotequote all
Good to have you back TinRobot.

jonamv8

3,145 posts

165 months

Tuesday 19th June 2018
quotequote all
Leithen said:
Good to have you back TinRobot.
DELETED: Comment made by a member who's account has been deleted.
has it quietened down for you yet TR ?

Mojooo

12,668 posts

179 months

Wednesday 20th June 2018
quotequote all
Here is an interesting one.

Can you cancel a contract if you don't agree to the data terms?

Let me give you an example.

I booked a leisure activity - something fun to do for 90 minutes. I paid £30.

When I arrived at the venue they made us fill out a form and one of the things you agreed to was 'you agree to company taking your photos and you agree to company using your photo for marketing'.

The kinds of photos they are talking about are a bit like Alton Towers where they try to sell it to you later - you are aware of the photos as they tell you when they are taken.

Like most people I suspect, I don't mind them photographing me for that specific purpose (and assuming its destroyed reasonably soon after) but I certainly don't like the idea of that photo being used for marketing in ways I have no control over and have no idea where it might appear. I appreciate the chances of this are extremely unlikely in reality.

Supposing I declined to agree - would they have to refund me? I presume it forms part of their terms and conditions and since they didn't show it to me before I agreed and paid it technically means either a) they cannot rely on it or b) the contract has not actually formed until I agreed - so I could have asked for a refund.


TheRainMaker

6,302 posts

241 months

Wednesday 20th June 2018
quotequote all
Can you just not put a line through the bit you don’t agree with? Wouldn’t think the person at the attraction would give a monkeys.

ozzuk

1,173 posts

126 months

Wednesday 20th June 2018
quotequote all
Has anyone found any good sources of GDPR training from an IT perspective? We've had HR solicitors in to give us an overview, but obviously that was from an HR perspective. I'm frequently being turned to as a GDPR expert (IT Ops manager) and I've a good understanding but would like to do something more tangible and directly related to IT compliance.

We usually use Learning Tree for IT training, but they only have a 1/2 day overview course. I'd prefer online - the knowledge academy has a GDPR foundation and praticitioner online course for a few k, anyone tried it or have a better suggestion?


plasticpig

12,932 posts

224 months

Wednesday 20th June 2018
quotequote all
jonamv8 said:
No opt in, no legitimate interest. They have clearly purchased my details along with a million others and are spamming them. Surely this contravenes PECR too? Also an assumption that this came to a business email, well it actually came to an email I use for both so where do you stand on that? Surely out of the million leads they no doubt bought, there would be some none business emails in there so that would be in breach of GDPR, from a GDPR consultant at a GDPR company.

Already heard about a few scams, that's to be expected but this looks legit.

You wouldn't catch TinRobot doing this!!
If it's a business email address that is used for a limited company or partnership then they are not doing anything wrong. Self employed is far more of a grey area and should be based on opt in.

Quality of email lists depends on the price you pay. There are very good lists out there where each email address has gone through a verification process.


jammy-git

29,775 posts

211 months

Wednesday 20th June 2018
quotequote all
Can anyone point out where in the GDPR guidelines it says that either 1) it doesn't cover B2B or 2) business email addresses are fair game?