Data Protection stuff

pavarotti1980 said:
I will hopefully have after work as long as i take her passport to prove identity matches card details. She is weird and remembers the card number, expiry and CSV code so i have that too :)


Santander definitely dont


That was the customer services person repeating verbatim what the store manager was saying. I could hear the conversation they were having
Click to expand...

She’s not weird mate she uses it too much :lol: it’s a pain I know all too well.
 


Roger said:
As you say, probably company policy. It may well have been implemented as a result of GDPR, but I am pretty sure its not a requirement of GDPR to destroy credit cards 24 hours after you find them!
Click to expand...
The card is however the property of the bank that issued it. Their guidance or policy will no doubt be to destroy.

We’d complain if they didn’t and an employee got hold and was unscrupulous and complain if they do.

Can’t win can they.
 
It certainly isn't the general data protection law at work here. Most likey company policy to keep themselves in line with PCIDSS requirements. (Payment Card Industry Data Security Standards). A company isn't allowed to store full card details including the 3-digit security code printed on the back. Used to work in Infosec but I've been out of the loop for a while.
 
Bob Fleming said:
That is why I would tweet Sainsburys and make it public. I don't think they would want to be seen as having no common sense.
Click to expand...
Well I turned up said I had come to collect a card that waa left. Asked the name on card and handed it over. Didn't ask a single thing. Could have been anyone but I know have a card not in my name
 
Last edited:
pavarotti1980 said:
Not sure if there are any DPA/GDPR experts on here to give a bit of advice for something which wound me up more than being serious.

Mrs was shopping in Sainsburys last night and paid for her stuff at the self checkout and somehow managed to drop her bank card without realising and only noticed this morning on her way to work.

She rang Sainsburys and was told by their customer service person that the bank card had been found and handed in. However they stipulated that if it wasnt collected by the close of business tonight it would be automatically destroyed due to Data Protection Laws. She isnt able to go tonight to get it and they wont allow anyone to collect it on her behalf with a passport to prove it is the correct person

Now I'm no expert but it seems a little bit over zealous of them to destroy everything if not collected within 24 hours but surely this is a company policy and nothing to do with Data Protection and GDPR legislation?
Click to expand...

Fairly sure GDPR only applies to stored data. For example information held on file somewhere. I doubt your mrs bank card sitting in the managers office is going to breach any laws.
 
Just cancel your card and order a new one. Will take a day to get to you anyway. Not worth the petrol to go back.

I lost my card once and didn’t notice for a fortnight because I just use Apple Pay all the time now anyway.
 
HellsBells said:
Just cancel your card and order a new one. Will take a day to get to you anyway. Not worth the petrol to go back.

I lost my card once and didn’t notice for a fortnight because I just use Apple Pay all the time now anyway.
Click to expand...
Card picked up, on the way back (sort of) from work for me. Didn't bother making sure who I was or anything just handed it over. :lol::lol:
 

Back
Top