Pension provider GDPR breach?

BUDFORCE

BUDFORCE

BUDFORCE

Soldato
Joined
3 May 2012
Posts
9,469
Location
Wetherspoons
Just thought I'd throw this out there, no names being mentioned for obvious reasons.

I have an employer based pension, a couple of months ago we got switched to another type of online account.. I guess fine no problems with that.

however when those accounts were migrated, it appears they had some issues.

Now I wont write the email out word for word, but this comes from someone pretty high up in the organisation (pension provider not my employer) saying something like:

  • processing error made - incorrect postcode or email may have been shown
  • may have received an email with a wrong salutation and name
  • may have received a letter regarding a change of address
  • they are fully investigating the issue so this doesnt happen again


This happened a few months ago, fine, moved on with my life. I did received a letter from them about a change of address, but again, my details on there, fine no harm done.

Today I received a letter which I opened, from this same pension provider, at my address, however this letter contained someones elses name and customer information.

I called the pension provider today and had a good chat with them, informed them that I had someone elses information, asked if my information had been shared. I also said I was someone concerned about, what at least to me, seems like quite a serious issue with their data handling, and also about UK GDPR regulation, and with them being an FCA regulated firm how this can have quite an impact. I also read out the email about how they are fully investigating the issue, so that it doesnt happen again, but that it clearly has......

She logged this as a complaint.

Wonder what they will say when they get back to me?
 
Life and Pensions providers have a standard procedure to follow for complaints. See what they say when you get a response, but make sure you tell them you've lost all faith with them not leaking your own information to another customer and its causing you distress. You'll probably end up with a cheque for £250 to try and settle the complaint.
 
8 weeks passed and they didn't resolve the complaint, they didn't even attempt to.

They have breached FCA regulation just on that alone.

Just got an email saying as it's been 8 weeks you can go to the ombudsman.

So that's exactly what I've done.
 
Devilman said:
You have given out more personal information via Social Media and Internet Forums....

The faux outrage is strong in this thread.
Click to expand...

No, not really, dont do social media.

Secondly I am not a company worth many millions with directors and shareholders taking huge dividends to (not) ensure they can keep personal data safe.
 
BUDFORCE said:
8 weeks passed and they didn't resolve the complaint, they didn't even attempt to.

They have breached FCA regulation just on that alone.

Just got an email saying as it's been 8 weeks you can go to the ombudsman.

So that's exactly what I've done.
Click to expand...

Good. It's important to hold these companies accountable. The FCA are generally ruthless so I'm sure they'll get sorted out. You could always copy in the ICO.
 
Thekwango said:
do you regularly give out your name, address, postcode etc on social media and internet forums?
Click to expand...

Do you have any idea how many times your name, address, postcode, email address etc.. has been shared across "data brokers" who do nothing but re-sell contact information to various spam companies?

Laughable.
 
You must log in or register to reply here.
Back
Top Bottom