Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

Barclays will blame loss of data on the Iron Mountain fire. Good luck with this

-> http://forums.all-about-debt.co.uk/s...l=1#post343809

BBC -> http://news.bbc.co.uk/1/hi/england/london/5175568.stm

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

Niddy, it is Barclaycard who run the MasterCard account. I never signed up to my knowledge for this and just accepted that this was normal in the days when we did not have access to wonderful web site like this.

Bill, I will send two SAR's request then one to Sentinel and the other to Barclaycard (MasterCard account) that should be very interesting, the cost of £20 is nothing compared to the interest that they owe me for taking this money unlawfully.
Tuttsi x

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

Interesting blog link 5corpio - I particularly like:
" The Financial Ombudsman Service can consider complaints that are within the scope of the scheme but has to determine them based on what it thinks should have been decided under the scheme rules. "
This implies that the door may still be open in some cases - but of course, it depends on the FOS to decide - so don't expect it to be easy-peasy !!!

Further down, we have this:
"Compensation scheme results
By 5 March 2015, the scheme administrators paid £451m of compensation to 2.37 million claimants, an average of £190 per claim. This represents a response rate of 33.9% of all potential claims. "

So - doesn't that mean that around two-thirds of those who were mis-sold CPP policies never received any redress ? That means that CPP got away with around £900 million - thanks to the FCA's nifty little 'Scheme' - and that is just the tip of the iceberg when we consider the CPP-associated account interest that the lenders have quietly pocketed from mis-selling CPP over the years.

That's an interesting thought as regards the commission, Niddy. Sending 2 DSAR's looks like a good move. You may even be able to reclaim the DSAR cost as part of your redress, Tuttsi !!!

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

Mastercard is a brand - you can't SAR Mastercard. You'd usually SAR whoever you took the agreement out with, ie Lloyds. However for your purposes and for completeness Id send one to Sentinel as well. They will have different details to the bank plus they'll likely show the commission paid to the bank for your referral.

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

CPP card and identity protection compensation scheme closure - latest on blog and back dates - HERE

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

Thanks Niddy

I will use that SAR as I believe it covers everything that I require.

Bill, should I send a SAR to both Sentinel as well as MasterCard, what is your suggestion? MasterCard took the money, I have never really had any direct contact with Sentinel, but I am sure interest(ed) (excuse the pun) it getting the max amount back for their wrong doing.

Tuttsi x

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

Thanks for posting the DSAR here, Niddy - and I must say that sure seems like a magnificent and comprehensive job !!!

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

Bill,

Below is a SAR that was proof-read by a solicitor and does indeed cover everything that would be required by a data subject, within a SAR. You are free to use / edit as you please.

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

Of course - I should have remembered that you see the DPA from 'the other side of the counter,' as it were, Niddy - and I appreciate your explanation of the way it all works. So it appears that for an account that is still 'live,' the firm must keep records going back to account inception - and that of course concurs with the CCA s.77-79 principles. But for an account that is now closed, the HMRC rules stipulate that data only needs to be retained for 6 years after the closure date - and therefore we should still have full access to it. So for an account closed in May 2009, we should still have access to data going back to May 2003 ? That is probably what AC was mentioning as regards the Money-Laundering Regs. - although it may simply be to encompass DSAR's where mortgage accounts were involved, as they get 12 years, I believe.

As regards the 'account-specific' data - yeah, I get that. Putting account numbers in a DSAR is to assist the DPO, but they will sometimes abuse that help and restrict the data to just those accounts. What is needed is as much 'Data Subject' info as possible, such as previous surnames & addresses etc. - and perhaps a paragraph to make it clear that 'account-specific' is not good enough.

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

We are DPA registered too mate. The way it works is a mixture between ICO guidelines and HMRC Business rules. The ICO are quite specific in that they stipulate you can only process data for as long as is relevant. For example whilst the customer holds an account. Once the customer no longer has a LIVE account the historic data is archived and purged anytime after 12 months.

However HMRC state businesses must retain financial records for at least 6 years from closure of account which really means that coupled with the ICO guidelines, a business should retain all data about the subject (customer) from the day of first account or service inception until 6 years AFTER closure of any remaining accounts or services.

So if a bank only provides 6 years data on a 12 year account they're in breach of DPA and you can complain to the ICO followed by a complaint to the FOS. The FOS would then determine if, as a result of the bank destroying "live" historic data, you were / are in a worse off position. If they lose / destroy paperwork then the FOS estimate in your favour if it's a case of the bank offering a derisory refund for instance.

However, you are the data subject hence we always say it's a SAR (subject access request). You're the subject requesting all data held about you. Some banks only send account specific data - another breach. It's EVERYTHING about YOU (the data subject).

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

I have always used the DSAR abbrevo since my penalty charge reclaiming days, as DSAR's are made pursuant to the Data Protection Act (DPA) - which I believe defines a 'Data Subject' as the person (or entity) whose data is being stored and/or processed by a firm or organisation - but many peeps seemed to think that the 'Subject' was the data itself, which led to confusion occasionally when discussing these in the forums. DSAR stands for 'Data Subject Access Request,' which is a 'Request' by the 'Data Subject' (ie. us) for 'Access' to our records (and therefore our data). I guess it's simply a matter of preference - whatever it takes to get the job done.

I agree that a DSAR is a formal and lawful request for all data held 'in a relevant filing system,' which pertains to the Data Subject - and to withold any such data is a breach of the DPA. However, it has been quite clear over the years that lenders have tried various ways of 'losing' data to avoid sending it out. Abuse (or 'misunderstanding') of the 'relevant filing system' clause is one of these, but I believe that lenders have generally now fallen back on another part of the DPA which stipulates that if there is no longer any reason to hold certain items of data, then it must be safely destroyed. They then fall back on the Limitation Act to support their apparent 'destruction' of data older than 6 years on the grounds that it no longer has any purpose. When challenged to produce proof of its destruction, they then claim that such info cannot be disclosed as it may be 'commercially sensitive,' etc., etc., etc.

So - in my meagre experience - we rarely see DSAR data older than 6 years, and we rarely manage to get it if we ask for it - because it is almost impossible to prove that a bank still has data which it denies holding. This is where we sometimes have to work 'off-piste,' and get our info from other sources (such as CPP Ltd. or AI in this case.) Another angle (which I believe Angry Cat may have experience of) is the Money-Laundering Regulations - and it is possible that these stipulate that data must be kept for longer than 6 years. So - although under the DPA we have a right of access to all our data - this right is not guaranteed to be upheld by either the banks or the ICO any more than our right to fair and lawful conduct by the banks has been.

Thanks to Deepie for posting the SAR link, which I have not checked out. FWIW, I use this paragraph in any DSAR's I suggest - it still doesn't guarantee a better result, but it puts them on notice that they are under scrutiny:-
" Please be aware that the Data Protection Act 1998 clearly states that all information held must be disclosed and there is no correlation to the Limitation Act 1980 whatsoever. This request therefore lawfully includes any and all data which is older than six years. If you do not hold any data older than 6 years, then we require a signed declaration from your data controller confirming this, and a copy of all documents pertaining to its proper and safe disposal. "
...And I apologise for grammatical errors. I believe that 'Data' is the plural of the term 'Datum' - and should therefore be expressed as 'those data,' and 'data which are older than 6 years,' etc. But 'Data' is a 'live' English word which comes from the dead language of Latin, and seems to be 'evolving' into a 'collective' term. Perhaps a bit like the word '$h1t,' which I guess can be seen as a somewhat downmarket version of the term 'data' - it can be a verb, a singular noun, or a collective term - ie., to do one, to be one, or just to be generally full of the stuff. I just needed to clear that blockage...

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

You can access the advanced SAR in AAD+ in this section -> http://forums.all-about-debt.co.uk/s...l=1#post489188

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

DSAR was Bills terminology, I believed it meant the same thing. At the end of the all my data is what is needed. So will get that sorted next weekend. Do we have any template SAR's on here Niddy, not exactly to copy but to get all the facts in the letter down. I will obviously put my own spin on it.

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

A SAR is just that. A request for ALL data held about you, the Data Subject. No need to request anything from inception. That's what must be sent.

A DSAR is banking terminology. It's a SAR.

Re: Card Protection Policies (CPP) - We're STILL Being Scammed !!!

Bill, if a DSAR is sent surely one can request back to inception the original paperwork, as most of us who claimed bank and credit card charges did?

I never as far as I can see that I applied for Sentinel Gold so it would be interesting to see the paperwork that I presumably signed for this ridiculous cover. Now Sentinel Gold I never not dealt directly with it was only through MasterCard that the annual money was taken from me.

So Bill do you think a DSAR to both or just MasterCard as they took the money?

About people moving the actual card company would have the new addresses unless peeps have popped off. So one would hope that with some media attention when this blows up we can make peeps aware that may not have been aware.