Solved

Remove my details under GDPR

  • 19 February 2021
  • 2 replies
  • 34 views

I’ve been trying to get my details removed from your system under the GDPR law of ‘right to be forgotten’ but I can’t get anyone to help me, I stopped being a customer over a year ago and despite I am fully within my rights to get them removed and deleted entirely I keep being told that it is impossible for you to delete my details. It is illegal to store them after I have requested for them to be removed and would like it sorted. 

Thanks,

Joe

icon

Best answer by Michelle 20 February 2021, 17:29

HI @removeaccount 

We will keep your personal information for as long as you're a customer. If you haven't made a purchase or engaged with us for 3 years or more, then we'll remove you from our marketing mailing lists. After you stop being a customer, we may keep your data for up to 7 years after the last time you interacted with us. This could include one of the ways specified in 'How we use your personal information' and for one of these reasons:

  • To respond to any questions or complaints
  • To show that we treated you fairly
  • To maintain records according to rules that applies to us
  • To establish, bring or defend legal claims.

We may keep your data for longer than 7 years if we cannot delete it for legal, regulatory or technical reasons. We may also keep it in order to help support product recalls or safety notices. If we do, we will make sure that your privacy is protected and only use it for those purposes.

We do not retain personal information in an identifiable format for longer than is necessary.

 

You have the right to object to us processing your personal information if we're not entitled to use it any more, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.

If you would like to exercise these rights, please contact us

 

Michelle 

iD Mobile 

View original

2 replies

Userlevel 7
Badge +9

@removeaccount 

Welcome to the iD Community

There might be a clause in the contract that allows iD Mobile to store your information for legal reasons to prevent fraud and and any legal claims. Not all companies have to act upon the request as there are exceptions under the current law. As detailed in the following link

https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-erasure/#ib6

 

When does the right to erasure not apply?

The right to erasure does not apply if processing is necessary for one of the following reasons:

  • to exercise the right of freedom of expression and information;
  • to comply with a legal obligation;
  • for the performance of a task carried out in the public interest or in the exercise of official authority;
  • for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing; or
  • for the establishment, exercise or defence of legal claims.

The UK GDPR also specifies two circumstances where the right to erasure will not apply to special category data:

  • if the processing is necessary for public health purposes in the public interest (eg protecting against serious cross-border threats to health, or ensuring high standards of quality and safety of health care and of medicinal products or medical devices); or
  • if the processing is necessary for the purposes of preventative or occupational medicine; for the working capacity of an employee; for medical diagnosis; for the provision of health or social care; or for the management of health or social care systems or services. This only applies where the data is being processed by or under the responsibility of a professional subject to a legal obligation of professional secrecy (eg a health professional).

 

I faced the same situation trying to get a few internet accounts closed and was met with the same issue - they needed to keep the data for legal reasons. So to get round the issue I changed my details to some random name and place along with a bogus email and password. In fact they suggested I obfuscated the data myself as their systems could completely erase all the data.

Userlevel 4
Badge +8

HI @removeaccount 

We will keep your personal information for as long as you're a customer. If you haven't made a purchase or engaged with us for 3 years or more, then we'll remove you from our marketing mailing lists. After you stop being a customer, we may keep your data for up to 7 years after the last time you interacted with us. This could include one of the ways specified in 'How we use your personal information' and for one of these reasons:

  • To respond to any questions or complaints
  • To show that we treated you fairly
  • To maintain records according to rules that applies to us
  • To establish, bring or defend legal claims.

We may keep your data for longer than 7 years if we cannot delete it for legal, regulatory or technical reasons. We may also keep it in order to help support product recalls or safety notices. If we do, we will make sure that your privacy is protected and only use it for those purposes.

We do not retain personal information in an identifiable format for longer than is necessary.

 

You have the right to object to us processing your personal information if we're not entitled to use it any more, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.

If you would like to exercise these rights, please contact us

 

Michelle 

iD Mobile 

Reply