blender
Member of DD Central
Posts: 5,719
Likes: 4,272
|
Post by blender on Aug 3, 2018 13:11:52 GMT
Here is the initial response I got from my data access request Thank you for your email. We have instigated an immediate and thorough investigation into this matter and will have a full response to you by no later than Friday 27th July. We would also like to assure you that we take data issues very seriously. What we can tell you at this stage though is the naming of the mail-out was in relation to the fact that it was to tie in with the marketing of the 1st 'Collateral' loan, we refinanced - not a reflection on the origin of the database. If you have any further concerns in the meantime please do not hesitate to contact me. Did this happen threeds ? Was it secret?
|
|
|
Post by threeds on Aug 6, 2018 11:55:58 GMT
Sorry, been away with no access to internet, just trawled through my email and no I never got a response. I will chase to see what response I get
|
|
|
Post by lionelrichtea on Aug 6, 2018 16:13:13 GMT
Seems like they need to instigate an immediate and thorough investigation into why the response deadlines for their first immediate and thorough investigation and second immediate and thorough investigation have both been missed.
|
|
|
Post by threeds on Aug 17, 2018 3:44:32 GMT
Well I ended up chasing twice and this is the response I have received:-
After further investigate we are sorry to report that we are unable to ascertain the original source of your data. It would appear you have historically been in one of our marketing databases which have been created from a variety of sources over the years. Whilst this will not be the answer you want to hear, i can however assure you that we hold no other records about you other than you name and email address. There is no financial data and information on your previous investments etc. We have removed you from our database and you will no longer receive future communication.
Once again we apologise for the inconvenience
Regards
Huddle
|
|
keystone
Member of DD Central
Posts: 713
Likes: 575
|
Post by keystone on Aug 17, 2018 13:14:16 GMT
How can they not know the source of the data? Does it magically appear in their database when it wasn't there before? How does that work with the GDPR regulations when they have random people in their database, what about security? Sounds like a cop out from them because they know they have broken the law with their spamming.
|
|
ceejay
Posts: 971
Likes: 1,149
|
Post by ceejay on Aug 17, 2018 15:02:00 GMT
Not to mention the fact that so many COL investors - including me - all seem to have been spammed by Huddle at the same time.
Not the sort of coincidence that I am prepared to swallow.
|
|
mason
Member of DD Central
Posts: 662
Likes: 640
|
Post by mason on Aug 17, 2018 17:36:11 GMT
Well I ended up chasing twice and this is the response I have received:- After further investigate we are sorry to report that we are unable to ascertain the original source of your data. It would appear you have historically been in one of our marketing databases which have been created from a variety of sources over the years. Whilst this will not be the answer you want to hear, i can however assure you that we hold no other records about you other than you name and email address. There is no financial data and information on your previous investments etc. We have removed you from our database and you will no longer receive future communication. Once again we apologise for the inconvenience Regards Huddle That's an admission of unlawful processing of your data in breach of the Data Protection Act 2018. I hope you will be complaining to the ICO about the unlawful use of your data. You can do so by email using the downloadable form available after answering a few questions about your complaint here: ico.org.uk/make-a-complaint/your-personal-information-concerns/In my case, I've received no response to my Subject Access Request within the statutory one calendar month deadline. This is also an offence, and one I'll be taking up with the ICO.
|
|
mason
Member of DD Central
Posts: 662
Likes: 640
|
Post by mason on Aug 17, 2018 18:33:10 GMT
Not to mention the fact that so many COL investors - including me - all seem to have been spammed by Huddle at the same time.
Not the sort of coincidence that I am prepared to swallow.
The Collateral explanation is a plausible one, but I'm not going to be too quick to rule out the other plausible explanation: that one current and one former director of Huddle Capital Limited are also directors of companies who are borrowers on the Ablrate platform. They could have obtained personal details of the lenders who have participated in their loans. It would be good to know whether or not this information (name of lender and email address) is ever made available to borrowers by ablrate - if so, it would be a simple case of unlawful use of the information by said directors or companies and does not involve wrongdoing by any other party.
|
|
blender
Member of DD Central
Posts: 5,719
Likes: 4,272
|
Post by blender on Aug 17, 2018 19:11:54 GMT
Not to mention the fact that so many COL investors - including me - all seem to have been spammed by Huddle at the same time.
Not the sort of coincidence that I am prepared to swallow.
The Collateral explanation is a plausible one, but I'm not going to be too quick to rule out the other plausible explanation: that one current and one former director of Huddle Capital Limited are also directors of companies who are borrowers on the Ablrate platform. They could have obtained personal details of the lenders who have participated in their loans. It would be good to know whether or not this information (name of lender and email address) is ever made available to borrowers by ablrate - if so, it would be a simple case of unlawful use of the information by said directors or companies and does not involve wrongdoing by any other party. This is a red herring, mason. A number of the email addresses used were specific to Coll, and we are talking of refinancing Coll loans. No other Ablrate lenders have raised this issue as linked to Ablrate customer info. The two of us here have four different email addresses live on Ablrate, we are into most Ablrate loans. We have never had contact with Coll, and we have not received any emails from Huddle about anything. I do not think it is proper to spread the contamination without any evidence to support a hypothesis.
|
|
mason
Member of DD Central
Posts: 662
Likes: 640
|
Post by mason on Aug 17, 2018 19:37:27 GMT
The Collateral explanation is a plausible one, but I'm not going to be too quick to rule out the other plausible explanation: that one current and one former director of Huddle Capital Limited are also directors of companies who are borrowers on the Ablrate platform. They could have obtained personal details of the lenders who have participated in their loans. It would be good to know whether or not this information (name of lender and email address) is ever made available to borrowers by ablrate - if so, it would be a simple case of unlawful use of the information by said directors or companies and does not involve wrongdoing by any other party. This is a red herring, mason. A number of the email addresses used were specific to Coll, and we are talking of refinancing Coll loans. No other Ablrate lenders have raised this issue as linked to Ablrate customer info. The two of us here have four different email addresses live on Ablrate, we are into most Ablrate loans. We have never had contact with Coll, and we have not received any emails from Huddle about anything. That's fair enough. That's the first I've heard from someone who has no connection to Collateral who is involved in the Ablrate loans. That's not what I'm trying to do, and it may be perfectly legitimate for two parties to a loan contract to know each other's identities. Hence the question. This is a more direct link between me and Huddle than the more tenuous link via Collateral and presumably BDO or RR. As it happens, the email address I used to sign up to the Ablrate platform was used to send me the Huddle spam. The email address I used with Collateral was different in that it contained a '+' suffix (a feature of gmail addresses). There are two possibilities - either Huddle processed their list in the knowledge of gmail's suffix feature to deliberately obfuscate its origin, or the email address did not come from Collateral. If Huddle were clever enough to alter the email address, then they would be the first company I'm aware of to do so. I've been able to track the origin of spam quite successfully using this feature for years. I note that BDO and RR both used my email address with suffix.
|
|
ceejay
Posts: 971
Likes: 1,149
|
Post by ceejay on Aug 17, 2018 19:58:09 GMT
The Collateral explanation is a plausible one, but I'm not going to be too quick to rule out the other plausible explanation: that one current and one former director of Huddle Capital Limited are also directors of companies who are borrowers on the Ablrate platform. They could have obtained personal details of the lenders who have participated in their loans. It would be good to know whether or not this information (name of lender and email address) is ever made available to borrowers by ablrate - if so, it would be a simple case of unlawful use of the information by said directors or companies and does not involve wrongdoing by any other party. This is a red herring, mason. A number of the email addresses used were specific to Coll, and we are talking of refinancing Coll loans. No other Ablrate lenders have raised this issue as linked to Ablrate customer info. The two of us here have four different email addresses live on Ablrate, we are into most Ablrate loans. We have never had contact with Coll, and we have not received any emails from Huddle about anything. I do not think it is proper to spread the contamination without any evidence to support a hypothesis.
I have entirely different email addresses for ABL and COL, and it was the COL one that was spammed by Huddle.
|
|
mason
Member of DD Central
Posts: 662
Likes: 640
|
Post by mason on Aug 17, 2018 20:39:50 GMT
This is a red herring, mason. A number of the email addresses used were specific to Coll, and we are talking of refinancing Coll loans. No other Ablrate lenders have raised this issue as linked to Ablrate customer info. The two of us here have four different email addresses live on Ablrate, we are into most Ablrate loans. We have never had contact with Coll, and we have not received any emails from Huddle about anything. I do not think it is proper to spread the contamination without any evidence to support a hypothesis.
I have entirely different email addresses for ABL and COL, and it was the COL one that was spammed by Huddle. If that email address was created for the sole purpose of signing up to the COL platform and was not used (at any time) elsewhere, then that is pretty irrefutable evidence that the information was leaked from COL. I wish I was in that position, but the evidence I have points the finger away from COL, unless, as I say, someone was clever enough to modify my email address as provided to COL. As such, I've not mentioned COL in my correspondence with Huddle (they denied obtaining my details from COL without me even making the suggestion).
|
|
blender
Member of DD Central
Posts: 5,719
Likes: 4,272
|
Post by blender on Aug 17, 2018 21:44:52 GMT
Back in this thread there is evidence of people who have had the Huddle spam on email addresses used only for Coll, which is why I questioned your hypothesis. The suffix issue is evidence for your hypothesis, which was not in your first post. I can think of why it might have been removed in this case, but that would be flying a kite when I have said that we should avoid that.
|
|
DeafEater
Member of DD Central
Extremely Moderate
Posts: 218
Likes: 292
|
Post by DeafEater on Aug 17, 2018 22:14:29 GMT
Lest there be any doubt at all, I've had absolutely nothing to do with either ABL or Huddle and I was spammed by Huddle using the address I had registered with Collateral. There are many many others with exactly the same story. It is definitely Collateral data, the only mystery is how Huddle came by it.
|
|
ceejay
Posts: 971
Likes: 1,149
|
Post by ceejay on Aug 17, 2018 22:37:34 GMT
So, looking for a hypothesis that covers all the data, I come up with
1 - Huddle got a bunch of email addresses (somehow) from COL and spammed them 2 - Since they clearly have no respect for data protection, they presumably also got addresses from elsewhere and spammed them at about the same time
The existence of type (2) spam doesn't affect the inference of the type (1) spam, which is the one we're talking about here.
Either way Huddle are a spammy bunch who don't deserve our custom, but the point for this sub-forum is to ask who connected with COL let our addresses out?
|
|