Banking regulations are much tighter than the EU GDPR rules so are NHS etc, the EU rules state about deleting data, banks and doctors have to by law keep that datar, for the NHS that is 8 years, not checked banking rules recently, so apart from changing bits about Subject Access Requests and some other wording, Starling will generally be compliant with most of the regulations already.
Banks, the NHS, etc. all have to comply with GDPR. I’ve had many emails from other banks I do business with regarding my contact preferences.
Under the regulation, you must not keep data for longer than is required. For banks, that may well be 8 years (though I thought it was 6). There are plenty of legal bases that a company may contact an individual without obtaining explicit consent, including contractual or legal reasons.
I’m pretty confident they’ve got the right legal and compliance teams ready for the 25th May #GDPR
I’m sure they’ll be on the ball but you’d be surprised how unprepared a lot of companies are - only 15% reckon they’ll be fully compliant by 25th!
I noticed that Starling have posted a amended private policy today. https://www.starlingbank.com/legal/privacy-notice/
I’ve been getting an absolute raft of emails over the last two weeks concerning GDPR from all of the companies that I regularly deal with, so lots of them are on the ball.
And a funny old thing lol! I’ve just got an email from Starling advising of their updated privacy notice.
Yes, but there’s a lot more work to do behind the scenes than most people would imagine. Many companies have been working to achieve compliance for over a year. The majority of companies will be aiming for a defensible position come the 25th and will then continue to evolve their data protection policies and processes.
Yes mate, bizarre! I was just literally typing out that previous post and it popped up
You want to get the lottery on tonight with powers like that