In a message dated 23/05/2002 14:51:02 GMT Daylight Time,
[log in to unmask] writes:
<< If, as part of our financial sales process, we want to gather information
about customer's children (name, date of birth) for the purpose of rapport
building with the customer in the future (arguably, we only really need to
know the number of children and whether they are financially dependent for
financial planning purposes), would this contravene DP as we are collecting
this information about an identifiable individual (the child) without their
consent? >>
-----------------------
The issue of consent may not be the only concern here.
Organisations collect data on children without consent all the time. Schools
are obliged in law to collect and process the information and they often get
involved with commercial activities - passing the details to photographers,
retail outlets (smartcard/discount card schemes), insurance companies, travel
organisations and the like. In theory, consent would be necessary for all
these activities. In England and Wales, some sort of "test of understanding"
would have to be applied to see whether the parent should consent on the
child's behalf. In practice, however, consent is very rarely sought for
commercial use of education data.
Whether the data are fairly obtained, excessive in relation to the purpose
(presumably financial product sales), accurate and kept up to date, held for
longer than necessary, etc., would depend on each "relationship" on a
case-by-case basis. In order to build a "profile" of the customer, basic
details of their family may be relevant in some cases depending upon the type
of product they are interested in.
To say you want to collect the data to build "rapport" is slightly
misleading. You want to sell more products. If the number of children and
financial dependency are sufficient for the purpose, anything else is likely
to be irrelevant and/or excessive - even if you did have the person's (or
their parent's) consent.
Ian Buckland
Managing Director
Keep IT Legal Ltd
Please Note: The information contained in this document does not replace or
negate the need for proper legal advice and/or representation. It is
essential that you do not rely upon any advice given without contacting your
solicitor. If you need further explanation of any points raised please
contact Keep I.T. Legal Ltd at the address below:
55 Curbar Curve
Inkersall, Chesterfield
Derbyshire S43 3HP
(Reg 3822335)
Tel: 01246 473999
Fax: 01246 470742
E-mail: [log in to unmask]
Website: www.keepitlegal.co.uk
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|