Santander - Breach of GDPR - Data Subject Access Request (DSAR)

[Redmountie]

Hi Caggers, 

 

I've used this site several times over the years and this community have been very knowledgeable and supportive around a previous SAR breach.  However, that was some 4-5 years ago, and under the old DPA 1998.  I'm acutely aware we now how DPA 2018 and GDPR.  

 

I am seeking some advice from fellow Caggers and will bullet point to keep it simple. 

 

• Moved my Current Account across to Santander.  This was done via the Current Account Switching Service (CASS). 
•  
• The account is opened but my Debit Card doesn't arrive prior to the account opening, meaning for several days I had no access to my account or money (complaint raised and final letter saying not the bank's fault). 
•  
• Santander forget to request for internet banking details to be sent out to me in the post.  Meaning I had to wait over a week to be able to access my account.  
•  
• Due to the above I escalated a complaint with their Customer Services Team.  As part of my complaint I completed an online DSAR (Request 1).  It later transpires that this was never actioned as they had tried to get hold of me to clear enhanced security, but couldn't reach me.  I've never had any phone calls from anyone at Santander relating to this and nothing in writing, via text message or email.  
•  
• I recontacted Santander and verbally requested a DSAR.  The advisor stated they had completed a form and processed my DSAR (Request 2).  Unfortunately, I didn't write the date of this verbal DSAR request down.  I have made a follow up complaint since - asking for it, but they have come back with a generic response and are not providing it.  Lesson learned - write everything down. 
•  
• On 26/02/23 I received a final complaint response letter from Santander.  The letter stated that during their review of my complaint they could see i had made a DSAR, but that If i still wanted it, I would have to follow the correct process, and go through to Customer Services to request it.  Obviously that threw me as I had previously been speaking with the Customer Services Team when i had made my second request.  I then made another DSAR (Request 3) and they even gave me a reference number for this one.  
•  
• Today (11/03/23) I called Santander to enquire about my DSAR.  Particularly as I haven't received a response acknowledgement from them.  I would usually have a letter from them confirming the DSAR and the 28 days in which they have to comply.  After being placed on a lenghty hold, the advisor came back on the phone and apologised, stating that there had been another banking error and that my DSAR from the 26/02/23 had not been processed, and that I would need to submit yet another one. 
•  
• I then went through to their "enhanced" retail line and verbally completed another (Request 4) DSAR.  Of course they have advised the 28 day clock starts from now (or the next working day so 13/03/23).  
•  
• As i don't know the date of the second DSAR should I go off of the date for the third DSAR (i.e. 26/02/23) and issue a 14 day Letter Before Claim?   If so, I will use that date to also inform the ICO of a statutory breach.  

[Redmountie]

Hi BF, very good to see you are still here giving advice to the masses. 

 

I'm sure you recall you successfully helped me in taking Lloyds Bank to Court for breach of the then DPA 1998.  I find myself here again, in similar circumstances. 

 

I have asked Santander to come back to me with the date that I initially submitted the DSAR.  They are playing games as they referred to knowing that I had submitted a DSAR in their final complaint response letter, but having called them for that date yesterday, they can't find where that information has come from. 

 

I've asked them to re-open my original complaint and come back to me with the date.  They have told me they will recall me on Tuesday once they investigate further into it.  They will have it as a call recording, which no doubt, is where their complaint handler, got this information from.  I suspect that date will be early to mid February 2023, so do you advise giving them a LBA/LBC and a week to comply (even though the date will have passed), or go straight to the POC?    

[Redmountie]

I requested another SAR yesterday. 

 

This time I have recorded time, date, the name of the customer service representative and what call centre they are based.

  I also made sure that I had a SAR reference number whilst still on the phone with the representative.

 

  I have this in front of me and it has been sent to me via email.  Going off of that date it will restart the clock for a further 28 days from tomorrow (being the next working date) right? 

 

What equipment can I buy to record calls?  This would have to be via my mobile (i.e. iPhone) as i don't have a landline telephone.    

[Redmountie]

Santander came back to me today and told me that my original verbal request for a DSAR was on 10/02/23. 

 

However, due to a banking error the customer services officer on the telephone didn't process the DSAR, so it hasn't been done.  There is obviously a training need at Santander as this is the second member of staff who has made a banking error and not processed a verbal DSAR.  The other being when i made my third DSAR request on 26/02/23. 

 

So 28 days from 10/02/23 is the 10/03/23.  Is my next step an LBA/LBC or straight to a POC? 

[Redmountie]

I’m struggling to find a Letter Before Action for a Breach of a DSAR. Does anyone have a thread they can post up or signpost me to please. 

[Redmountie]

How is this? 

 

Letter Before Claim

To whom it may concern,

On Friday 10th February 2023, I sent you a Data Subject Access Request for a statutory disclosure of my personal data under the Data Protection Act 2018.

You have failed to comply and are therefore in breach of your statutory duty and obligation under the UK General Data Protection Regulation (GDPR).  

You have 14 days to respond, after which I shall begin a County Court claim against you.
 

Yours faithfully

 

[Redmountie]

I have also completed a personal complaint form to the ICO and submitted this asking them to carry out a statutory assessment to determine if Santander has complied with it's statutory obligations. 

[Redmountie]

Letter Before Claim

 

To whom it may concern,

 

In early February 2023, I sent you a Data Subject Access Request (DSAR) for a statutory disclosure of my personal data under the Data Protection Act 2018.  On this occasion, despite confirming you had received it, you told me that you were unable to process it, as you were unable to verify who i was and take me through security.  This was despite already having cleared my account security process. 

 

On 10th February 2023, I sent you a second Data Subject Access Request (DSAR) for a statutory disclosure of my personal data under the Data Protection Act 2018. You have advised me that one of your Customer Services Advisors had made a banking error and not processed this Data Subject Access Request (DSAR). 

 

On 26th February 2023, I sent you a third Date Subject Access Request (DSAR) for a statutory disclosure of my personal data under the Data Protection Act 2018. You have advised me that for the second time one of your Customer Services Advisors had made a banking error and not processed this Data Subject Access Request (DSAR). 

You have failed to comply with three Data Subject Access Requests.  I have now written to the Information Commissioners Office (ICO) asking for them to carry out a statutory assessment to determine if you have complied with your statutory obligations. 

Your breach of your statutory duty is complete.  It has caused me a great deal of distress not having my data which, as you are aware, I need in relation to my ongoing complaint with you.  Also, the repeated necessity to chase after you to get this disclosure, and having to suffer your repeated broken promises, on at least three occasions, is contributing to cause further distress and anxiety. 

I shall be beginning a County Court claim against you in 14 days for £200 for distress.  I am giving you an opportunity to respond with a full disclosure plus £200 damages for the distress caused,  notwithstanding that I reserve my right to act upon your breach of data protection legislation which has already occurred.

 

Yours faithfully

[Redmountie]

I will email this off to them now

[Redmountie]

Santander have today replied to my Letter Before Claim.  They state: 

 

Thank you for your Letter Before Claim dated 19th March 2023. 

 

I have been asked to respond to you on behalf of Santander.  Please treat this letter as both Santander's response under DISP, and it's reply to your Letter Before Claim under the Civil Procedures Rules. 

 

Having considered your allegations, Santander is unable to conclude any wrongdoing and we deny any liability alleged in your Letter Before Claim, or otherwise. 

 

As you are a new customer to us, additional security checked needed to be carried out before a SAR could be processed.  Whilst we understand that you contact Santander twice by phone in February 2023 with the intention of raising a SAR, you failed to complete the security checks which were required to make a valid SAR. Accordingly, a SAR was not validly raised by you until 11th March 2023, when you successfully passed verbal security checks. 

 

The SAR has subsequently been completed and all legal deadlines have been complied with.  Our response has been sent to you under separate cover. 

 

In light of the above, Santander does not agree that it is in any way liable to you, as alleged in the Letter Before Claim, nor that you are entitled to the remedies which you seek therein.

 

However, as a goodwill gesture following your complaint, I am pleased to credit your account with £100, which I hope you will accept with my best wishes.  This payment is made entirely without any admission of liability.  We trust this concludes the matter.      

 

........

 

The Letter is unbelievable.  On both occasions that I called them in February, they took me through security to enable me to access my account.  I then gave them a verbal DSAR which they accepted on both occasions and told me that they would progress with it.  At no point in time did they tell me I had failed to complete security checks and at no point in time was asked to complete any additional security checks.  

 

I also don't understand why they have awarded a £100 gesture of goodwill if they deny any wrongdoing. 

 

My Letter Before Claim was sent on 19/03/23 and it gave them 14 days to provide me with the DSAR and award £200 damages for distress and inconvenience.  I'm thinking my next move is to wait until 19/02/23 and they issue a PoC?  

[Redmountie]

They have supplied the DSAR today too.  

 

My aim is to get the money rather than judgement. 

[Redmountie]

6 hours ago, BankFodder said:

Well I think that £100 is far too low. Does the disclosure that they have made you refer to the previous SAR requests?

I agree.  The £100 is what they were going to offer me anyway in compensation for their second banking error.  I asked for £200 for D&I but they have given me £100 as a "gesture of goodwill".    

 

I've just checked the small bundle they have sent and they use a complaint handling system called 'SharePoint'.  They have disclosed the notes from all my complaints.  Two of the complaint notes state the following: 

 

Customer is unhappy in regard to a SAR not being completed.  I have raised one today 26/02/23 but customer wants to make it clear that this is his third request as he has already made two previously and expects us to comply with it within 28 days from when he first called to make the request.  [So here is the admission that they raised one on 26/02/23].  

 

Customer advised that feedback will be provided in relation to previous DSAR not being completed - compensation will be considered and customer transferred to enhanced line to get DSAR request completed. Customer has tried to raise a DSAR before but hasn't been raised correctly by previous colleagues [so this is their admission that they did receive my two previous DSAR's (1) 10/02/23 (2) 26/02/23 but their members of staff didn't process them correctly]. 

 

Feedback form SharePoint completed for advisor that incorrectly completed the DSAR request.     

 

I need to listen to the call recordings to see if the above SAR requests were captured on each of the occasions I made them.  I'm 100% confident they must have been as the complaint handlers have listened to the calls to reach their decision to uphold my complaint and award compensation on both occasions their members of staff have made banking errors by not completing my DSAR despite verbally doing it over the phone in the correct manner.   

[Redmountie]

When you made the previous two SAR applications, did they inform you at the time or did they contact you later to say that they required further evidence of your identity?

At no point in time did they tell me that the correct DSAR procedure had not been followed.  They only mentioned this in there final response letter after the DSAR's has already been made.  However, the notes state that there advisors did not follow the correct process and that they attempted to call me to notify me of the correct procedure.  I never received any missed calls from them, voicemails, emails or in-app messages.  

 

When does the deadline for your letter of claim expire?  

The deadline date for the letter of claim is 02/04/23. 

[Redmountie]

@BankFodder - as always your advice is excellent. I have tweaked the letter and it has been sent to them (via email). I’ve extended the Letter Before Claim by an additional 7 days. Let’s wait and see how they respond. 

[Redmountie]

I have had an acknowledgement email from Santander but not an actual response. 

 

Seeing as they only have 5 days to come back with a response and pay the £200 for distress, I was thinking about getting my ducks in a row and preparing a POC. 

 

Can anyone signpost me to a POC for a Statutory Breach of GDPR and distress please. 

 

My gut feeling is that Santander are going to prevaricate and not offer the amount for distress.  

[Redmountie]

No threats my end just promises. Will pin s PoC shortly. If you remember, I got caught out a few years back with the £200 value for claiming distress, so keen to ensure lessons are learned my end.

[Redmountie]

No worries..........i tried to email you but i'm guessing you must have changed it as I haven't had a reply.  I also tried to find the Lloyds Case Thread in the cases won section, but i can't see it in the archive section.  

 

The issue we had last time which was picked up on by the Defence was around proving the distress element of £200.  

 

Is that an appropriate amount of money to put on the POC for distress?  I think it is.  I will obviously add the £35 MCOL fee to this too.  

[Redmountie]

In the

Bristol Civic Justice Centre

 

Claimant name and address

xxxxxxxx xxxxxx

xx xxxxxx xxxx

xxxxxxxxxxx

xxxxxxxxxxxxxx

xxxx xxx

 

Defendants name and address

Santander UK Plc, Santander House, 201 Grafton Gate East, Milton Keynes, MK9 1AN

 

Brief details of claim
Damage for distress caused by the defendants data protection breaches of statutory duty 

 

Value

£235

 

Particulars of claim

1. The Defendant is a Data Controller within the meaning of the Data Protection Act 2018 and is responsible for the processing of data of which the Claimant is a data Subject.  

 

2. This claim is in relation to two breaches of the Data Protection Act (2018) by the Defendant.

(a) Failure to comply with the statutory time limit.

 

3. The Defendant has failed to comply with the statutory time limit and is therefore in breach of the Data Protection Act (2018).

(a) On 10 February 2023, the Claimant made a request to the Defendant for a statutory data disclosure.  The statutory timeframe for compliance was 10 March 2023.  The Claimant never received any disclosure as a result of this request.  

(b) On 26 February 2023, the Claimant made a request to the Defendant for a statutory data disclosure.  The statutory timeframe for compliance was 27 March 2023.  The Claimant never received any disclosure as a result of this request.  

(c) On 11 March 2023, the Claimant made a request to the Defendant for a statutory data disclosure.  The statutory timeframe for compliance was 08 April 2023.  The Claimant received data disclosure only in relation to this data disclosure request.  

  

4. By virtue of the Defendant's failure to comply with the Subject Access Request the Claimant has suffered distress.  

 

 

[Redmountie]

Bristol Civic Justice Centre

 

Claimant name and address

xxxxxxxx xxxxxx

xx xxxxxx xxxx

xxxxxxxxxxx

xxxxxxxxxxxxxx

xxxx xxx

 

Defendants name and address

Santander UK Plc, Santander House, 201 Grafton Gate East, Milton Keynes, MK9 1AN

 

Brief details of claim
Damage for distress caused by the defendants data protection breaches of statutory duty 

 

Value

£235

 

Particulars of claim

1. The Defendant is a Data Controller within the meaning of the Data Protection Act 2018 and is responsible for the processing of data of which the Claimant is a data Subject.  

 

2. This claim is in relation to two breaches of the Data Protection Act (2018) by the Defendant.

(a) Failure to comply with the statutory time limit.

 

3. The Defendant has failed to comply with the statutory time limit and is therefore in breach of the Data Protection Act (2018).

(a) On 10 February 2023, the Claimant made a request to the Defendant for a statutory data disclosure.  The statutory timeframe for compliance was 12 March 2023.  Despite being fully aware of the Subject Access Request, the Defendant has never made any disclosure as a result of this request.  

(b) On 26 February 2023, the Claimant made a request to the Defendant for a statutory data disclosure.  The statutory timeframe for compliance was 28 March 2023.  Despite being fully aware of the Subject Access Request, the Defendant has never made any disclosure as a result of this request.  

(c) On 11 March 2023, the Claimant made a request to the Defendant for a statutory data disclosure.  The statutory timeframe for compliance was 08 April 2023.  The Claimant received data disclosure on 29 March 2023, but only in relation to this data disclosure request.  

  

4. The Claimant seeks £200 damages for distress caused by virtue of the Defendant's breaches of their statutory duty to disclose personal data, within 30 days, in response to two Subject Access Requests.

(a) The Claimant’s distress has been exacerbated by the continuing lack of cooperation by the Defendant, the cost of additional correspondence and time spent preparing documents and seeking legal advice. 

[Redmountie]

Ah the light has been shone.......................

 

So the reason for the SAR was that when i first opened my Santander current account (02 February 2023) i didn't receive my Debit Card and PIN or any access to my Online Banking. 

 

I tried to cancel the CASS switch until I was in receipt of one or the other, so that I could access my account.  Despite being told by a member of Santander that I could cancel the CASS, I was later (several days later) told that I was unable to cancel the CASS and the switch would take place, even though Santander knew i would not have access to my account, as I had no Debit Card and they had failed to send me any online credentials to login to my account. 

 

I escalated a complaint about not being able to access my current account due to not having either a Debit Card/PIN or a telephone banking personal ID Number/Temporary Password.  They were initially unable to explain how this happened so I asked them for a SAR so I could try and get to the bottom of it. 

 

They eventually responded to my complaint letter stating that there was a banking error on their part and the Online Banking credentials were never issued when the account was opened. 

 

I have raised around 5 complaints with Santander. 

 

Three in relation to failure to comply with my SAR and two around failure to provide me with Online Banking Credentials and poor customer service. 

 

I would have already switched to another account by now, but I have to keep this account open until the end of April, so they can pay me a £200 switch incentive.  Worse banking experience i have ever had and I've been with many Banks/Building Societies. 

 

Not sure how to put that in a short paragraph for the purposes of a PoC. 

 

My LBC has tomorrow's date on it, but i am conscious that tomorrow is a Bank Holiday. 

 

Should i issue the PoC on MCOL tomorrow or wait until the following working day?          

[Redmountie]

4 hours ago, Redmountie said:

Ah the light has been shone.......................

 

So the reason for the SAR was that when i first opened my Santander current account (02 February 2023) i didn't receive my Debit Card and PIN or any access to my Online Banking. 

 

I tried to cancel the CASS switch until I was in receipt of one or the other, so that I could access my account.  Despite being told by a member of Santander that I could cancel the CASS, I was later (several days later) told that I was unable to cancel the CASS and the switch would take place, even though Santander knew i would not have access to my account, as I had no Debit Card and they had failed to send me any online credentials to login to my account. 

 

I escalated a complaint about not being able to access my current account due to not having either a Debit Card/PIN or a telephone banking personal ID Number/Temporary Password.  They were initially unable to explain how this happened so I asked them for a SAR so I could try and get to the bottom of it. 

 

They eventually responded to my complaint letter stating that there was a banking error on their part and the Online Banking credentials were never issued when the account was opened. 

 

I have raised around 5 complaints with Santander. 

 

Three in relation to failure to comply with my SAR and two around failure to provide me with Online Banking Credentials and poor customer service. 

 

I would have already switched to another account by now, but I have to keep this account open until the end of April, so they can pay me a £200 switch incentive.  Worse banking experience i have ever had and I've been with many Banks/Building Societies. 

 

Not sure how to put that in a short paragraph for the purposes of a PoC. 

 

My LBC has tomorrow's date on it, but i am conscious that tomorrow is a Bank Holiday. 

 

Should i issue the PoC on MCOL tomorrow or wait until the following working day?          

Right i see what you mean @BankFodder. 
 

I made the SAR because they messed up my account transfer from 

Current Account Switch Service (CASS). 

[Redmountie]

Bristol Civic Justice Centre

 

Claimant name and address

xxxxxxxx xxxxxx

xx xxxxxx xxxx

xxxxxxxxxxx

xxxxxxxxxxxxxx

xxxx xxx

 

Defendants name and address

Santander UK Plc, Santander House, 201 Grafton Gate East, Milton Keynes, MK9 1AN

 

Brief details of claim
Damage for distress caused by the defendants data protection breaches of statutory duty 

 

Value

£235

 

Particulars of claim

1. The Defendant is a Data Controller within the meaning of the Data Protection Act 2018 and is responsible for the processing of data of which the Claimant is a data Subject.  

 

2. This claim is in relation to two breaches of the Data Protection Act (2018) by the Defendant.

(a) Failure to comply with the statutory time limit dated XXX

(b) ditto xxxx  dated XXX

 

3. The Defendant has failed to comply with the statutory time limit on two occasions and has therefore committed two breaches of the Data Protection Act (2018).

(a) On 10 February 2023, the Claimant made a request to the Defendant for a statutory data disclosure.  The statutory timeframe for compliance was 12 March 2023.  Despite being fully aware of the Subject Access Request, the Defendant has never made any disclosure as a result of this request.  

(b) On 26 February 2023, the Claimant made a request to the Defendant for a statutory data disclosure.  The statutory timeframe for compliance was 28 March 2023.  Despite being fully aware of the Subject Access Request, the Defendant has never made any disclosure as a result of this request.  

(c) On 11 March 2023, the Claimant made a request to the Defendant for a statutory data disclosure.  The statutory timeframe for compliance was 08 April 2023.  The Claimant received data disclosure on 29 March 2023, but only in relation to this third data disclosure request.  

  

4. The Claimant seeks £200 damages for distress caused by virtue of the Defendant's breaches of their statutory duty to disclose personal data, within 30 days, in response to two Subject Access Requests.

 

 

(a) Purpose of the Subject Access Requests

 

The Claimant made the Subject Access Requests in order to start the process of understanding and resolving problems with his new bank account, which had been caused by the negligence  and contractual breaches of the Defendant.

The Defendant's negligence/breach of contract are not at the moment a subject of this court action. 

The failure by the defendants to conduct the claimant's account correctly and also to communicate with the claimant fairly all at all is a breach of the Banking (Conduct of Business) Regulations –BCOBS – which were made pursuant to the Financial Services and Markets Act 2000 – although those beaches are not currently the subject of this present legal action

The Claimant opened a new bank account with the Defendant on 02 February 2023. 

The account was important to the Claimant because this was his main bank account in which he

conducted all of his financial business.    

It had been the intention of the Claimant to move his banking business to the Defendant’s bank because they offered a £200 reward incentive and cashback on bills.

An essential element of the opening of the new account was effectively the transfer of his financial

life from his previous bank account to the Defendant’s bank. 

 

The Claimant relied on the Defendants Current Account Switch Service (CASS) in order to achieve a seamless transfer and without any disruption to his own life, the life of his creditors or the organisations to whom he was scheduled to make regular payments. 

Describe CASS to the extend that it is a schem ....  implemented by ....

 

These included:-

1. utilities,
2. mobile phone,
3. water,
4. insurance,
5. rent,
6. council tax,
7. tv licence,
8. vehicle road tax.   

The Defendant failed in their duty to the claimant in that they failed to issue online banking credentials when the account was opened. 

Although the claimant made several phone calls to the Defendant and received undertakings, the Defendant did not remedy their negligent behaviour, and ultimately ended up having to issue online banking credentials on 08 February 2023, some six days after the account was opened. 

 

(b) The Subject Access Requests

 

Subject Access Request Number One
The claimant eventually decided to try and solve the problem himself and began by submitting a Subject Access Request on the 10 February 2023 in order to discover what had happened and to begin the process of sorting out the mess created by the Defendant.
The defendant breached their data protection obligations by failing to respond with a statutory disclosure within the statutory time limit of 30 days.

 

Subject Access Request Number Two
The claimant made a subsequent Subject Access Request on 26 February 2023.
The Defendant breached their data protection obligations a second time by failing to respond with a statutory disclosure within the statutory 30 days.
In respect of both Subject Access Requests, the Claimant received no acknowledgement and no question or enquiry from the Defendant. 
At no point did the Defendant indicate that they required more information in order to satisfy the requirements of the Subject Access Request.
At the time that each Subject Access Request was made, the Claimant had satisfied all of the Defendants requirements as to the ascertainment of his identity in that the Claimant responded to all of the Defendants security questions satisfactorily and was then allowed to discuss his account with them on the telephone.

 

Subject Access Request Number Three

The Claimant made a third subject access request on 11 March 2023.
The Defendant did comply with this subject access request on 29 March 2023. The data which was disclosed as a result of this third Subject Access Request revealed that the Defendant had received the first two Subject Access Requests and had failed to do anything with them. Either the Defendant felt that the Claimant had not satisfied there identity security requirements – despite the fact that they had been happy to speak to him on the telephone about his banking account – or else the request had been incorrectly actioned.
In neither case did the Defendant take any action to inform the Claimant or asked for additional verification as to identity – although it is submitted that this would have been unnecessary in the circumstances.

 

(c) Particulars of distress
 

This caused extreme anxiety and distress as well as being very time-consuming. The process of having to deal with this has interrupted the Claimant's normal life and routines and has caused particular anxiety and worry about the possibility of direct debits and standing orders not being correctly setup and therefore falling into default with various companies and the risk of resulting

negative entries on his credit file.    The Claimant’s distress has been exacerbated by the continuing lack of cooperation by the Defendant, the cost of additional correspondence and time spent preparing documents and seeking legal advice. 

 

How did you eventually resolve the matter

Edited April 10, 2023 by BankFodder
Edits in red

[Redmountie]

15 hours ago, BankFodder said:

Have a look below, put in corrections, fill in the blanks, make any additional comments and we will develop it.

I've made some deletions, corrections and additional comments.

 

If I am getting the story correctly here then frankly I think that we are asking for too little money and I think it should be 500 or £600.

Is this not too much to ask for initially?  When we've done this previously we have started at £200 and eventually negotiated are way up to £800.  Also, does the £35 fee increase if the monetary value I am seeking goes up that high? 

There is absolutely no doubt in my mind that they will receive a judgement against them for statutory breach which would be quite serious for them and something that they would absolutely want to avoid.

Also I consider they have breached the BCOBS rules and that they haven't treated you fairly and they haven't communicated with you fairly. Also, please clarify but I think that that the transfer rules that you are referring to something which had been set out by the regulator. Is that correct?

The Current Account Switch Service (CASS) is owned and operated by Pay.UK, the home of the UK's interbank payment systems (www.currrentaccountswitch.co.uk).  

 

Today is the deadline for my letter before claim.  Would you suggest starting the MCOL today or giving them until the next working day (i.e. Tuesday), considering today is a Bank Holiday? 

 

[Redmountie]

- I have sent you an email about this. Hopefully that email and audit trail will jog your memory. It was against Lloyds back in 2018. 

 

Lloyds Breach of SAR***Resolved*** - Lloyds Bank - Consumer Action Group

 

[Redmountie]

12 hours ago, BankFodder said:

I've made a few edits in red.

Also, did you eventually get your £200 reward – and was it straightforward?

Santander have confirmed that I have met their criteria for the £200 reward incentive.  However, they have yet to make the payment into my account and have advised it can take up to 30 days from when I met the criteria.  That end date being 30/04/23.  I guess that element is just a waiting game, but rest assured as soon as it's deposited into my account, I will be moving my business to another bank/building society.  

Can you just go over again the basis on which they have already offered you £100?

I've posted a screenshot of the final response letter Santander sent me with the £100 "Goodwill Gesture" which they made entirely without any admission of liability.  

You said that previously we have claimed £200 and settled for 800. Can you refresh my memory about this please.  

I can see you have managed to find my original post to my previous Breach of SAR which I won against Lloyds back in 2018.  They paid out and I issued a Notice of Discontinuance.  

 

Santander Executive Office Complaint Response Final Letter - 28-03-23.pdf