If a bookie restricts your account, which choice is most commonly quoted for the retention of your data due to UK law & regulation?
10% 3 years
24% 5 years
36% 7 years
30% 10 years
Thank you to everyone who voted on this important topic.
J4P’s experience is 5 years, but the reason for doing this poll was that none of the time periods actually apply. If a gambling company tells you they can’t delete your personal data for anti-money laundering, terrorist financing or tax reasons for a specific time length, they are lying to you: It is made up and purely fictitious.
Even more important is the fact that the Information Commissioner’s Office and the Gambling Commission have recently confirmed to J4P that gambling companies do not have to delete personal data if they don’t want to.
As nearly always both regulators subtly avoided a direct explanation for their interpretation of UK privacy law, and gambling codes and conditions by using a ‘woolly’ phrase that means little, e.g. Gambling companies may have other reasons for not deleting a customer’s personal details.
J4P feels it is likely that many restricted customers may want a more precise, clearer explanation than this. A gambling company is allowed to retain my personal data forever, because ………………………………., whereas Tesco, Vodafone, Lloyds Banking Group cannot. Who knows, when nobody will say?
J4P has had two volunteers working on this topic for around two years. They have finally concluded that the Information Commissioner’s Office and the Gambling Commission have decided that gambling companies can retain for life, i.e. until a customer is dead gambling companies can retain all personal data held for those who’ve had their account restricted. This may include:
Full name, age, address, telephone numbers, email addresses, IP addresses, debit/credit card details, bank details, including unredacted banks statements, passport scan, passport scan selfies, laptop/tablet motherboard numbers, smartphone screen size and much, much more.
From what J4P has been told about the data security practices of some UK licensed gambling operators we would recommend that customers provide as little detail as possible to them. We’re aware that some companies allow staff who’ve no involvement in trading, regulation or customer service to access all customer details held from their company PCs.
Our best guess is that this decision has been made by the two regulators following gambling industry lobbying concerning protecting profits? This raises the question whether regulators are placing a greater emphasis on commercial interests than consumer privacy?
Who knows, J4P certainly doesn’t despite hours and hours of work. It’s about time both regulators explained fully why gambling companies are being treated differently from companies in other industries. Whilst J4P has failed to get a direct answer some readers may wish to try?