What is a Data Portability Request?
This is a new right under the GDPR/UKDPA18. It allows individuals to obtain copies of certain personal data that the individual has provided to a data controller (such as Sainsbury’s Bank or Argos Financial Services) in a structured, commonly used and machine-readable format and to reuse it for their own purposes. Individuals are free to either store the data for personal use or to transmit it to another service provider.
A portability request is likely to return a narrower band of information than a Data Subject Access Request would. A portability request will consist of customer details captured during the application process, including any subsequent rectifications, product details, account details (e.g. start date/end date & balance/limits), account transactions (if relevant).
Can I transfer my data from another company straight to you, to help open a new product?
No, we can’t check if it contains any nasty content before opening the file and therefore we do not currently accept transfers. We have a responsibility to keep the personal data we hold safe and secure, so any files sent to us with an attachment, will be returned unopened to the sender and then deleted.
If I ask you to port my personal data to another company, will you send it?
This will depend on which company you ask us to send your data to and whether we are able to do this safely. If we are unable to do this transfer we will say so at the time and give you the option to receive your data and send it on yourself.
How do I ask for my personal data to be ported?
- visit our website. You’ll find guidance notes on how to download and return our Data Request form online
- call us on 08085 405060 and we’ll help you to complete the Data Request form; or
- send a letter to us at Sainsbury’s Bank, PO Box 4955, Worthing, BN11 9ZA. If possible, please enclose a completed copy of the Data Request form along with your letter – this will help us to locate the data you are looking for and provide you with a response as soon as possible
For security reasons, we don’t accept Data Request forms by email.
Before we can send you a copy of the personal data we hold about you, we need to confirm your identity. This allows us to protect our customers’ confidentiality and prevents personal data falling into the wrong hands. In order to confirm your identity for the purpose of fulfilling your data portability request, we may ask you to:
- answer some security questions over the phone; or
- send us copies of identification documents, such as your passport or utility bills
How long does it take to get a response to my data portability request?
This will take between 1 and 3 months. If it will take us longer than 1 month to provide you with the personal data you have requested to be ported, we will let you know.
I have a joint account and I want to port all the personal data you hold about both of us. Do I need to ask the other person if that’s ok?
It will depend on which product(s) you hold with us. Please see your T&Cs, which will tell you whether we can share data about both account holders without obtaining permission from both of you. If the T&Cs do not say that we can do this, we will need to ask the other account holder for permission to share this data with you.
Can you post my ported data to me?
No, ported data must be electronic and in machine readable format, like an Excel spreadsheet or a PDF. We’ll put your response on a secure portal for you to access directly. We will send you an email to the email address we hold on file for you to confirm when your portable personal data is available in our electronic portal. The personal data held about you in this portal will be password protected to protect your confidentiality. We will send an access password separately to the postal address we hold in our records for you. This password will arrive in the post in the days following receipt of the confirmation email and can then be used to unlock your personal data on the portal.
Is there a charge for requesting access to my personal data?
No, we don’t charge for providing a copy of this personal data.