Attention: Please take a moment to consider our terms and conditions before posting.

Charlton Marketing Boycott / Online Protest

The idea of a Charlton email unsubscribe / marketing database boycott has been discussed on a few other threads but was sort of off-topic and not really followed up, so I thought I'd start a dedicated thread for it. Hopefully, the idea can gain some traction and we can get something organised.

The basic scheme is to mass request the removal of our personal details from Charlton's marketing database, which they will be obliged to do under Data Protection legislation. This will hopefully have the effect of damaging their marketing operation and devaluing their marketing lists for their corporate partners/sponsors, as well as causing the club an unwanted admin burden in dealing with the requests that have to comply with by law. It would also give those who are unable to attend protests in person at the ground an opportunity to participate in action against the owner.

I've seen mass email protests where a single website is set up for protesters to enter a few basic details (name/email etc.) and mailer software in the background mailmerges it into a standard format email and shoots if off automatically to to the target. I don't really have the IT/web design skills to put that together but surely it shouldn't be too difficult. If its a one-stop, two minute job to register a protest online it would be easy to facebook/twitter it all over the place just like successful Olympic stadium petition.

Standing in a car park shouting has its place, but its finished after a couple of hours. Hopefully a direct action like this can cause them ongoing, daily grief over weeks and months.

Any takers?
«1

Comments

  • edited December 2015
    Missed It said:

    The idea of a Charlton email unsubscribe / marketing database boycott has been discussed on a few other threads but was sort of off-topic and not really followed up, so I thought I'd start a dedicated thread for it. Hopefully, the idea can gain some traction and we can get something organised.

    The basic scheme is to mass request the removal of our personal details from Charlton's marketing database, which they will be obliged to do under Data Protection legislation. This will hopefully have the effect of damaging their marketing operation and devaluing their marketing lists for their corporate partners/sponsors, as well as causing the club an unwanted admin burden in dealing with the requests that have to comply with by law. It would also give those who are unable to attend protests in person at the ground an opportunity to participate in action against the owner.

    I've seen mass email protests where a single website is set up for protesters to enter a few basic details (name/email etc.) and mailer software in the background mailmerges it into a standard format email and shoots if off automatically to to the target. I don't really have the IT/web design skills to put that together but surely it shouldn't be too difficult. If its a one-stop, two minute job to register a protest online it would be easy to facebook/twitter it all over the place just like successful Olympic stadium petition.

    Standing in a car park shouting has its place, but its finished after a couple of hours. Hopefully a direct action like this can cause them ongoing, daily grief over weeks and months.

    Any takers?

    If we can get sufficient numbers to flood the club, then I am up for this. If only a few, there is little benefit.

    Seth's wording may be the way forward but I am no data security expert.
  • Good..... agreed...
  • unsubscribing from all the social media channels, that they are currently boasting about is another option...
  • Well done, guys , especially Seth.

    I'm afraid that I can't help with this one either but would happily forward the template to others and gladly comply myself.

    When organised & confirmed as "hitting the spot" I'm sure AFKA would add this to his sticky closed announcement regarding current actions being taken.
  • I may have missed the correct email address, but Im more than willing to send in Seths letter. Can anyone help?
  • seth plum said:

    This is a clumsy attempt to help with a standard cut and paste letter.
    Please note that it is not asking for removal of data in the first instance.

    There are a few omissions which I may need help with, especially the data manager at the club, but I have addressed it to Katrien as the overall final person with ultimate responsibility.

    Dear Katrien,

    I am writing to you as CEO of Charlton Athletic, and as the person who has ultimate and overall legal responsibility regarding any data you may have about me.
    According to the Data Protection Act 1998, part 7, (subsection 1a) I am entitled 'to be informed by any data controller whether personal data of which that individual is the data subject are being processed by or on behalf of that data controller.'

    I believe that I may have data about myself on your system because (add or delete where needed) I am a red card holder number ????/ I have in the past had a season ticket seat and number/I am at present a season ticket holder). I would like to check, as is my entitlement by law, what if any data you hold about me and if it is accurate or needs updating.

    I would also like to know the system you use to monitor any data in order to keep it up to date, and the names of any individuals you share such data with, or any companies or organisations you share such data with. If my data that you hold is shared with a company or organisation I would like you to inform me of the name and contact details of the data controller of that company.

    Subsection 8 of part 7 of the Data Protection Act 1998 says: 'a data controller shall comply with a request under this section promptly and in any event before the end of the prescribed period beginning with the relevant day.' I have dated this request (xxxxxxx) and therefore I expect the information to be supplied to me in full by (xxxxxxx) which is within the time frame of the Data protection Act 1998 of which I am sure you are fully aware.

    If I find the data you supply to me to be inaccurate, or in need of change or amendment please also inform me of the method you use to make any changes.

    I am also confident that you fully understand that failure to comply with my request is an offence under law.

    In order to get you started my name is: xxxxxxx
    My address is: xxxxxxxxxx
    My landline is XXXXXXX
    my mobile is XXXXXXXX
    and my email is XXXXXXXXXXX

    Yours sincerely

    XXXXXXXXXX

    That's the best I can do for now, but any suggestions or changes would be welcomed.

    Good effort, Seth. I worked in Data Protection for NatWest many moons ago and you're on the right lines. I don't think the act has changed that much over the years, unless somebody can correct me on that.

    I would suggest you don't make it too easy for them in the first instance, I would merely ask what data they hold on you/me to ascertain in the first place if it's correct (don't give them the chance to change it before they reply).

    If it's inaccurate you can ask what processes they have in place for keeping it up to date and accurate, which is all part of the act. None, is my guess.

    I think the idea behind this is to make it a long winded process and tie somebody up doing it at the same time, so it's a long game we need to play.

    As said, we need enough requests to make it worthwhile, but I'm sure it can be refined.

    Just a suggestion.



  • edited December 2015
    Does anybody know the sanctions that may apply if the club break the law?

    Found something and answered my own question.

    http://www.itgovernance.co.uk/dpa-penalties.aspx
  • I've done a few courses on data protection, but they were mainly from a data handling 'cover your arse' perspective rather than consumer rights. I will do some more research on it over the long weekend. Would rather not go up against lawyer (even a duff one like Ms Meire!) without all my legals straight. I think there is an exemption on sanctions for vexatious requests, which an organised campaign may qualify as, but that doesn't absolve the club from their obligations in handling our data - they still have to process the requests.
  • Yes, probably by keeping the original request short and to the point, e.g. under the data protection act blah blah, can you please supply the information you currently hold on me within 21 days as stated under the act.

    Something along those lines to begin with.

  • Sponsored links:


  • @sethplum, good work mate, I used to train on the DP, however please remember that if you ask for the information that is held on you (A Subject Access Request) by any organisation they have up to 40 calendar days to respond and most companies charge a maximum of £10. The 40 days and £10 are part of the DPA.
  • Social media unfollowed and email list unsubscribed. Took two minutes and has made a small (really bloody small!) dent in the audience they can sell on to partners. Great if everyone did the same.
  • Totally agree with the principal and the letter wot Seth rote.

    But....

    How do people feel about Valley Gold ?
    Do we all stop our money going towards that scheme ?
  • @sethplum, good work mate, I used to train on the DP, however please remember that if you ask for the information that is held on you (A Subject Access Request) by any organisation they have up to 40 calendar days to respond and most companies charge a maximum of £10. The 40 days and £10 are part of the DPA.

    Yes I got a bit confused about the 40 days and the 21 days.
    I have also read that some requests have to be answered without the £10 fee.

    Ideally I would like to construct something that would have no cost, and would have to be responded to in 21 days. If anybody actually knows this stuff please post it on here because my online research is a bit convoluted.
  • Sorry, can't edit on this device......

    Should have said.......

    If we all agree to get our data removed (which I'm in agreement with), and not read their Facebook, Twitter, official accounts, would/should we still fund @ValleyGold ?
  • Sorry, can't edit on this device......

    Should have said.......

    If we all agree to get our data removed (which I'm in agreement with), and not read their Facebook, Twitter, official accounts, would/should we still fund @ValleyGold ?

    There is the possibility of a separate fund being set up. ( I believe)
  • RDG said:

    Social media unfollowed and email list unsubscribed. Took two minutes and has made a small (really bloody small!) dent in the audience they can sell on to partners. Great if everyone did the same.

    Being stupid, how do I unsubscribe from the email list ?
    Thanks in advance.

  • Being stupid, how do I unsubscribe from the email list ?
    Thanks in advance.

    I found an old email from the club in my trash folder, went to the bottom and clicked where it says unsubscribe in the small print.
  • Here's a standard template letter.

    [Your full address]
    [Phone number]
    [The date]

    [Name and address of the organisation]

    Dear Sir or Madam

    Subject access request

    [Your full name and address and any other details to help identify you and the information you want.]

    Please supply the information about me I am entitled to under the Data Protection Act 1998 relating to: [give specific details of the information you want, for example

    your personnel file;
    emails between ‘A’ and ‘B’ (between 1/6/11 and 1/9/11);
    your medical records (between 2006 & 2009) held by Dr ‘C’ at ‘D’ hospital;
    CCTV camera situated at (‘E’ location) on 23/5/12 between 11am and 5pm;
    copies of statements (between 2006 & 2009) held in account number xxxxx).

    (in our case it would be mailing lists, computer records held of our personal details etc...)


    If you need any more information from me, or a fee, please let me know as soon as possible.

    It may be helpful for you to know that a request for information under the Data Protection Act 1998 should be responded to within 40 days.

    If you do not normally deal with these requests, please pass this letter to your Data Protection Officer. If you need advice on dealing with this request, the Information Commissioner’s Office can assist you and can be contacted on 0303 123 1113 or at ico.org.uk

    Yours faithfully
    [Signature]

    Data Controller details on the club can be found here: https://ico.org.uk/ESDWebPages/DoSearch?reg=65511
  • Sponsored links:


  • bobmunro said:

    Here's a standard template letter.

    [Your full address]
    [Phone number]
    [The date]

    [Name and address of the organisation]

    Dear Sir or Madam

    Subject access request

    [Your full name and address and any other details to help identify you and the information you want.]

    Please supply the information about me I am entitled to under the Data Protection Act 1998 relating to: [give specific details of the information you want, for example

    your personnel file;
    emails between ‘A’ and ‘B’ (between 1/6/11 and 1/9/11);
    your medical records (between 2006 & 2009) held by Dr ‘C’ at ‘D’ hospital;
    CCTV camera situated at (‘E’ location) on 23/5/12 between 11am and 5pm;
    copies of statements (between 2006 & 2009) held in account number xxxxx).

    (in our case it would be mailing lists, computer records held of our personal details etc...)


    If you need any more information from me, or a fee, please let me know as soon as possible.

    It may be helpful for you to know that a request for information under the Data Protection Act 1998 should be responded to within 40 days.

    If you do not normally deal with these requests, please pass this letter to your Data Protection Officer. If you need advice on dealing with this request, the Information Commissioner’s Office can assist you and can be contacted on 0303 123 1113 or at ico.org.uk

    Yours faithfully
    [Signature]

    Data Controller details on the club can be found here: https://ico.org.uk/ESDWebPages/DoSearch?reg=65511



    Just a thought but should the letter be sent by (whatever it's called) registered post or similar so they can't just claim they didn't get the letter?
  • bobmunro said:

    Here's a standard template letter.

    [Your full address]
    [Phone number]
    [The date]

    [Name and address of the organisation]

    Dear Sir or Madam

    Subject access request

    [Your full name and address and any other details to help identify you and the information you want.]

    Please supply the information about me I am entitled to under the Data Protection Act 1998 relating to: [give specific details of the information you want, for example

    your personnel file;
    emails between ‘A’ and ‘B’ (between 1/6/11 and 1/9/11);
    your medical records (between 2006 & 2009) held by Dr ‘C’ at ‘D’ hospital;
    CCTV camera situated at (‘E’ location) on 23/5/12 between 11am and 5pm;
    copies of statements (between 2006 & 2009) held in account number xxxxx).

    (in our case it would be mailing lists, computer records held of our personal details etc...)


    If you need any more information from me, or a fee, please let me know as soon as possible.

    It may be helpful for you to know that a request for information under the Data Protection Act 1998 should be responded to within 40 days.

    If you do not normally deal with these requests, please pass this letter to your Data Protection Officer. If you need advice on dealing with this request, the Information Commissioner’s Office can assist you and can be contacted on 0303 123 1113 or at ico.org.uk

    Yours faithfully
    [Signature]

    Data Controller details on the club can be found here: https://ico.org.uk/ESDWebPages/DoSearch?reg=65511



    Just a thought but should the letter be sent by (whatever it's called) registered post or similar so they can't just claim they didn't get the letter?
    Now theres a thought, would each one have to be signed for individually? .........Mwaaahhhahhhhahha ;)
  • bobmunro said:

    Here's a standard template letter.

    [Your full address]
    [Phone number]
    [The date]

    [Name and address of the organisation]

    Dear Sir or Madam

    Subject access request

    [Your full name and address and any other details to help identify you and the information you want.]

    Please supply the information about me I am entitled to under the Data Protection Act 1998 relating to: [give specific details of the information you want, for example

    your personnel file;
    emails between ‘A’ and ‘B’ (between 1/6/11 and 1/9/11);
    your medical records (between 2006 & 2009) held by Dr ‘C’ at ‘D’ hospital;
    CCTV camera situated at (‘E’ location) on 23/5/12 between 11am and 5pm;
    copies of statements (between 2006 & 2009) held in account number xxxxx).

    (in our case it would be mailing lists, computer records held of our personal details etc...)


    If you need any more information from me, or a fee, please let me know as soon as possible.

    It may be helpful for you to know that a request for information under the Data Protection Act 1998 should be responded to within 40 days.

    If you do not normally deal with these requests, please pass this letter to your Data Protection Officer. If you need advice on dealing with this request, the Information Commissioner’s Office can assist you and can be contacted on 0303 123 1113 or at ico.org.uk

    Yours faithfully
    [Signature]

    Data Controller details on the club can be found here: https://ico.org.uk/ESDWebPages/DoSearch?reg=65511



    Just a thought but should the letter be sent by (whatever it's called) registered post or similar so they can't just claim they didn't get the letter?
    Here you go @Arsenetatters Recorded & signed for http://www.royalmail.com/delivery/business-delivery-options-uk/recorded-signed from 95p + normal postage.
  • So ...to the experts here ...is this a goer or not, i.e. Seth's idea, data enquiry rather than data removal?

    And who is the person/department/email address responsible at the club?

    If we can tie them up in rings responding to database enquiries, it has to be worth a go...but we need a consistent format for our letters.
  • stonemuse said:

    So ...to the experts here ...is this a goer or not, i.e. Seth's idea, data enquiry rather than data removal?

    And who is the person/department/email address responsible at the club?

    If we can tie them up in rings responding to database enquiries, it has to be worth a go...but we need a consistent format for our letters.

    Rick, any thoughts based upon your tenure at the club?
  • I think this is a great idea. Maybe we could get a certain number prepared and ready for posting then post them all on the same day. That way they should all arrive together making a bigger impact than a slow drip feed. The fact that there is a time limit on responding to the requests will mean they will be really pushed to meet any deadline.
  • I think this is a great idea. Maybe we could get a certain number prepared and ready for posting then post them all on the same day. That way they should all arrive together making a bigger impact than a slow drip feed. The fact that there is a time limit on responding to the requests will mean they will be really pushed to meet any deadline.

    Good suggestion especially if all sent by recorded-signed delivery as mentioned by RedChaser above
  • Unsubscribed!
  • Surely to take up the most of their time, you first ask what information they hold on you, then, after they reply, you ask them to change any incorrect information, then once they have confirmed they have done that, you ask for all your information to be removed.

    Top work @seth plum and co with the templates, although I know nothing about the charges they could impose.

    This is one of the few things I can get involved with from here, so will certainly support the final decision, even if it does cost £10.
  • Great, now just need confirmation from someone in the know that Seth's template is fine and we can coordinate our approach.
Sign In or Register to comment.

Roland Out Forever!