AIB GDPR, requesting personal data from an Irish bank

CD containg private information.

Since the EU introduced GDPR policy I decided to request my personal data from my bank. Out of curiosity, I wanted to investigate a little what type of information is stored about me.

I requested the data using AIB’s online banking account. The process was quite straightforward. After 2 weeks or so I received a letter that my data is available to collect in person form my local AIB branch. When collecting the data I was asked to provide a proof ID. It’s reassuring to know that AIB has a procedure for such scenario. I’ve read a story of a British person attempting to request his girlfrient’s data https://www.bbc.com/news/technology-49252501

Now, the most important bit. What is that mysterious private data? I received an envelope with handwritten details. The mysterious file was saved on a CD. I couldn’t remember when I’ve used a CD the last time.

An ordinary CD.

The CD was encrypted using McAfee antivisus. The password was supplied by AIB in a seperate post. Very neat.

McAfee CD password interface

The spreadsheet included only 3 tabs:

  • Customer
  • Account
  • Transaction

Customer

  • Full Name
  • Sex
  • DOB
  • Address Line 1
  • Address Line 2
  • Address Line 3
  • Address Line 4
  • Address Line 5
  • Post Code
  • Resident Country
  • Marketing Permission
  • Mail Marketing Permission – Phone
  • Marketing Permission – Email
  • Contact Person
  • Contact Person
  • Phone number
  • Home Phone
  • Business Phone Number
  • Phone Number
  • Preferred Method of Contact
  • Home Email
  • Work Email
  • Marital Status
  • Employer Name
  • Employment Start Date
  • Employment Type Occupation
  • University College Name
  • Faculty
  • Course
  • Title
  • Course Start Date
  • Finish Date Course Type

Account

  • Account Number
  • Sort Code
  • Mailing Label Line 1
  • Mailing Label Line 2
  • Mailing Label Line 3
  • Mailing Label Line 4
  • Mailing Label Line 5
  • Mailing Label Post Code

Transaction

  • Account Number
  • NSC Transaction Date
  • Fees
  • Dispensed Currency
  • Dispensed Amount
  • Posted Currency Posted Amount
  • Posted Date Transaction Narrative

The spreadsheet document was bearly 60 KBs. Generally, I was a little bit disappointed with the data. It clearly doesn’t include all the information associated with my account. It doesn’t include my data such as messages, statements, standing order info, or details about my savings account. MIC bank clearly tried to just tick the box that they’re GDPR complient. Nevertheless, the transactions data can be quite useful. For me, it dates back to 07 2017.

Leave a comment

Your email address will not be published. Required fields are marked *