Gravito Retreat Center - GDPR Data Protection Issues, Data Access refusal, misuse of data amongst associates, referred to Data Commissioner ICO
Gravito Retreat Centre are not recommended for those who have concerns about access to, or misuse of, personal data. They have made no attempt to be GDPR compliant and there are serious unresolved concerns around how personal data is used or shared. The matter was referred to the ICO in the United Kingdom as well as the Data Regulation body in Portugal after serious misuses of data were identified in the wider community that Gravito is part of. Under the provisions of the GDPR Individuals have the right to access their personal data. This is commonly referred to as subject access. Individuals can make a subject access request verbally or in writing. You have one month to respond to a request. You cannot charge a fee to deal with a request in most circumstances. Gravito on three separate occasions failed to provide the data in response to a subject access request. The request was made after suspicious debits were attempted from a bank account that they had the details of. The response from others associated with Gravito is that bank accounts can be tracked and closed, usually this is in response to people raising serious concerns. Then months later suspicious debits were attempted but refused by the bank. It means either Gravito or those involved with Gravito, did in fact attempt to track and draw from a bank account. Gravito had an opportunity on six counts, three formally, to be transparent about what data they had, but they were non-compliant with all data access requests. Be careful what data you give them, if you complain, there are concerns it might be shared or misused in ways not aligned with Data Protection. The matter has been referred to the Information Commissioners Office that investigates data breaches, data misuse and non-compliance with data access requests.
Gravito Retreat Center Customer Care
- Data access issues
- Concerns around personal data being shared inappropriately
Reason of review
GDPR Data Protection Issues
Compliance with the GDPR in terms of subject access to data, right of access
Thank You for Your Reply!
Thank You for Your Reply! We are processing your message.
11Thank You for Your Submission
Your comment is successfully posted.