Misuse of personal data and fraud is a growing problem that is becoming increasingly sophisticated. This is an interesting case which raises a number of unique issues and concerns across a whole spectrum of legislation.



A customer received a phone call about a pre-registered car he was looking to purchase, although the conversation digressed to an offer of a brand new car for just £1 extra. He was confused, but thinking it was a good deal he paid a deposit over the phone and gave his details to secure the finance.

He didn’t hear anything after that to confirm that the finance had been accepted or anything regarding the delivery of the vehicle, except for an odd call from Vauxhall Partners who asked if he qualified for a discount through his workplace. He replied by saying that he didn’t and when he said ‘no’, they hung up pretty quickly.

The customer went into the showroom 11 days after paying the deposit because he was sure that they had taken the deposit and sold the car to someone else. The car had arrived that day and one of the salesmen let slip that the reason they had managed to get the deal so cheap is because one of their Team Leaders had registered the customer as a family friend with Vauxhall Partners to secure the discount.

Despite the finance being accepted, he hadn’t signed anything yet nor had he seen the car. His question was, “By using his details to get a discount from Vauxhall Partners, have they breached GDPR regulations?”


It is clear that the dealership has breached the GDPR Act 2018 by misusing the customer’s personal data to obtain the discount from Vauxhall Partners, which he is aware of and is therefore complicit in the fraud.

I believe that there is also a breach of the Misrepresentation Act 1967. It is clear that a misrepresentation has taken place here by the (FCA regulated) salesman stating that the customer is a friend / family member and misusing the personal data to secure the (fraudulent) discount from Vauxhall which amounts to £2,100.

A car is not a regulated product, although any salesmen using finance products to sell vehicles are regulated by the Financial Conduct Authority (FCA) which is a separate and serious matter in itself.


This national chain of garages has a bad reputation for nefarious practices and the customer is wondering if he should proceed as on the face of it he is getting a good deal.

If someone was so casual with the misuse of my personal data, I would be wondering what else they are capable of regardless of the substantial discount involved.

Knowing that the dealership’s actions are illegal and carrying on is conspiracy and a criminal act.

I simply would not complete the contract knowing that a fraudulent misrepresentation has taken place. I would throw the kitchen sink at anyone misusing my personal data to commit a fraud, even if I stood to benefit from it knowing what the implications are if it came to light on an audit.

You would also be locked in to dealing with them for years to come, which is the last thing you would want as my experience inspired me to write a book about resolving complaints.

What would you do if your personal data was being used to commit a fraud you would benefit from?

Pin It on Pinterest

Share This

Share this post with your friends!