Darlington Building Society — ICO Data Protection Complaint
When the institution's Data Protection Officer fails to respond to your Subject Access Request within 30 days, this is a GDPR breach. We file a complaint with the Information Commissioner's Office to create regulatory pressure.
The ICO investigates data protection breaches. This creates pressure but the ICO cannot order marker removal directly
What this stage means
This is a data protection complaint to the UK's regulator. When Darlington Building Society's Data Protection Officer fails to respond to your Subject Access Request within the 30-day legal deadline, that is a standalone GDPR breach — regardless of the marker dispute itself. The ICO investigates this breach and creates regulatory pressure on Darlington Building Society.
When you reach this stage
You reach this stage when Darlington Building Society's DPO has failed to respond to your SAR within 30 calendar days. Because we submit the SAR in parallel with the initial complaint, this clock is already running from the start of your case.
What they will assess
- Whether Darlington Building Society's DPO received the SAR
- Whether they responded within the 30-day statutory deadline
- Whether the response was complete and accurate
- Whether Darlington Building Society has adequate data protection procedures
- Whether there is a pattern of non-compliance
What strengthens your case
- Clear proof the SAR was submitted with date and delivery confirmation
- Evidence that 30 days have passed without a response or with an incomplete response
- The link between the SAR failure and the broader marker dispute
- Any evidence of Darlington Building Society having systemic data protection issues
- The fact that an active ICO complaint significantly strengthens a court claim
What we provide at this stage
- ICO complaint documenting the DPO's failure to respond
- Evidence of SAR timeline breach (30-day limit)
- UK GDPR accuracy arguments for the marker data
- Documentation strengthening any future court claim
What you need for this stage
- Proof your SAR was submitted (date and method)
- Evidence the DPO failed to respond within 30 days
- Any partial response received
Common outcomes at this stage
The ICO contacts Darlington Building Society about the SAR breach — creating regulatory pressure
Darlington Building Society responds to the SAR (often producing evidence that helps the marker complaint)
The ICO issues guidance or a reprimand to Darlington Building Society
The active ICO complaint strengthens the court claim documentation
Many institutions settle the broader dispute once the ICO is involved
What happens next
The ICO complaint creates pressure but cannot directly remove the marker. Its main value is twofold: it often forces Darlington Building Society to finally respond to the SAR (revealing their evidence), and it strengthens any future court claim by documenting a pattern of data protection non-compliance.