It’s a truth that however careful we are with our own data, some company, organisation or government body will probably be hacked and “give away” our data.

Case in point – Carphone Warehouse.

Now I’ve never bought a phone at the Carphone Warehouse. I might have bought the odd accessory, but that’s about it. However last night I got a text from “Carphone.” The text said that I should visit a website.

Reading that site it became clear that one of the websites Carphone Warehouse operates is mobiles.co.uk. And I think that it was through this website that I bought a phone on my current number. At some point subsequently, Carphone bought that website.

I conducted that transaction EIGHTEEN YEARS AGO.

Ever since, when I’ve changed phones, tariffs or even service providers, I’ve done so direct with the operators, or via their retail outlets.

Quite why Carphone/Mobiles.co.uk was still holding onto my data 18 years after I conducted a transaction I know not.

The Information Commissioner’s Office says data shouldn’t be kept for “longer than is necessary for the purpose you obtained it for.”

While I would allow that they may need to retain transactional information for the lifespan of my contract at the time, and that for tax auditing reasons financial data must be kept for six years, it really shouldn’t be kept much longer. And surely keeping that kind of data for 18 years when I’ve not been a customer is outrageous.

In truth I’m not certain that there’s a great deal a hacker could glean from my data. I’ve moved, and I have different card details. My name and phone number of course, remain the same.

Nonetheless, it all goes to show that however careful you might be with your data, you’re at the mercy of just about every business you ever conduct a transaction with.