Data Privacy Policy

Introduction

When you apply Inksmoor Finance Group Limited (“IFG”) and Inksmoor Selective Finance Limited (“ISF”) services, carry out transactions, or contact us to make an enquiry or a complaint, we will collect personal data about you.

This Privacy Notice details the types of personal data we collect either from you or from others, what we do with it, who we share it with, how long we keep it and your rights.

When we refer to ‘we’, ‘our’ and ‘us’ in this Privacy Notice we mean  IFG and ISF which for Data Protection purposes are the Data Controllers.

Personal Data We Collect About You

We may collect, use, share and keep the following type of personal data about you:

Personal data we collect Why we collect this
Name, title, address, contact details (including ant previous changes), date of birth and/or age To:

·       Identify you

·       Communicate with you

·       Manage your relationship with us

·       Use for crime and fraud prevention purposes

Business Role (e.g. director, partner, shareholder, sole trader, company secretary) To:

·       Identify you

·       Communicate with you

·       Manage your relationship with us

·       Use for crime and fraud prevention purposes

Account date (including performance information) To:

·       Manage your relationship and accounts with us

·       Use for crime an fraud prevention

Criminal convictions, pending convictions, bankruptcy/ receivership, county court judgements and court records To:

·       Assess the sustainability of our accounts and services

·       Use for crime and fraud prevention purposes

Information about your computer and your visits to and use of our website.

(including your IP/MAC address. Geographical location, browser type and version, operating systems, referral source, length of visit, page views and website navigation)

To:

·       Understand your needs and experience with us

·       Manage your subscription to our website services

·       Improve our systems and website services

 

In some cases the personal data we collect about you may reveal more sensitive data defined by data protection regulations as special category (e.g. your ethnic or racial origin, health, political opinions, religious or philosophical beliefs, trade union membership, sex life or sexual orientation and genetics or biometrics). This will be limited to what’s needed. We will only collect and use this special category personal date when we have to in order to meet a legal obligation, with your explicit consent, or where we believe you or another person may be at risk.

Who We Share Personal Data With and Why

Solicitors, accountants, brokers and other professional advisers To:

·       Provide professional services

·       Manage ongoing relationships

·       Administer and manage disputes and/or legal claims

Financial organisations To:

·       Review and assess your suitability and application for products and services

·       Manage payments (including the use of payments services involving the transfer of electronic payments into or out pf your account) and transactions

·       Respond to requests for the postponement for a charge on your property

·       Detect and prevent fraud

·       Assist with enquires and investigations

Mailing houses and printers To provide you with:

·       Service information (eg account statements)

·       A range of other communication about out other products, services, news and offers

We will only send you marketing material when we have given us your consent. Upon giving us giving us your consent, you will also be entitled to opt out of any future marketing relation communications.

Information Technology service providers To:

·       Provide third party systems, storage, software and applications support.

Credit reference agencies To:

·       Verify your identity

·       Assess your suitability and affordability for accounts and services

·       Assess and confirm your credit worthiness

Law enforcement agencies including police forces, private investigators, security organisations and prosecuting authorities To:

·       Assist with any ongoing investigations relating to the security and/or safety of individuals to detect and prevent crime

Courts and tribunals To:

·       Respond to court and tribunal requests, manage and resolve complaints, disputes and/or legal claims

Trade associations and industry groups To:

·       Assist with enquires, investigations, complaints and assessments

·       Develop industry standards

·       Understand and predict trends in customer and financial behaviours

HMRC To:

·       Provide information for tax reporting purposes

·       Assist with enquiries, investigations, complaints and assessment

·       Detect and prevent fraud

Central and local government departments and agencies (eg Department of Work and Pensions (DWP), Jobcentre Plus, local councils) To:

·       Confirm payments received and ongoing benefits

·       Assist with enquiries, investigations, complaints and assessment

 

Field agents, debt collectors, agencies, tracing agents and applied receivers and trustees in bankruptcy. To:

·       Understand your circumstances and financial situations

·       Assist in recovering debt

·       Locate you when we have been unable to contact you via our usual communicate channels

·       Meet the law where receivers to trustees in bankruptcy have been appointed to deal with your financial affairs

 

Research an insight agencies To:

·       Better understand our customers including their experiences, life-stages, circumstances, needs and responses to current and potential Inksmoor Finance Services products, services and wider initiatives

·       Support a wide range of business decisions making such as product development.

In addition we use data for profiling and customer segmentation to create a broad understanding to our customers

This helps shape our communications, products and the overall customer experience including how we handle phone calls and other contacts

Management Consultancy firms To:

·       Gain insights into market trends, consumer behaviour, competitors and technological change

·       Help make recommendations into future development and strategy

·       Get support with a range of business decisions

Other organisations involved in handling mergers, acquisitions and other corporate transactions To:

·       Enable the sale or purchase of all or part of our business

We will only do this with adequate protection and wit all a contract in place to protect the security and confidentiality of the information

External auditor, risk and rating agencies To:

·       Support a wide range of business decisions making such as product replacement

·       Validate reports

·       Facilitate the management and audit of business operations

·       Assist in meeting our legal obligations

Data modelling and risk organisations To:

·       Understand and predict trends in customer and financial behaviours

·       Support a wide range of business decision making including the provision of credit to customers

·       Review and validate the accuracy of reports and/or model outputs from other organisations

 

 

What Allows Us To Collect, Use, Share and Keep Your Personal Data: Lawful Basis

We can only collect, use, share and keep your personal data when we have a lawful basis for doing so. The lawful basis will be different dependent on the relationship you have with us and what we do with your personal data.

To find out more about what the different lawful bases are, what they mean and how they affect you, see below:

Lawful basis More details about what this means
Legal obligation Where we are required by law to collect, use, share or keep personal data we will do so.

As an organisations operating in a regulated industry we have to comply with the laws and regulations set by government bodies, and for personal data the Information Commissioner’s Office. If we are unable to meet our legal obligations we will be unable to continue with your application and provide the ongoing management of the accounts, products and services.

Contract This is where you chose to enter into an agreement with us or make an enquiry with the intention of entering into an agreement. This includes the terms and conditions for the ongoing management of those accounts, and products and services once opened.

If you do not enter into an agreement with us we will be unable to continue with your application and provide the ongoing management of your accounts, products and services.

Legitimate business interest This is where we or another third party has a valid interest in the personal data we collect, use, share and keep as long as it does not unduly affect you or cause you undue detriment, damage or distress.

 

You have a right to challenge our legitimate interest if you believe we do not have a valid reason to collect, use, share or hold your data.

Marketing Consent This is where we ask for your agreement to contact you specifically promote to our services to you.

You can withdraw your consent at any time.

If you withdraw your consent for marketing you may miss out on information about our products, services, offers and other news that may be of interest to you.

Explicit consent Where we collect, use, share or keep special category (sensitive) personal data we will tell you and ask for your explicit consent before we do this.
Vital interest This is applied in very limited circumstances where we feel you or another individual may be at serious risk (e.g. life or death circumstances) and no other lawful basis can be applied.

 

 

How We Use Your Personal Data

We will use your personal data to:

  • identify you
  • understand your needs and experience with us
  • deal with enquiries and complaints made by you or about you in relation to our services and/or website
  • open and manage your accounts, payments, transactions and relationships with us
  • enable your use of service available on our website
  • personalise our website to improve your browsing experience
  • Communicate with you by sending you:‐
    • general service information (non marketing) commercial communications
    • email notifications which you have specifically requested
  •  Carry out credit and identity checks
  • Detect and prevent fraud
  • Administer and manage disputes and/or legal claims

 

Credit and Identity Checks

In order to process your application, we are required by law to identify you. We do this by using automated systems provided by one or more credit reference agencies. If you take products and services from us we may also make periodic searches at credit reference agencies to manage your account in future.

To do this they will give us data about you. This will include public data (e.g. from the electoral register) and other data (e.g. from your credit applications) about your financial situation, financial history, and specific fraud prevention data.

We will use this data to:

  • identify you
  • assess your creditworthiness and whether you can afford to take the product
  • prevent criminal activity, fraud and money laundering
  • manage your accounts
  • trace and recover debts
  • ensure any offers provided to you are appropriate to your circumstances

We do not exchange data about you with credit reference agencies.

When credit reference agencies carry out a search they will place a footprint on your credit file that may be seen by other lenders.

Credit reference agencies will link your records together if they identify a link between you and/or any individual identified as your spouse or financial partner. These links will remain on the files until such time as you or your partner successfully files for a disassociation with the credit reference agencies to break that link.

The credit reference agency checks we carry out are a condition of the contract you take out when applying for products and services with us.

Any documents requested or provided to help prove your identity may be checked with the issuing authority and/or anyone who has certified a copy.

The data from the credit reference agencies is used to automatically assess your application against IFG and ISF facility underwriting criteria. If your application is declined based on this automatic assessment you have a right to challenge the decision. If you do not agree with the assessment you can contact us to challenge the decision and we will give you the opportunity to discuss this with us and review the results of the assessment for accuracy.

The information we obtain from credit reference agencies is owned by them and limited to what needed for our own purposes. We will tell you if your application is rejected because of information we have received from credit reference agencies but will not be able to provide any details. You will need to contact the credit reference agencies directly to request a full credit report if you require details of what they hold about you.

Communicating with you

We will use any of the contact details we hold for you to communicate with you about the products and services you hold with us, contact you as requested and to send you information we are required to provide you (e.g. account statements)

Marketing

We may use your information to provide details about our products, services, news and offers that we believe may be of interest to you.

We will only get in touch with these types of communication if you have given your consent to be contacted for marketing purposes, and only contact you by the methods you have agreed to (e.g. post, telephone, email, text).

We will not pass on your details to any third party without your express consent.

Transfers outside the EEA

We do not transfer any personal data outside the European Economic Area (EEA)

Sale or purchase of all or part of our business.

If we sell or transfer all or part of our business, we may share or transfer customer records and data as part of the proposed / actual sale or transfer. Before we do this we will ensure there is adequate protection in place by imposing contractual obligations on the buyer / seller to ensure the security and confidentiality of your data.

 

Cookies

We may store data about you using cookies (files which are sent by us to your computer or other device you use to access our website) which we can access when you visit our site in future. We do this to provide the online services you request, understand your needs, improve our website services and provide a better experience for you.

We use the following types of Cookies:

  • “Persistent” ‐ to recognise you when you re‐visit our site. These will remain on your computer until deleted, or until they reach a specified expiry date.
  • “Session” ‐ to keep track of where you are whilst navigating our website. These are deleted from your computer when you close your browse
  • Strictly necessary – to provide the services you have requested

We also use Google Analytics to analyse the use of this website. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to our website is used to create reports about the use of the website. Google will store this information. Google’s privacy policy is available at: http://www.google.com/privacypolicy.html.

Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites, including this one.

Further information about deleting or controlling cookies is available at www.AboutCookies.org. Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our website.

 

Data Management and Retention

We have a records management and retention policy in place to determine how long personal data needs to be kept which is based on our legal, regulatory and business requirements. How long we keep your personal data is based on the client account status and the types of accounts, products and services associated with us. When determining retention periods we consider the following:

  • Legal and regulatory guidance, case law and expected outcomes
  • Maximum or minimum retention periods identified by the law or our regulators
  • Ours and others contractual rights and obligations
  • Your expectations
  • Current or future operational requirements
  • The cost of maintaining, storing, archiving, and retrieving the data
  • Forensic requirements, for example the potential need to access data no longer actively used in order to manage or respond to complaints and disputes
  • Our policies and standards
  • The risks involved in retention, deletion and removal
  • The capability or restraints of our systems and technology

 

Prospective Clients / Clients

If you make an enquiry but do not continue to client status, we will keep your information for 6 months.

If you do take our service, we will hold your information for up to 6 years after the term of the relationship; 15 years where criminal activity has been identified.

 

Client Related Suppliers / Customers

Longevity of the client and up to 6 years after the term of the relationship; 15 years where criminal activity has been identified.

 

Suppliers

We will hold information for up to 6 years after the term of the relationship.

 

Data Subject Access Requests

If you make an enquiry with regard to data held about you, the required documentation you send will remain on file for 3 months.

Your Rights

You have certain rights in relation to your personal data, not all rights apply in all cases, and these are explained in more detail below:

You have a right to: What this means:
Be informed The purpose of this privacy statement is to do this. We also do this by giving a notice in our application process, web pages and telephone scripts when we collect new or additional data from you. See the list below for details of the information we are required to include:

 

·       who is collecting, using, sharing and keeping your personal data

·       the reason it is being collected

·       what it will be used for

·       what allows its collection, use, sharing and storing

·       how we work out how long it will be kept

·       what countries outside the European Economic Area (EEA) it will be transferred to and the security measures in place

·       what your rights are

Access your personal data We will allow you access and give you details of the personal data we hold about you including the data covered in your right to be informed above.
Have inaccurate or incomplete personal data corrected We will correct and/or update your personal data if you inform us or we identify that it is inaccurate or incomplete.

 

Request erasure We will delete your personal data if:

 

·       we no longer need it for the reason(s) we told you

·       you withdraw your consent and this is the only lawful basis allowing us to collect, use, share and/or keep it

·       you object and we do not have a valid business interest that does not unduly affect you or cause you undue detriment, damage or distress

·       the collection, use, sharing, keeping of it is unlawful

·       we are required by law to do so

Restrict the collection use, sharing and keeping of personal data We will put on hold the collection, use, sharing and deletion of your personal data when:

 

·       its accuracy needs to be verified

·       you have objected and we need to consider if our legitimate business interest overrides your request

·       it has been collected, used, shared or kept unlawfully and you have requested that it’s not deleted but want it to be restricted

·       we no longer need it but you request it to establish, exercise or defend a legal claim

We will tell you before we remove any restrictions.

Object  

You can object to the collection, use, sharing and retention of your personal data where:

 

·       you feel our legitimate business interest will cause you undue detriment, damage or distress where this is the lawful purpose for collecting, using, sharing or keeping data

·       You do not agree to direct marketing (including profiling)