We take privacy and the protection of personal information seriously. This privacy notice sets out details about how we gather, use and share personal information and about individual privacy rights. How we use personal information depends upon the context in which it is made available to us.
Our Data Protection Officer (DPO) provides help and guidance to make sure we apply good practice standards to protecting personal information. Our DPO can be reached by email at firstname.lastname@example.org if you have any questions about how we use personal information.
Please note our DPO represents the James Donaldson Group as a whole, and any enquiries about how personal data is used by any Group entity should be directed to the DPO. We do share personal data with other subsidiaries within the Group.
We use a variety of personal information depending on the circumstances under which personal information is made available to us.
We may use personal information in the following circumstances:
We may use your personal information for the following purposes:
We will only use your personal information where it is permitted by law and where:
If you do not provide us with the personal information we request from you, or if you do not allow us to process your personal information that we may obtain from other sources (such as credit reference agencies), we may not be able to offer you our products or services, or continue to administer any services that you have with us.
We may share your personal information with:
We may also share your personal information with third parties in the event that:
We keep your personal information for as long as we need to for the purposes we have set out above. Usually, we will retain your information for 5 or 6 years after the termination of our contract with us as may be required by law, unless there is an exceptional business purpose in which this time period needs to be extended. If you would like to see a copy of our retention policy, please contact our DPO.
We will treat all of your personal information in strict confidence and we will take all reasonable steps to keep your personal information secure once it has been transferred to our systems. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information. If you would like more information about the security measures we use to protect your data, please contact our DPO.
We do not transfer your personal data outside of the European Economic Area. If this changes, we will update this notice and announce this change on our main website homepage.
In order to process your application, we will perform credit and identity checks on you with one or more credit reference agencies. We may also make periodic searches at credit reference agencies to manage your account with us.
To do this, we will supply your personal information to credit reference agencies and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. Credit reference agencies will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.
We will use this information to:
We will continue to exchange information about you with credit reference agencies while you have a relationship with us. We will also inform the credit reference agencies about your settled accounts. If you borrow and do not repay in full and on time, credit reference agencies will record the outstanding debt. This information may be supplied to other organisations by credit reference agencies.
When credit reference agencies receive a search from us they will place a search footprint on your credit file that may be seen by other lenders.
If you are making a joint application, or tell us that you have a spouse or financial associate, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application. Credit reference agencies will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the credit reference agencies to break that link.
The identities of the credit reference agencies, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the credit reference agencies can be obtained from our DPO.
Data protection laws give you a number of rights as set out below. If you would like to exercise any of your rights, please contact our DPO in writing.
If you are not happy with the way in which we process your personal information, or the way in which we handle any request by you to exercise your privacy rights, you may make a compliant to the ICO by visiting their website at https://ico.org.uk/concerns/ or on 0303 123 1113.
We may modify this notice from time to time, so please review it regularly. We will let you know if we make any material changes to this notice by means of an announcement on our website homepage or, if appropriate, by contacting you directly.