For the purposes of the Data Protection Act (‘DPA’), we are the ‘Data Controller’ (i.e. the company who is responsible for, and controls the processing of, your personal data).
This Policy was last updated on 26th April 2018 in line with the General Data Protection Regulation (GDPR) reform that is due to take effect from May 2018. The reform sets out more rights for individuals and greater transparency in how personal data is processed by Data Controllers, such as consent, distribution, marketing and deletion. As we are a credit intermediary.
Personal data We may collect
We will obtain personal data about you (including your name, address, date of birth, contact information, interests, payment details, financial information and opinions) and those whose personal data you have with express authority disclosed to us (‘others’) whenever you complete an online form or make a telephone enquiry with us to receive our services. If you submit an online enquiry you will be required to agree to the terms of this Policy which include permitting us to contact you for the purposes of the finance related enquiry via the contact means of which you provide us with the details of. i.e. email address, telephone number, etc.
For example, we will obtain personal data when you (e.g. contact us for any reason, or purchase services). In certain circumstances, we may hold sensitive personal data if you provide us with such information if you feel that it is relevant for the purpose of your enquiry, but we will not ask for such information. Any sensitive personal data obtained and recorded will only be done so with your explicit consent.
How We use personal data
We will use the personal data you disclose to us for the purposes described in Our Terms. These purposes include:
- to assist us in processing your enquiries and obtaining the services which you require;
- undertaking credit checks;
- customer profiling and analysing your preferences;
- marketing (providing you have opted-in) [for further information see ‘Marketing and opting-in’ below];
- fraud prevention and detection;
- billing and order fulfilment;
- customising our website and its content to your particular preferences;
- to notify you of any changes to our website or to our services which may affect you;
- security vetting; and
- improving our services.
Marketing and opting-in
We may share your personal data with organisations as set out in the ‘Disclosure of personal data’ section below. If you have opted-in to receive our marketing material, we will ensure that it is to your requirements and granular. We or they may contact you or others (unless you have asked us or them not to do so) by mail, telephone, text message, email, (each contact method requires its own consent via an opt-in selection) The nature of these marketing communications relate to information on products, services, promotions and special offers which we believe may be of interest to you or others. If you or others would prefer not to receive any further direct marketing communications from us or our business partners, it is possible to opt out at any time. See further ‘Your rights’ below.
Disclosure of personal data
We may disclose personal data which you provide to us to:
- Our agents and service providers (e.g. providers of web hosting, maintenance services or potential funders);
- Law enforcement agencies in connection with any investigation to help prevent unlawful activity;
- Our business partners in accordance with the ‘Marketing and opting out’ section above, specifically being:
- our group companies (as defined in the Companies Act 2006);
- finance companies with whom we deal for the purposes of providing our services to you;
- Insurance companies with whom we deal for the purposes of providing our services to you and to verify information provided to us by you; and
- other third parties with whom we deal with in the course of providing our services to you; and
- Any regulators within whose jurisdiction we operate within from time to time.
Please be aware that we will not sell or otherwise disclose any personal data provided to us to any other party.
We take the appropriate measures to ensure that the information disclosed to us is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used.
Use of Google Analytics Advertising
We use Google Analytics Advertising Features (‘GAAF’) through our website, which means that certain information about the traffic on our website is collected. In light of using GAAF, We will not facilitate the merging of personally-identifiable information with non-personally identifiable information collected through GAAF unless we receive your express consent to that merger.
Furthermore, We are hereby notifying You that:
- The specific GAAF feature(s) which we have implemented are:
- Remarketing with Google Analytics
- Google Display Network Impression Reporting
- Google Analytics Demographics and Interest Reporting
- We use first-party cookies (such as GAAF cookies) or other first-party identifiers, and third-party cookies (such as advertising cookies) or other third-party identifiers together and that this is done in the ways detailed under the sub-heading ‘Use of First & Third Party Cookies and Identifiers’ below; and
- You can opt-out of the GAAF you use, including through Ads Settings, Ad Settings for mobile apps, or any other available means such as the Google Analytics currently available opt-outs accessible via google.com/dlpage/gaoptout.
You have the right to request access to your personal data which we process. This formal request is made under the DPA and is referred to as a Subject Access Request. If you wish to exercise this right and make a Subject Access Request, you should;
- Put your request in writing; either by Email or by letter.
You have the right to require us to correct any inaccuracies in your data free of charge. If you wish to exercise this right, you should:
- Either speak to us via telephone or put your request in writing;
You also have the right to ask us to stop processing your personal data for direct marketing purposes. If you wish to exercise this right you should:
- put your request in writing (email to: email@example.com
- with a header that says ‘unsubscribe’ is acceptable);
The criteria used to determine the period of storage of personal date is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as is no longer necessary for the fulfilment of the contract or the initiation of a contract.
Our contact details
If You wish to contact us, please send an email to firstname.lastname@example.org or you can write to us at Egon Limited, E-Innovation Centre, Shifnal Road, Priorslee, Telford, Shropshire, TF2 9FT or call us on 01952 290949. We may change this Policy from time to time. You should check this policy occasionally to ensure you are aware of the most recent version which will apply each time you deal with us.