0333 323 7800

Privacy Notice

1   What is this Notice?

 

1.1 We take our privacy and data protection responsibilities seriously.  This privacy notice (Notice) sets out how we will gather, use and share personal information.  If you would like to receive this information in an alternative format such as in hard copy large print, please let us know.

1.2  In this Notice, reference to “you” or “your” shall mean you as a customer (whether you are a consumer or an individual representative of a corporate customer) of our hire, hire purchase and loan products and facilities (our “services”).  This Notice should be read together with your agreement with us, which together apply to your use of our services.

2   Who are we?

 

2.1 We are Praetura Asset Finance Limited and we are classed as the “controller” of the personal information that we collect and use about you. Our registered office address is Giants Basin, Potato Wharf, Manchester M3 4NB, and we are registered as a controller with the UK Information Commissioner’s Office (ICO) under registration number ZA020984.

2.2 Our Data Protection Officer (“DPO”) can be contacted at dpo@praeturaaf.com  

3   What kinds of personal information do we use?

 

3.1 When you use our services, we may ask you to provide certain information such as your name, postal address, telephone number, contact number, date of birth, and information about the business you are representing in your dealings with us, insurance information, and your landlord’s details.

3.2 In order to provide our services, we may need to conduct credit checks against you and/or the business you are representing.  This may involve us processing personal information about you that is provided to us by Credit Reference Agencies (“CRAs”).  More information about this is set out in paragraph 10 below.

4   How do we use your personal information?

 

We may use your personal information for the following purposes:

(a) to allow us to process your application and to provide you (or the business you represent) with our services;

(b) to allow us to run checks for identification and creditworthiness, whether via CRAs or checking the Electoral Register and other databases which contain publicly available information about County Court Judgements, bankruptcy and repossessions;

(c) to allow us to manage your account;

(d) to allow us to ask for your feedback, assess customer satisfaction and to improve our overall operations;

(e) to allow us to detect fraud and crime;

(f) to communicate with you by sending you information about similar products or services which we think may be of interest to you. We will not send you marketing communications if you have opted out or if you have unsubscribed from marketing.  You will be able to opt-out of such communications at any time by clicking the unsubscribe link or contacting our DPO. Where we consider necessary, we will ask for your express consent before sending you any marketing emails;

(g) to validate your information to check that the data we hold about our customers is accurate, consistent and up to date; and

(h) to comply with any legal or regulatory obligations to which we are subject.

5   What is our legal basis for using your personal information?

 

5.1 We will only use your personal information where it is permitted by law and where:

(a) we need to use your personal information to perform a contract with you (where you are a sole trader representing yourself);

(b) we need to use your personal information to comply with our legal or regulatory obligations;

(c) you have given us consent to use your personal information (if consent is needed we will ask for this from your separately); and

(d) it is in our legitimate business interests to be able to comply with our obligations and exercise our rights under our contract with the corporate customer you represent, and there is no disadvantage to you or risk to your personal information.

5.2 If you do not provide us with the personal information we request from you, or if you do not allow us to process your personal information that we may obtain from other sources (such as CRAs), we may not be able to offer you our products or services, or continue to administer any services that you have with us.

6 Who do we share your personal information with?

 

6.1 As part of using our services, we will share your personal information with:

(a) other members of our corporate group, for example your information may be held on a central database which is accessible by other members of our corporate group;

(b) our service providers who process and store data on our behalf (such as our IT service providers);

(c) our professional advisers;

(d) our insurers;

(e) any guarantor to your agreement with us;

(f) any broker or introducer of your agreement with us;

(g) CRAs;

(h) crime and fraud prevention agencies;

(i) law enforcement, taxation and legal authorities (which may include the police, HMRC and the Financial Conduct Authority);

(j) claims handling agencies; and

(k) debt recovery agencies.

6.2 We may also share your personal information with third parties in the event that:

(a) our business or substantially all of its assets are acquired by a third party

(b) if we are under a duty to disclosure or share your personal information

(c) in order to comply with any legal or regulatory obligation;

(d) in order to enforce or apply any contract with you (or the business you represent); or

(e) to protect our rights, property, or the safety of our employees, customers or others.

7   How long will we keep your personal information for?

 

We keep your personal information for as long as we need to for the purposes we have set out above. Usually, we will retain your information for six (6) years after the termination of our contract with us as may be required by law, unless there is an exceptional business purpose in which this time period needs to be extended. If you would like to see a copy of our retention policy, please contact our DPO.

8   How will we keep your personal information secure?

 

We will treat all of your personal information in strict confidence and we will take all reasonable steps to keep your personal information secure once it has been transferred to our systems. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information. Please note that we cannot guarantee the security of any data you disclose to us online. There are inherent security risks of providing information and dealing online, which, while we do our best to prevent these risks arising, we cannot 100% ensure the security of your information. If you would like more information about the security measures we use to protect your data, please contact our DPO.

9   Will we transfer your personal information outside of Europe?

 

We do not transfer your personal data outside of the European Economic Area.  If this changes, we will update this notice and announce this change on our main website homepage.

10   What do credit reference and fraud prevention agencies do with your personal information?

 

10.1 In order to process your application, we will perform credit and identity checks on you with one or more CRAs. We may also make periodic searches at CRAs to manage your account with us.

10.2 To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.

10.3 We will use this information to:

(a) assess your creditworthiness and whether you can afford to take the product;

(b) verify the accuracy of the data you have provided to us;

(c) prevent criminal activity, fraud and money laundering;

(d) manage your account(s);

(e) trace and recover debts; and

(f) ensure any offers provided to you are appropriate to your circumstances.

10.4 We will continue to exchange information about you with CRAs while you have a relationship with us. We will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs.

10.5 When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders.

10.6  If you are making a joint application, or tell us that you have a spouse or financial associate, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application. CRAs will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.

10.7 The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail at http://www.experian.co.uk/crain/index.html.

 

11 What are your privacy rights?

 

11.1 Data protection laws give you a number of rights as set out below. If you would like is exercise any of your rights, please contact our DPO in writing.

(a) Access: you may request access to a copy of your personal information.

(b) Withdraw Consent: where our processing of your personal information is based on your consent, you can withdraw your consent at any time.

(c) Rectification: you may ask us to rectify any inaccurate information we hold about you.

(d) Erasure: you may ask us to delete the personal information we hold about you, where there is no reason for us to continue to hold your information.

(e) Portability: you may ask us to provide you with the personal information that we hold about you in a structured, commonly used, machine readable format, or you can ask us to send your information in this format to another controller.

(f) Object: you may object to our processing of your personal information.

(g) Restriction: you can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.

11.2 If you are not happy with the way in which we process your personal information, or the way in which we handle any request by you to exercise your privacy rights, you may make a complaint to the ICO by visiting their website at https://ico.org.uk/concerns/ or on 0303 123 1113.

 

12   Changes to this Notice

We may modify this Notice from time to time, so please review it regularly. We will let you know if we make any material changes to this Notice by means of a notice on our website homepage or, if appropriate, by contacting you directly.