HOW WE USE PERSONAL INFORMATION
- We promise to keep your information safe.
- We promise not to sell it
- We give you ways to manage and review your marketing choices at any time
- We keep a record of when and how we get consents and what you were told at the time.
HOW THE LAW PROTECTS YOU
The law says we must have one or more of these reasons to collect your data
- To fulfil a contract with you
- When it is our legal duty
- When it is in our legitimate interest ( which we must define)
- When you consent.
Transparency means you have the right to be informed about how we will use your data.
GROUPS OF PERSONAL INFORMATION
FINANCIAL –Your financial position, status and history
CONTACT – Where you live and how to contact you
SOCIO-DEMOGRAPHIC – Details about your work, nationality, education, and where you fit into general social or income groups.
TRANSACTIONAL –Details of payments you make to us
CONTRACTUAL – Details about the products or services we provide to you
COMMUNICATIONS- What we learn about you from letters, emails and conversations between us.
OPEN DATA AND PUBLIC RECORDS – E.g Electoral Information, Internet, Newspapers
DOCUMENTARY DATA – E.g copies of ID.
CONSENTS – How you agree we can contact you
NATIONAL IDENTIFIERS – E.g. National Insurance Number
We collect Data from Third Parties such as social networks, fraud prevention agencies, public information services.
WE MAY SHARE THIS INFORMATION WITH
- HMRC , Regulators and other authorities
- Credit Reference Agencies
- Fraud Prevention Agencies
- Any party linked to you ( e.g. Joint Tenant)
- Workmen needing to enter your house
- Companies you ask us to share data with ( e.g. Homelet)
- If you use direct debits we will share your data with the Direct Debit scheme.
- If we sell our business we will only do this if they agree to keep your information safe.
CREDIT REFERENCE AGENCIES
We will share information with CRA’s and they will give us information about you.The data we exchange can include
- Name , address date of birth
- Application form details
- Financial situation and history
- Public Information
We will use this information to
- Assess if you can afford the property
- Make sure what you have told us is the truth
- Help detect and prevent fraud
- Track and recover debts
On a joint tenancy, CRA’s may link your data to other joint tenants. You can ask CRA’s to break the link but you normally have to prove you no longer have a financial link with them.
IF YOU DO NOT PROVIDE DATA WE MAY NOT BE ABLE TO OFFER YOU A TENANCY.
HOW LONG WE KEEP INFORMATION
- We will keep it as long as you are a client
- After you stop being a client we may keep data for up to 10 years for one or more of the following reasons :-
To respond to questions or complaints or
To show why we have treated you fairly or
For historical research and statistical purposes.
You can access personal information by writing to us at ( give address) .You can also ask us to correct any information you believe to be incorrect. We do not have to provide information where the request is disproportionate or has already been given previously .
WHAT IF YOU ASK US TO STOP USING YOUR PERSONAL INFORMATION?
This is also known as “The right to be forgotten”. There may be legal or other reasons why we need to keep or use your data. In such cases we can restrict the use of your data to legal claims or to exercise legal rights.
YOU CAN WITHDRAW CONSENT BY WRITING TO US AT (ADDRESS)
YOU CAN COMPLAIN TO US IF YOU ARE UNHAPPY WITH HOW WE HAVE USED YOUR PERSONAL INFORMATION AT ( THIS ADDRESS)
YOU CAN ALSO COMPLAIN TO THE INFORMATION COMMISSIONERS OFFICE . FIND OUT ON THEIR WEBSITE HOW TO REPORT A CONCERN.
VITAL INTERESTS – We can pass on details in an emergency e.g. medical care if you are physically or legally incapable of giving consent.
We supply a copy of information free of charge. We can charge a reasonable fee when a request is manifestly unfounded , or excessive, particularly if it is repetitive. We may charge a fee where we have already supplied the information.
We must supply information without delay and in any event within one month. This can be extended by up to 2 months if during that month the request is considered complex and/or numerous, and if we do we have to explain why.
We must verify the identity of the person making the request using “reasonable means”
DATA PROTECTION IMPACT ASSESSMENT
This will allow an organisation to identify and fix problems at an early stage.
Further guidance see ICO Conducting privacy impact assessments code of Practice.