- aqua credit cards are issued and administered by NewDay Ltd. In this Privacy Notice "we" , “our” or "us" refers to NewDay Ltd, its parent company NewDay Cards Ltd and any other companies in the group to which they belong (the NewDay Group) and "you" or “your” refers to anyone whose personal data we process.
- Details of the products offered by the NewDay Group to whom this Privacy Notice applies can be found on our website www.newday.co.uk/products/our-own-brands and www.newday.co.uk/products/our-co-brands. These pages may be updated from time to time.
- We may hold personal information about you even if we do not offer you a card the first time that you apply to us. We will continue to keep information about you after your account is closed. For more details about how long we retain your information please see section “How long we retain your personal information for”. We will not hold information that is excessive or where there is no reason to continue to hold the information.
- We will keep your personal information confidential and secure and will only provide it to others for the purposes explained in this Privacy Notice. For more details about how we share your information with third parties please see section “Information we disclose to third parties and other organisations”.
- All our employees are personally responsible for keeping your personal information confidential. We provide training to all employees to remind them about their obligations under data protection legislation.
- We may change this Privacy Notice from time to time and we will put any changes on our website www.newday.co.uk and, where appropriate, changes will be notified to you by e-mail or by post. Please check our website frequently to see any updates or changes to our Privacy Notice.
- NewDay Ltd and NewDay Cards Ltd are registered on the register of data controllers maintained by the UK Information Commissioner's Office (ICO). NewDay Ltd's registration number is Z272680X and NewDay Cards Ltd's registration number is Z5599433.
- Should you wish to contact us about any aspect of this Privacy Notice you can contact our data protection officer using the following email address firstname.lastname@example.org.
- If you are unhappy with any aspects of this Privacy Notice or the way in which NewDay Ltd is processing your personal information you have the right to raise a complaint directly with the ICO. Their contact details are Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. You can call or email the ICO on 0303 123 1113 or email@example.com.
Where we obtain your personal information
We get personal information about you from a number of sources. For example, personal information that:
- you give us when you apply to us;
- you give to us in emails, letters, during phone calls (including any phone numbers that you use to contact us on) and when registering for services;
- we obtain about the IP address, operating system, devices and browser that you use, including the location of any devices used by you;
- you give when you participate in customer surveys, promotions or competitions;
- we already hold about you;
- we receive when making a decision about your application or account, including personal information we receive from enquiries and searches made at credit reference agencies (CRAs) and fraud prevention agencies (FPAs), from our business partners, from publicly available sources;
- we have about your account with us including details of transactions and payments;
- we collect using first party or third-party analytics tools to track page content and click/touch, movement, scroll, and keystroke activity; or
- from insurers or other firms who provide services to you, including price comparison, aggregator or similar websites that you visited before clicking through to our website.
Information we hold
NewDay Ltd are a data controller for the information that NewDay Ltd obtain when providing your card.
NewDay hold and use the following personal information about you:
- personal information such as your name, address, phone numbers, email address, date of birth, employment and banking and financial details;
- demographic and lifestyle information;
- details of your accounts and any products and how you use them;
- details of when we contact you and when you contact us;
- details of any additional cardholders or financial associates (see section entitled "A guide to the use of your personal information by CRAs, FPAs and the NewDay Group") on or linked to your account;
- personal information we receive when making a decision about you, which may include information about other credit that you have;
- details of other services you have through us or any insurance provided by any other third party;
- as well as any other information we reasonably need to operate your account, make decisions about you or fulfil our legal or regulatory obligations.
- When we are managing your account we may be provided with sensitive personal information such as information about your health or medical information which we may hold and process to provide you with the services that you require.
Information we disclose to third parties and other organisations
We will keep your personal information confidential and only share it with others for the purposes explained below and elsewhere in this Privacy Notice. We have trusted relationships with carefully selected third parties who carry out services on our behalf. All these third parties have a contract with us and have agreed to keep your personal information confidential and secure and only to use it for the purposes that we allow.
We may share your information with the following people and organisations for the purposes detailed below:
To operate your account and provide services to you
- any person working within the NewDay Group to enable us to perform our obligations in relation to the provision of the services or products to you;
- any firm, organisation or person that we use to help us to operate our business, to provide services, to collect payment, to recover debts and to whom we may sell, or consider selling your debts;
- any price comparison, aggregator or similar website that you visit (or visited before clicking through to our website) (whether or not you provided them with any personal information at that time) including to assess your eligibility for any NewDay products and or services that you have agreed to receive marketing for. Please note that you can withdraw your consent to receive marketing from NewDay at any time. Please see section “Marketing Communications” for more details;
- any firm, organisation or person together with whom we provide products and services for example where we are providing a credit card to you on behalf of a retailer. In the event that we share your information with such parties they may also be a data controller for the information they process. You should therefore read their privacy notices very carefully to understand how they process your information;
- any payment system we may use to enable us to process payments in relation to the services and/or products provided to you;
- any firm that provides analytical, market research or similar services; or
- any insurers with whom you have any policy related to your credit card so that they may administer your policy.
To manage your account
- any person who is your close relative, carer or helper where you are unable to handle your own affairs because of mental capacity, ill health or other similar issues and we have been provided with such information to ensure they have the authority to have access to your personal information;
- any additional cardholder on your account.
For the prevention and detection of fraud, crime and/or terrorism
- certain authorities in order to prevent and detect crime and/or terrorism (including authorities outside the UK);
- regulators, including the Financial Conduct Authority (FCA) , the Information Commissioner's Office (ICO) Ombudsman and other authorities including tax authorities, (including those overseas), where we are requested by them to do so.
To CRAs and FPAs
- CRAs and FPAs or any similar agencies as further explained below in see section entitled "A guide to the use of your personal information by CRAs and FPAs and the NewDay Group".
In relation to any business transfer or re-organisation
- We may in the future wish to sell, transfer or merge part or all of our business or assets, or any associated rights or interests or to acquire another business. If we do so, we may disclose your personal information to a potential buyer, transferee, or merger partner and their advisers with whom we are in talks provided that they agree to keep your personal information confidential and to use it only in relation to the possible transactions. If the transaction goes ahead, the purchaser, transferee or merger partner may use your personal information in the same way as set out in this Privacy Notice or provide you with a new privacy notice explaining how your personal information will be used by them.
- In the event that we sell your debt to a third party we will enter into a contract with the third party requiring them to keep your personal information confidential and process it in accordance with the terms of this Privacy Notice. Following the sale of your debt, the purchaser will become the data controller for your personal information and you can request information from them detailing how your personal information will be subsequently used. On the sale of your debt you will be provided with the purchasers contact details as part of our other regulatory obligations.
Granting third party providers access to your online servicing account
Following changes to the law, from 13 January 2018 you can allow an authorised Third Party Provider (TPP) to have access to your online servicing account. These TPPs are sometimes known as Account Information Service Providers and offer such services as the ability for you to look at all your bank and credit card accounts through one Mobile App or Website. You can only use a TPP where you have registered for Online Account Manager.
If you choose to use a TPP, please ensure you understand how their service works, such as how they access your account with us and how they will protect your data. Please be aware that:
The terms and conditions of your card will still apply.
- We will give the TPP access to your account information only, and in the same way as if you were accessing it directly. For example, they will be able to see your recent transactions and your outstanding balance. The TPP is not permitted to change any of your preferences, direct debit details or any information about you and cannot initiate a payment from your account.
- Although you must not, generally, give the security details you use to log-in to our online service to anyone else, you may give them to a TPP if it is necessary to do so. They should agree with you that they will keep these details safe and will only use them for the purpose(s) you have agreed with them.
- We can refuse to allow a TPP to access your account where we are concerned about unauthorised or fraudulent access by that TPP.
All TPPs must be authorised by the Financial Conduct Authority and so you must check, from the information that the TPP gives you before you use their services, that the TPP is authorised. If you give your security details to a TPP that is not authorised, we will assume it is you authorising us to give access to your account. If we become aware that an unauthorised third party is using your security details, we will block access to your account.
How we use your personal information
We will use your personal information to:
- search CRAs and FPAs;
- make, or assist in making, credit decisions about you, assess lending risks and to check the details that you have let us and others have;
- operate and manage your account and manage any application, agreement or correspondence you may have with us and to conduct financial reviews;
- perform other administrative and operational purposes including the testing of systems;
- monitor and analyse our business, including to carry out customer modelling and statistical, trend and transactional analysis;
- form a view of you as an individual and to identify, develop or improve products that may be of interest to you and to carry out market research;
- provide you with products and services and tell you about changes to these products and services;
- send you marketing in accordance with the provisions of section below “Use of your personal information for marketing and contact purposes”;
- carry out audits;
- trace your whereabouts in the event we are unable to contact you in relation to the products or services we provide to you;
- recover any debt you owe us;
- provide information to independent external bodies such as government departments and agencies, universities and similar to carry out research; and/or
- comply with our legal and regulatory obligations and to identify, prevent, detect or tackle fraud, money laundering, terrorism and other crimes.
Your personal information may also be used for other purposes for which you give your permission or where we are permitted to do so by law or it is in the public interest to disclose the information or is otherwise permitted under the terms of the Data Protection Act 1998.
In the event that NewDay receives any funds from a third party which have been incorrectly attributed or applied to your account, NewDay shall have the right to disclose all your available relevant information (including personal information) to the third party’s payment service provider (for example their bank) in order to assist the third party to recover such funds. Additionally, in the event that the third party’s payment service provider is unable to recover such funds on behalf of the third party, NewDay will upon receipt of a written request, provide all your available relevant information (including personal information) to the third party to enable them to recover the funds.
How long we retain your personal information for
We will only retain your personal information for as long as it is required in relation for the purposes it was obtained.
We hold your personal information for the periods listed below:
When you have an account with us
We only keep details of your personal information and details of your account for such period of time to permit us to comply with any legal or statutory obligations after your account is closed.
When you apply for an account but are declined credit
We will keep your personal information for statistical analysis, fraud prevention and credit scoring purposes.
- We know how important it is to keep your personal information secure. We protect that information using strong encryption when personal information is both being transferred and when at rest. Access to personal information is strictly controlled.
- We use firewalls and other security measures to protect our servers and networks from external attack.
- Our security systems meet or exceed industry standards.
Protecting and managing your online privacy
- By using our websites (through any device) you agree that this Cookies Policy applies to that use in addition to any other terms and conditions which may apply.
There are different types of cookies. They all work in the same way, but have minor differences:
- Session cookies – Session cookies last only for the duration of your visit and are deleted when you close your browser. These facilitate various tasks such as allowing a website to identify that a user of a particular device is navigating from page to page, supporting website security or basic functionality. Many of the cookies we use are session cookies. For example, they help us to ensure the security of your online account servicing session, and can also keep you signed in while you move between pages or service your account. Our session cookies used for security are designed to be very difficult to read, change, access or use except by us when you have an active Internet Banking session. They contain no personal information that can be used to identify an individual. Their names typically start with the letters IB e.g. IBSESSION, IBCOOKIE01, IBCOOKIE02.
- Persistent cookies – Persistent cookies last after you have closed your browser, and allow a website to remember your actions and preferences. Sometimes persistent cookies are used by websites to provide targeted advertising based upon the browsing history of the device. NewDay uses persistent cookies in a few ways, for example, to remember your username for log in so you don’t have to (cookie named IBUserID). We also use persistent cookies to allow us to analyse customer visits to our site, for example our cookie named WT_fpc. These cookies help us to understand how customers arrive at and use our site so we can improve the service.
- First and third party cookies – Whether a cookie is a first or third party cookie depends on which website the cookie comes from. First party cookies are those set by or on behalf of the website visited. All other cookies are third party cookies. We use both first party and third party cookies.
- Strictly necessary cookies – These cookies are essential in order to enable you to move around the website and use its features, and ensuring the security of your online banking experience. Without these cookies services you have asked for, such as applying for products and managing your accounts, cannot be provided. These cookies don’t gather information about you for the purposes of marketing.
- Performance cookies – These cookies collect information about how visitors use a web site, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor although they may collect the IP address of the device used to access the site. All information these cookies collect is anonymous and is only used to improve how a website works, the user experience and to optimise our advertising. By using our websites you agree that we can place these types of cookies on your device, however you can block these cookies using your browser settings.
- Functionality cookies – These cookies allow the website to remember choices you make (such as your user name). They may also be used to provide services you have requested such as watching a video. The information these cookies collect is anonymised (i.e. it does not contain your name, address, account details, etc.) and they do not track your browsing activity across other websites. By using our websites you agree that we can place these types of cookies on your device, however you can block these cookies using your browser settings.
- Targeting cookies – These cookies collect several pieces of information about your browsing habits. They are usually placed by advertising networks. They remember that you have visited a website and this information is shared with other organisations such as media publishers. These organisations do this in order to provide you with targeted adverts more relevant to you and your interests. This type of advertising is called online behavioural advertising and those companies providing this advertising are working with the UK’s Internet Advertising Bureau to deliver more information to consumers. To highlight this information, publishers of advertising will, in the future, look to place an icon in the top right hand corner of an advert. This icon when clicked, will take you through to the website "youronlinechoices" (www.youronlinechoices.com/uk) where there is more help and guidance. In addition, NewDay seeks to only use advertising networks which are signed up to the IASH code of conduct for the placement of adverts. This code requires members to have their processes audited by a third party to ensure compliance. For more information on IASH please visit www.iash.org.uk. By using our websites you agree that we can place these types of cookies on your device, however you can block these cookies using your browser settings.
What if I don't want to accept cookies?
- If you wish to restrict or block the cookies which are set by any website - including NewDay websites, you should do this through the browser settings for each browser you use, on each device you use to access the internet.
- Please be aware that some of our services, for example Internet Banking, will not function if your browser does not accept cookies. However, you can allow cookies from specific websites by making them “trusted websites” in your internet browser.
- You may wish to visit the website "allaboutcookies" www.allaboutcookies.org which contains comprehensive information on how to do this on a wider variety of browsers.
Using companies to process your information outside of the UK
We may transfer your personal information so that we can manage your account and provide other services from:
- countries within the EEA (where the same data protection standards apply as in the UK);
- countries outside the EEA and if we do so, we will require that your personal information is handled and protected to standards which are equivalent to UK data protection standards.
We may process payments through other financial institutions such as banks and the worldwide payments system operated by the SWIFT organisation. These external organisations may process and store your personal information abroad in order to fulfil any payment instructions for example when you use your credit card. Additionally, they have to disclose your personal information to overseas authorities to help them to prevent and detect crime and terrorism. If these authorities are outside the EEA, your personal information may not be protected to the same standards as in the EEA.
Using credit scoring and automated decision making
When you apply to us for credit we may use an automated system known as credit scoring to help us decide whether to lend to you. It is a way of assessing how much you are able to afford to borrow and how you are likely to manage your account. Most lenders use credit scoring to help make fair and informed decision about lending.
Credit scoring takes account of information from three sources:
- the information you give us on your application;
- information provided by CRAs and FPAs, including information about how you manage similar accounts; and
- information that may already be held about you by the NewDay Group.
Credit scoring methods are regularly reviewed to ensure they remain fair, effective and unbiased. Using credit scoring helps us to lend responsibly.
How we check your identity
As well as searching CRAs, we may ask you to provide physical forms of identity when you apply for credit for example a copy of your passport and/or driving licence and other information for us to validate your identity.
If you apply to us but we are unable to offer you credit, you can contact us within 21 days of the date of your application to ask to have the decision reconsidered.
Your data subject rights
Under the Data Protection Act 1998 you have a number of data subject rights. Details of these rights and how you can exercise these are set out in the following sections:
Right of Access
You have a right to access certain personal records that we hold about you. This is called a data subject access request and you can make a request by writing to aqua Customer Services, PO BOX 173, Sheffield, S98 1JW. A £10 fee is payable and we may require further information from you in order to identify your identity before disclosing any personal information to you.
Right to rectification
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove any personal information that you think is no longer up to date.
You have a right under the Consumer Credit Act 1974 to request a CRA to provide you with information that they hold about you. A fee is payable.
Use of your personal information for marketing and contact purposes
Information we are required to send you as part of our services
We and members of the group, may send you information directly related to your card and from which you may benefit about, for example, offers, loyalty points or cardholder promotions where these are features of your card. We may also send you marketing and details of how and why we do this and your right to opt out of receiving such communications are set out in section below “Marketing Communications”
We want to make sure that we provide excellent customer service and we use various means of communication to do this including phone, post, email and SMS.
- As part of the application process we ask whether you wish to receive marketing from us.
- We will not send you marketing communications if you ask us not to.
- If you ticked yes to receiving marketing on your application form, but no longer wish to receive such communications, please let us know by writing to Customer Services Team, NewDay Ltd, PO Box 700 Leeds LS99 2BD or phoning us on the number set out on your card or statement.
Recording phone calls
We may monitor or record phone calls with you in case we need to check that we have carried out your instructions correctly, to resolve queries or issues, for regulatory purposes, to help improve the quality of our service, to manage your account and to help detect or prevent fraud or other crimes. Conversations may also be monitored for staff training purposes.
Social networking sites
As part of our commitment to understand our customers better, we may research comments and opinions made public on social networking sites, such as Twitter and Facebook.
A guide to the use of your personal information by CRAs and FPAs and the NewDay Group
PLEASE READ THIS SECTION VERY CAREFULLY
When you apply to us to open an account, we will:
Check our own records for information on:
Any account you and, if you have one, your "financial associate" (as defined in the next paragraph) may have or have had with us.
A "financial associate" is someone with whom you have a personal relationship that creates a joint financial unit in a similar way to a married couple. You will have been living at the same address at the time. It is not intended to include temporary arrangements such as students or rented flat sharers or business relationships.
CRAs may link together the records of people that are part of a financial unit. They may do this when people are known to be linked, such as being married or have jointly applied for credit or have joint accounts. They may also link people together if they, themselves, state that they are financially linked.
Search at CRAs for information on:
- your personal accounts;
- and, if have ever previously made joint applications or have joint accounts that are financially linked, we will check your financial associates’ personal accounts as well;
- very occasionally if there is insufficient information to enable us to assist you, we may also use information about other members of your family;
- if you are a director or partner in a small business we may also check on your business accounts.
Search at FPAs for information on you and any addresses at which you have lived and on your business (if you have one).
What we do with the information you supply to us as part of the application:
Information that is supplied to us will be sent to the CRAs.
If you are making a joint application or tell us that you have a spouse or financial associate, we will:
- Search, link and/or record information at CRAs about you both.
- Link any individual identified as your financial associate, in our own records
- Take both your and their information into account in future applications by either or both of you.
- Continue this linking until the account closes and one of you notifies us that you are no longer linked.
You must ensure that you have a financial associate's consent and agreement to disclose personal information about them to us
If you give us false or inaccurate information and we suspect or identify fraud we will record this and may also pass this information to FPAs and other organisations involved in crime and fraud prevention.
Your personal information may also be used by us to offer you other products, but only if you have given your permission as part of any application that you have completed.
With the personal information that we obtain we will:
Assess this application for credit and/or;
Check details on applications for credit and credit related or other facilities;
Verify your identity and the identity of your spouse, partner or other directors/partners (if any) and/or;
Undertake checks for the prevention and detection of crime, fraud and/or money laundering.
We may use scoring methods to assess this application and to verify your identity.
Any or all of these processes may be automated for more information please see section entitled "Using credit scoring and automated decision making".
What we do when you have an account:
Where you borrow or may borrow from us, we will give details of your personal and/or business account (if you have one), including names and parties to the account and how you manage it/them to CRAs.
If you borrow and do not repay in full and on time, we will tell CRAs.
We may make periodic searches of our own group records and at CRAs to manage your account with us, including whether to make credit available, increase the amount of credit available or to continue or extend existing credit. We may also check at FPAs to prevent or detect fraud.
What credit reference and FPAs do
When CRAs receive a search from us they will:
Place a search “footprint” on your credit file whether or not this application proceeds. If the search was for a credit application the record of that search (but not the name of the organisation that carried it out) may be seen by other organisations when you apply for credit in the future.
Link together the records of you and anyone that you have advised is your financial associate including previous and subsequent names of parties to the account. Links between financial associates will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs.
Financial associates may "break the link" between themselves if their circumstances change such that they are no longer a financial unit. Financial associates should apply for their credit file from a CRA and file for a "disassociation".
CRAs and FPAs will supply to us:
Credit information such as previous applications and the conduct of the accounts in your name and of your associate(s) (if there is a link between you) and/or your business accounts (if you have one).
Public information such as County Court Judgments (CCJs) and bankruptcies.
Electoral Register information.
Fraud prevention information.
When personal information is supplied by us, to CRAs and FPAs in relation to your account(s):
CRAs will record the details that are supplied on your personal and/or business account (if you have one) including any previous and subsequent names that have been used by the account holders and how you/they manage it/them.
If you borrow and do not repay in full and on time, CRAs will record the outstanding debt.
Records shared with CRAs remain on file for 6 years after they are closed, whether settled by you or defaulted.
How your personal information will NOT be used by CRAs: -
It will not be used to create a blacklist.
It will not be used by the CRA to make a decision.
How your personal information WILL be used by CRAs:
The information which we and other organisations provide to the CRAs about you, your financial associates and your business (if you have one) may be supplied by CRAs to other organisations and used by them to:
- Prevent crime, fraud and money laundering by, for example checking details provided on applications for credit and credit related or other facilities
- Check the operation of credit and credit-related accounts.
- Verify your identity if you or your financial associate applies for other facilities.
- Make decisions on credit and credit related services about you, your partner, other members of your household or your business.
- Manage your personal, your partner’s and/or business (if you have one) credit or credit related account or other facilities.
- Trace your whereabouts and recover debts that you owe.
- Undertake statistical analysis and system testing.
How your personal information may be used by FPAs:
The information which we provide to the FPAs about you, your financial associates and your business (if you have one) may be supplied by FPAs to other organisations and used by them and us to prevent crime, fraud and money laundering by, for example;
- checking details provided on applications for credit and credit related or other facilities.
- Managing credit and credit related accounts or facilities.
- Cross checking details provided on proposals and claims for all types of insurance.
- Checking details on applications for jobs or when checked as part of employment.
- Verify your identity if you or your financial associate applies for other facilities including all types of insurance proposals and claims.
Trace your whereabouts and recover debts that you owe.
- Conduct other checks to prevent or detect fraud.
- We and other organisations may access and use from other countries the information recorded by FPAs.
- Undertake statistical analysis and system testing.
Your personal information may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law or where permitted under the terms of the Data Protection Act 1998.
Your personal information may also be used to offer you other products, but only where permitted.
How to find out more
You can contact the CRAs currently operating in the UK; the information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.
- CallCredit, Consumer Services Team, PO Box 491, Leeds, LS3 1WZ or call 0330 024 7574 or log onto www.callcredit.co.uk (Consumer Help Section)
- Equifax PLC, Customer Relations, P.O. Box 10036, Leicester LE3 4FS or call 0844 335 0550 or log on to www.equifax.co.uk
- Experian, Consumer Help Service, PO Box 8000, Nottingham NG80 7WF or call 0344 481 8000 or log on to www.experian.co.uk.
Please contact us at Customer Services Team on 0333 220 2691 if you want to receive details of the relevant FPAs.
Questions and answers
Q: What is a CRA?
A: CRAs collect and maintain information on consumers’ and businesses’ credit behaviour, on behalf of organisations in the UK.
Q: What is a FPA?
A: FPAs collect, maintain and share, information on known and suspected fraudulent activity. Some CRAs also act as FPAs.
Q: Why do you use CRAs and FPAs when I have applied to your organisation?
A: Although you have applied to NewDay and we will check our own records, we will also contact CRAs to get information on your credit behaviour with other organisations. This will help us make the best possible assessment of your overall situation before we make a decision.
Q: Where do CRAs and FPAs get the information?
A: Publicly available information:
- The Electoral Register from Local Authorities
- County Court Judgments from Registry Trust
- Bankruptcy (and other similar orders) from the Insolvency Service
- Fraud information may also come from FPAs
- Credit information comes from information on applications to banks, building societies, credit card companies etc. and also from the conduct of those accounts
Q: How will I know if my personal information is to be sent to a CRA or FPA?
A: You will be told when you apply for an account if your application personal information is to be supplied. The next section of this leaflet will tell you how, when and why we will search at CRAs and FPAs and what we will do with the information we obtain from them. We will also tell you if we plan to send payment history information on you or your business, if you have one, to CRAs. You can ask at any time the name of CRAs and FPAs.
Q: Why is my personal information used in this way?
A: We and other organisations want to make the best possible decisions we can, in order to make sure that you, or your business, will be able to repay us. Some organisations may also use the information to check your identity. In this way we can ensure that we all make responsible decisions. At the same time we also want to make decisions quickly and easily and, by using up to date information, provided electronically, we are able to make the most reliable and fair decisions possible.
Q: Who controls what CRAs are allowed to do with my personal information?
All organisations that collect and process personal information are regulated by the Data Protection Act 1998, and compliance with the Data Protection Act 1998 is overseen by the UK Information Commissioner’s Office. All CRAs are in regular dialogue with the Information Commissioner's Office. Use of the Electoral Register is controlled under the Representation of the People Act 2000.
Q: Can just anyone look at my personal information held at CRAs?
A: No, access to your information is very strictly controlled and only those that are entitled to do so, may see it. Usually that will only be with your agreement or (very occasionally) if there is a legal requirement.