Privacy Policy
1. WHO WE ARE
2. OUR LEGAL GROUNDS FOR HANDLING YOUR PERSONAL DATA
- Performance of contract with you: we need to use your personal data to be able to successfully legally contract with you.
- Compliance with our legal obligations: we need to use your personal data so as to comply with certain legislation such as financial crime legislation.
- Legitimate interests: these are our business and commercial reasons for using your data, which we have balanced against your interests. We have certain legitimate interests in using your data which are not outweighed by your interests, fundamental rights or freedoms. These legitimate interests are to help prevent and detect financial crime, fraud and money laundering, to promote responsible lending, to support our tracing, collection and litigation procedures and to assist our compliance with the legal and regulatory requirements placed upon us.
- Your consent: we may also use your data when you consent to it. You can withdraw this consent at any time, in which case we will cease to use it, unless we have a right and a need to continue processing it for one of the other reasons set out above.
3. WHAT PERSONAL DATA IS COLLECTED ABOUT YOU AND HOW WE COLLECT IT?
- When you apply for our products and services and throughout the course of our dealings: for example, your name, national insurance number, postal address, your email address, your IP address, telephone numbers, date of birth, bank account details, equipment requirement details, home ownership details, reason for borrowing, your assets and liabilities, details of your proof of identity documentation, proof of address documentation, evidence of additional equity available and evidence of any other business interests
- When you talk to us: for example on the phone, or in person including call recordings and voice messages. We may monitor or record calls with you to check we have carried out your instructions, to resolve queries or disputes, to improve the quality of our service or for regulatory or fraud prevention purposes
- In writing: for example letters, emails, texts and other electronic communications
- Online: for example when you use our website or mobile app
- In financial reviews, for renewals and in any surveys etc
- Transaction data: for example what sort of products you are selecting, the length of term, the types of asset you are looking at financing, business type and geographical location
- Payment data: for example, the amount, origin, frequency, history and method of your payments
- Usage and profile data: for example, the profile you create to use our website and mobile app and how you use it. We gather this data from the devices you use, using cookies and other software
Data provided by third parties:
- Data from persons that introduce you to us: for example brokers, product suppliers, financial advisers, agents, finance providers or other third parties
- Data from credit reference agencies, most likely to be either Experian, Creditsafe, Equifax or CallCredit
- Data from fraud prevention agencies
- Publicly available information: for example, from the land registry, companies house, the electoral register, other information available online or in the media, including social media
- Data from your representatives where relevant: for example your legal and financial advisers such as lawyers and accountants**
- Data from your employers and medical data where relevant*
4. WHY PERSONAL DATA IS COLLECTED BY US
Activity |
Legal basis |
Legitimate interest |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
From time to time we may contact you to ask for your consent to use your personal data for other purposes. Your personal data may also be used for other purposes where required or permitted by law.
When we and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested. We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime. Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
In order to process your application we may supply your personal information to credit reference agencies (CRAs) in which case they will give us information about you, such as about your financial history. We do this to assess your creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity. When CRAs receive an application from us they may place a search footprint on your credit file that may be seen by other lenders and used to assess applications for finance from you and members of your household. The CRA may also share your personal information with other organisations. We may also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. Your data will also be linked to the data of your spouse, any joint applicants or other financial associates. We can provide you with the identities of the CRAs and the ways in which they use and share personal information upon your request. More information about CRAs and how they use your personal data is available at CRAIN.
From time to time we may provide your information to our partners, third parties and customer service agencies for research and analysis purposes so that we can monitor and improve the services (or as the case may be) we provide. We may contact you by post, e-mail or telephone (or as required) to ask you for your feedback and comments on our services (or as the case may be).
From time to time we may also contact you about our other goods or services that may be of interest to you.
5. WHEN PERSONAL DATA IS SHARED
We may also share your personal data with CRAs, fraud prevention agencies, law enforcement agencies, regulators and other authorities, the UK Financial Services Compensation Scheme, any agent that you have given us authority to communicate with and persons you ask us to share your data with, companies that we introduce you to, market researchers tracing and debt recovery agencies and customer service agencies for the purposes set out above. These agencies and firms may also share your personal data with others.
6. CONSEQUENCES
7. WHAT CHOICES AND RIGHTS YOU HAVE
- object to our controlling and processing your personal data;
- object to our sharing of your personal data with others or with certain organisations;
- request that your personal data is erased or corrected or that its processing be restricted;
- request access to your personal data and for it to be given to you in a portable format;
- request that we transfer your personal data to another lender;
- request that we confirm what personal data we currently control and/or process in relation to you.
For further information on how your information is used, how we maintain the security of your information and your rights in relation to it, please contact info@firstcapitalfinance.co.uk
8. HOW LONG PERSONAL DATA IS KEPT
9. COOKIES
10. DIRECT MARKETING
11. OPEN BANKING
What is Open Banking?
Open Banking is the secure way of providing access to your bank or building society account to providers who are registered for this purpose.
Registered providers and participating banks and building societies are listed under the Open Banking Directory.
Open Banking was set up by the UK Government to encourage more competition and innovation in the financial services sector.
As a forward-thinking lender, we support the use of Open Banking as it allows us to process applications for our products and services efficiently, securely and in our consumer’s best interests.
By permitting access to your bank or building society account information we are able to make a better lending decision as we shall be able to verify your income, outgoings and other matters in order to assess what terms would be suitable for you based upon what you can reasonably afford to repay.
Further information about Open Banking is available from www.openbanking.org.uk.
How will my personal data be shared and used for the purposes of Open Banking?
By proceeding with your product application you expressly consent to us sharing your personal, contact and application details (“the Shared Personal Data”) with our registered Open Banking partner, Perfect Data Solutions Limited (“PDS”) who are also a credit reference agency. During your application we shall safely and securely direct you to PDS’s secure portal (“the Portal”) for the purposes of granting PDS access to your bank or building society account information (“Transaction Information”). As soon as your Transaction Information is received it shall be reported back to us in the form of a completed search in order that we may continue to process your loan application (“the Permitted Purpose”).
Further information about PDS including their registered provider and regulatory status is available from www.lendingmetrics.com.
Is Open Banking secure?
PDS are registered under the Open Banking Directory as an account information service provider and are also regulated by the Financial Conduct Authority as a payment services firm under number 802599. Any data you submit via the Portal will be encrypted and its usage tracked as part of set Open Banking data security standards.
We are responsible for the secure transmission of any Shared Personal Data to PDS, for safely directing you to the Portal and for the safe receipt and usage of your Transaction Information.
You will not be required to share your banking password or log in details with either us or PDS. Once you have given your explicit consent to share your bank account information on the Portal you will be directed to your own bank or building society’s login page where you will enter in your own login details directly.
Save as set out above or elsewhere in this Privacy Policy, we are not responsible for your direct data transmissions with PDS or with your own bank or building society.
How will my Shared Personal Data and Transaction Information be used?
PDS shall, subject to their own terms and conditions and privacy policy, and, if your bank or building society is registered to provide access under the Open Banking Directory, obtain your Transaction Information and submit this back to us for the
Permitted Purpose. By way of example, the Transaction Information that we shall receive is likely to include information relating to your income, outgoings and credit worthiness.