For the purposes of the Data Protection Act (‘DPA’), we are the ‘Data Controller’ (i.e. the company who is responsible for, and controls the processing of, your personal data).
Information Commissioner’s Office (ICO) Registration Information
The Debt Advisor Limited – ICO Registration Number: Z9973946
Insolvency Practitioner (B E Budsworth) – ICO Registration Number: ZA083535
All comments, queries and requests relating to our use of your information are welcomed and should be addressed to The Compliance Manager, The Debt Advisor, Trafford House, Chester Road, Manchester, M32 0RS, by telephone on 0333 9999 600 or email us at firstname.lastname@example.org
Scope of the Policy
Purposes for Processing Personal Data
We will process your data for the following purposes
- To contact you in relation to an online enquiry
- To determine whether we are able to provide you with our services
- To provide you with requested services, including support, updates and communications regarding requested services.
- For identity verification, fraud prevention, detection and anti-money laundering purposes
- To provide you with e-publications and blog updates
- To record any information required for the tailoring of our services in consideration of any of your needs and requirements.
- To improve our services and customise our website and its content to your particular preferences
- To comply with any laws or regulations to which we are subject
Lawful Bases for Processing
We rely on the following lawful bases for processing:
We also rely upon ‘Legal Obligation’ where we are required to comply with any laws and regulations to which we are subject.
Use of Special Category Data
We will obtain personal data when you (e.g. contact us for any reason or proceed with our services). In certain circumstances, we may hold special category data (also known as sensitive personal data) we will require this information in order to tailor our approach to how we can best assist you and your needs. For instance, you may have a medical condition which means that a third-party deal with your affairs, or you may have an impairment which would mean we would be best to contact you via a different method.
Any special category data held will be treated with the strictest of confidence and will be held purely based on your explicit consent to aid us in providing the best service to you. If you do not provide your explicit consent relating to any impairment or vulnerability, the information will not be recorded and will also not be disclosed to any third-parties.
The Right To Withdraw Consent At Any Time, Where Relevant
To withdraw consent please see the contact information detailed within this Policy. Should consent be withdrawn for a particular purpose, we may be unable to provide you with our services or may be unable to tailor our services to your needs which may subsequently impact the service we provide.
Should you wish to unsubscribe from receiving our e-newsletters, blogs and technical updates simply click the “unsubscribe” link that is included at the bottom of every email we send you. You may also email email@example.com or firstname.lastname@example.org with the subject line “Unsubscribe” and we will remove you from our newsletter within a maximum of 10 calendar days, but usually much sooner. You may also contact us using the methods provided within this Policy should you wish to unsubscribe via other means.
Data We Collect From You
We collect personal data about you when you provide personal data to our firm so that we may provide our services to you and in accordance with the purposes described within this Policy.
We also collect personal data about you from third party sources. The data collected from third party sources are as follows (please note, this is a general accounting and does not necessarily indicate that the below data will be obtained from third party sources, only that it may be obtained and if available and relevant to the service provided):
||Examples of Data Collected
|Personal Identity Information
||Name, surname, gender, birth country, UK landline, aliases and associations
||Generated as a result of providing our services to you
||Creditors, debt level, credit limit, account numbers, bank statements
||Generated as a result of providing our services to you
||Internet Protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating systems and platform
The Right To Lodge A Complaint With The Supervisory Authority
In the context of your personal data, You have the right to lodge a complaint to the supervisory authority, the Information Commissioner’s Office (ICO). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. If you would like to make a complaint, see our Complaint Policy.
We will only retain your personal data for as long as is necessary to fulfill our obligations under the provision of our service as well as any purposes necessary to satisfy any legal, accounting or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk, of harm of unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, including applicable legal requirements. For example, If you make an enquiry with us, and we are not able to help you, for whatever reason, a record of your enquiry will be retained for 12 months.
We employ security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. We will retain your information for a total of six years after we have ceased to act for you. If you make an enquiry with us, and we are not able to help you, for whatever reason, a record of your enquiry will be retained for 12 months.
Recipients of The Personal Data
Throughout the provision of our service, we may need to disclose personal data to third parties. The categories of recipients of personal data are as follows:
- Our agents and service providers (e.g. providers of web and chat hosting, maintenance services or creditors);
- Law enforcement agencies in connection with any investigation to help prevent unlawful activity;
- Our third-party affiliates in accordance with the terms of the Policy, specifically being:
- finance companies with whom we deal for the purposes of providing our services to you; and
- other third parties with whom we deal with in the course of providing our services to you; and
- Any regulators or authorities within whose jurisdiction we operate within from time to time.
Links to other websites
Our website may contain links to other websites of interest or as part of the service. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
In the normal course of business there may be a need for The Debt Advisor Limited or any other firm associated to the business, usually when usually when undertaking quality assurances assessments, personal data would have to be transferred outside of the European Economic Area (EEA) where those countries do not typically have the same protections and safeguards in place for the protection of personal data to those countries within the EEA.
We deal with a number of large, international corporations where data is likely to be transferred in this way. Assurances and processes will always be put in place and considered before any international transfer to a non-EEA country is undertaken to ensure the protection and security of the personal data.
|Your right to access
|The right of access, commonly referred to as subject access, gives individuals the right to obtain a copy of their personal data as well as other supplementary information. It helps you to understand how and why we are using your data, and to check we are using it lawfully.
|Your right to rectification
|You have the right to have inaccurate personal data rectified. You may also be able to have incomplete personal data completed – although this will depend on the purposes for the processing. This may involve providing a supplementary statement to the incomplete data.
|Your right to erasure
|Under certain circumstances you have the have the right to have personal data erased. Also known as ‘The right to be forgotten’. The right is not absolute.
|Your right to restrict processing
|Under certain circumstances you have the right to request the restriction or suppression of your personal data, and as like the right to erasure, it is not absolute. Restriction of processing means we are permitted to store your personal data; we are unable to use it.
|Your right to data portability
|You have the right to obtain and reuse your personal data for your own purposes across different services. This eases the copying or transferring of personal data easily from one IT environment to another, safely and security, without affecting the usability of the data.
|Your right to object
|Under certain circumstances you have the right to object to the processing of your personal data, however you do have the absolute right to object to direct marketing.
|Your right to be informed
|You have the right to be informed about the collection and use of your personal data. Your right to be informed forms part of this policy, and provides the purposes for processing your data, our retention periods and who it will be shared with.