We, Conclusive Financial, are committed to safeguarding the privacy of our website visitors, our prospective customers (“prospects”) and our customers; this policy sets out how we will treat your personal information. If you have any questions about this policy or our treatment of your personal data, please contact us:
- by email at: firstname.lastname@example.org
- by post to: Conclusive Financial Limited, 109 Bancroft, Hitchin, SG5 1NB
- by telephone on: 0333 444 1094
Our data protection registration number is ZA007561. Our company is registered in England and Wales.
Conclusive Financial Limited uses the trading style Missold IVA on selected promotional materials, which is registered as a tradings style with the Financial Conduct Authority.
Throughout this document we refer to the provision of our ‘Claims Services’. A definition of Claims Services can be found within our Terms of Engagement.
THE DATA SUBJECT 'YOU'
For the purpose of data processing we will refer to you as either a prospect or a customer, depending on your relationship with Conclusive Financial.
Prospect: A potential customer who has not entered into a contract with Conclusive Financial by agreeing to our Terms of Engagement.
Customer: An individual who has entered into a contract with Conclusive Financial by returning a signed Letter of Authority, agreeing to Conclusive Financial’ Terms of Engagement.
Throughout the policy, we refer to your personal information as your data.
- Contact you about the Claim Services we offer via the contact methods you have provided, which could include telephone, text message (SMS), email and/or post;
- Administer our website, including ensuring that we can enable your use of the services on our website (including enquiries and complaints about our website) and improve your browsing experience by personalising the website
Upon receipt of your enquiry we will use your data to send you an Initial Pack, via post and may also contact you using the contact details you have provided to discuss your potential claim.
If you do not wish to provide these personal details, we will be unable to offer our Claims Services to you.
- Telephone, text message (SMS)
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure cloud servers that are subject to strict security requirements.
- Supply to you Claims Services under our Agreement;
- Contact third parties on your behalf, with your specific instruction;
- Provide you with updates via telephone, text message (SMS), email and post where such contact details have been provided; and
- Send statements and invoices to you and collect payments from you.
After this time, we will delete the information or anonymise the data so that it cannot be linked back to you.
The retention of your data enables us to provide our services to you, and fulfil our legal obligations including our accounting requirements and our regulatory obligations, such as complaints handling. Once you have entered into a contract with us we will also, send you information about similar products and services using the contact details you have provided to us, which could include telephone, text message (SMS), email and/or post.
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure servers that are subject to strict security requirements.
You are able to withdraw consent verbally via telephone or in writing via email or post using the contact details at the beginning of this policy.
We have a Legitimate Interest in keeping both prospects and customers updated about any further services offered by us which may be of interest to you, including communication of any developments that may have an impact on the original service you engaged with us about (e.g. a change in the law that will make additional services available to you) and/or similar products and services. In these instances we may also provide a referral to a solicitor within our legal panel with your consent, including our legal partner(s).
‘Legitimate Interest’ means the interests of our company in conducting and managing our business [to enable us to give you the best service/products and the best and most secure experience].
For example, we have an interest in making sure our marketing is relevant for you, so we may process your information to send you marketing that is tailored to your interests. It can also apply to processing that is in your interests as well.
When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests – we will not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
When establishing a ‘legitimate interest’ for communications/promotions to prospects, we adhere carry out a 3-stage Legitimate Interests Assessment (LIA) where we look to:
- Identify a Legitimate Interest
- Carry out a Necessity Test
- Carry out a Balancing Test
Should you no longer wish to receive information about similar products and services, you can always withdraw your consent to receive marketing communications from us and we will stop processing your data for marketing purposes. You are able to withdraw your consent verbally via telephone or in writing via email or post using the contact details found on the specific marketing communication and at the beginning of this policy.
WHAT DATA DO WE COLLECT?
We collect, store and use the following kinds of your data:
- information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type, referral source, length of visit and number of page views);
- information relating to any transactions carried out between you and us on or in relation to this website, including information relating to the supply of our Claims Services;
- information that you provide to us for the purpose of registering with us (including name, address, telephone number, email address and any financial information);
- information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters;
- information required to complete our Claims Services that we will request directly from you, including your personal circumstances and information about your financial products and services (this is not an exhaustive list); and
- any other information that you choose to send to us.
RECIPIENTS OF YOUR DATA
To allow us to provide our Claims Services to you, the following third parties provide critical functions to our business and will process your personal information as directed by us and in accordance with strict data security arrangements:
- Our Claims Services: during our Claims Services we will provide your data, under your specific instruction, to named Lenders, Loan Providers, Loan Brokers, Banks or other service providers and, if required, the Financial Ombudsman and/or Financial Services Compensation Scheme. We may also provide a referral to a solicitor within our legal panel with your consent, including our legal partner(s);
- Our Systems and IT: we use third party firms who provide essential storage arrangements (including call recordings), software and support to our infrastructure some of which are stored outside of the European Economic Area (EEA);
- Communicating with you: we use an outsourced print-house who manage our printing, they receive a copy of postal communication and print and send this on our behalf. Additionally, we use marketing platforms to send some of our email and text message (SMS) communications;
- Our Regulators: we may be required to provide your data to our Regulators, who include the Financial Conduct Authority, the Financial Ombudsman Service and the Information Commissioner’s Office;
- Our Professional Services: we use professional legal, consultancy and accountancy services to help us fulfil our legal obligations and help us improve our business; and
- Other Third Parties: we may share your data with other third parties that provide services to us where you provide consent or we believe we have a Legitimate Interest to do so, including review platforms, tracing agents, credit controllers and/or debt collectors.
We have carefully selected our third parties due to their commitment to keeping your data safe. If you request for us to stop processing your data, we will also communicate this to the relevant third parties if they are processing this on our behalf. If you have any concerns about the above third parties, please let us know and we can provide advice and support to help you manage your data preferences.
YOUR DATA RIGHTS
As a data controller, if you request the rectification, erasure or restriction of your data, we will also communicate this to any third party who your data has been disclosed to.
In exercising any of your rights, we will take action within one month. However, should the request be complex we can extend this by a further two months. We will inform you of this in this event. We will need to confirm your identity before completing any action on your behalf, and reserve the right to not complete action until we are satisfied that you are making the request. If we cannot complete your request, we will inform you within one month and explain why.
You can make this request using reasonable means, including by telephone, post or email. If you make the request by email, we will provide your information in a commonly used electronic format unless you instruct us otherwise
- We no longer require your data (when we have finished providing any Claims Services requested by you and are no longer subject to any legal or Regulatory requirements, such as accounting requirements and complaints handling);
- You withdraw your consent and there is no other reason for us to hold your data;
- You object to the processing, as described below;
- You believe your data has been unlawfully processed; or
- There is a legal obligation to erase your data.
You can make this request using reasonable means including by telephone, post or email. If you request for your data to be erased, we will confirm whether this can take place and the next steps that we will take. If we cannot erase your data, we will explain why and confirm any actions required to allow us to do so.
- You believe your data is inaccurate;
- You believe your data has been unlawfully processed but do not want us to delete your data;
- We no longer need your data but it is required by you for making or defending a legal claim; or
- You object to the processing, as described below, but we are verifying this.
If you make a restriction request, we will still store a copy of your data but cannot use this. We will inform you if the restriction needs to be lifted. You can make this request using reasonable means including by telephone, post or email. If you request for your data to be restricted, we will confirm whether this can take place and the next steps that we will take. If we cannot restrict your data, we will explain why and confirm any actions required to allow us to do so.
You can always object to receiving marketing from us and we will stop processing your data for marketing purposes at any time.
We may be required to use your data due to a legal requirement which is placed upon us; this includes our regulatory requirements such as financial record keeping, staff training and monitoring, in addition to complaint handling. In these circumstances, we may be required to keep your data by law. We will always inform you if this is the case.
We may disclose information about you to any of our employees, officers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes as set out in this policy.
In addition, we may disclose information about you:
- to the extent that we are required to do so by law;
- in connection with any legal proceedings or prospective legal proceedings; and
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
THIRD PARTY DATA TRANSFERS
We will only share your personal information outside the EEA where we have your consent, to comply with a legal duty, or where we work with a third party service provider to enable us to provide you with our services, and they process information outside of the EEA.
If we do share your information outside of the EEA with a third party service provider we will make sure that it is protected to the same extent as in the EEA. This includes through ensuring that the European Commission has made an ‘adequacy decision’ in respect of their data protection measures. You can learn more about this on the European Commission website.
In addition, some of the third party service providers we use that are based in the EEA may provide services which mean your data is transferred outside of the European Union. In any case, we ensure that there are appropriate security measures in place such as technical security, including encryption and restricted access to your data. We have strict contracts in place to make sure your data is kept safe and your data is always under our control. If you have any questions, please feel free to contact us for further information.
THIRD PARTY WEBSITES
This policy references other websites. We are not responsible for the privacy policies or practices of third party websites.
We may update this policy from time-to-time by posting a new version on our website at www.missoldiva.org.uk/privacy-policy. You should check this page occasionally to ensure you are happy with any changes.