For the purpose of the Data Protection Act ('DPA'), we are the 'Data Controller' i.e. the company who is responsible for, and controls the processing of, your personal data).
This policy was last updated in April 2018 in line with the General Data Protection Regulation (GDPR) reform that is due to take effect from May 2018. The reform sets out more rights for individuals and greater transparency in how personal data is processed by Data Controllers, such as consent, distribution, marketing and deletion. As we are a credit intermediary, we undertake a number of financial tasks that relate to consumer credit. Our firms lawful basis for processing your personal data is done so under a legitimate interest - Article 6(1) (f) -: the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individuals personal data which overrides those legitimate interests.
Personal Data we may collect
We will obtain personal data about you (including your name, address, date of birth, contact information, interests, payment details, financial information and opinions) and those whose personal data you have with express authority disclosed to us ('others') whenever you complete an online or paper form, make a telephone enquiry with us, or visit our showroom to receive our services. If you submit an online enquiry you will be required to agree to the terms of this policy which include permitting us to contact you for the purpose of the finance related enquiry via the contact means of which you provide us with the details of. i.e. email address, telephone number, etc.
For example, we will obtain personal data when you (e.g. contact us for any reason, or purchase services). In certain circumstances, we may hold sensitive personal data if you provide us with such information if you feel that it is relevant for the purpose of your enquiry, but we will not ask for such information. Any sensitive personal data obtained and recorded will only be done so with your explicit consent.
How we use personal data
We will use the personal data you disclose to us for the purposes described in Our Terms. These purposes include: -
- To assist us in processing your enquiries and obtaining the services which you require;
- To help us identify you and any accounts that you hold with us;
- Undertaking credit checks;
- Research, statistical analysis and behavioural analysis;
- Customer profiling and analysing your preferences;
- Marketing (providing you have opted-in) [for further information see 'marketing and opting-in' below];
- Fraud prevention and detection;
- Billing and order fulfilment;
- Customising our website and its content to your particular preferences;
- To notify you of any changes to our website or to our services which may affect you;
- Security vetting; and
- Improving our services.
Marketing and opting-in
We may share your personal data with organisations as set out in the 'Disclosure of personal data' section below. If you have opted-in to receive our marketing material, we will ensure that it is to your requirements and granular. We or they may contact you or others (unless you have asked us or them not to do so) by mail, telephone, text message, email, (each contact method requires its own consent via an Opt-in selection) the nature of these marketing communications, relate to information on products, services, promotions and special offers which we believe may be of interest to you or others. If you or others would prefer not to receive any further direct marketing communications from us or our business partners, it is possible to opt out at any time. See further 'Your rights' below.
Disclosure of personal data
We may disclose personal data which you provide to us:
- Our agents and service providers (e.g. providers of web hosting, maintenance services or potential funders);
- Law enforcement agencies in connection with any investigation to help prevent unlawful activity;
- Our business partners in accordance with the 'Marketing and opting out' section above, specifically being:
- Our group companies (as defined in the Companies Act 2006);
- Finance companies with whom we deal for the purposes of providing our services to you;
- Insurance companies with whom we deal for the purposes of providing our services to you and to verify information provided to us by you; and
- Other third parties with whom we deal with in the course of providing our services to you; and
- Any regulators within whose jurisdiction we operate within from time to time.
Please be aware that we will not sell or otherwise disclose any personal data provided to us to any other party.
Keeping data secure
We currently safeguard personal data by storing it on a CRM protected by password and shall ensure that from time to time we use no lesser technical and organisational measures to safeguard personal data which is disclosed to us. Whilst we will use all reasonable efforts to safeguard such personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any persona data which are transferred from you or to you via the internet.
We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention or compliance purposes.
Information about other individuals
If you give us information about others, you confirm that the other third-party person has appointed you to act on his/her behalf. This is also relevant where others are concerned if you indeed ask another person to act on your behalf as a third party.
Under the third-party authorisation, the other person can:
- Give consent on his/her behalf to the processing of his or her personal data for the purposes and reasons set out in this Policy; and
- Receive on his/her behalf any data protection notices.
- Such authorisation will remain in place until this has been revoked, wither by verbal or written communication.
Use of Google Analytics Advertising
We use Google Analytics Advertising Features ('GAAF') through our website, which means that certain information about the traffic on our website is collected. In light of using GAF, we will not facilitate the merging of personally-identifiable information with non-personally identifiable information collected through GAAF unless we receive your express consent to that merger.
Furthermore, we are hereby notifying You that:
- The specific GAAF feature(s) which we have implemented are:
- Remarketing with Google Analytics
- Google Display Network Impression Reporting
- Google Analytics Demographics and Internet Reporting
- We use first-party cookies (such as GAAF cookies) or other first party identifiers, and third-party cookies (such as advertising cookies) or other third-party identifiers together and that this is done in the ways detailed under the sub-heading Use of First - Third-Party Cookies and Identifiers below; and
- You can Opt-out of the GAAF you use, including through Ads Settings, Ad Settings for mobile apps, or any other available means such as the Google Analytics currently available opt-outs accessible via tools.google.com/dlpage/gaoptout.
You have the right to request access to your personal data which we process. This formal request is made under the DPA and is referred to as a Subject Access Request. If you wish to exercise this right and make a Subject Access Request, you should;
Put your request in writing; either by email or by letter
Include proof of your identity and address (e.g. a copy of your driving licence or passport, and a recent utility or credit card bill);
Specify the personal data you want access to, including any account or reference numbers where applicable.
You have the right to require us to correct any inaccuracies in your data free of charge. If you wish to exercise this right, you should:
- Either speak to us via telephone or put your request in writing;
- Provide us with enough information to identify you (e.g. account/order number, username, registration details); and
- Specify the information that is incorrect and what it should be replaced with.
You also have the right to ask us to stop processing your personal data for direct marketing purposes. If you wish to exercise this right you should:
- Put your request in writing (an email sent to [email protected] with a header that says 'unsubscribe' is acceptable);
- Provide us with enough information to identify you (e.g. account/order number, username, registration details);
- If your objection is not to direct marketing in general, but to direct marketing by a particular channel (e.g. email or telephone) please specify the channel you are objecting to.
We will only process your personal data providing you have given your consent for us to do so. Under the provisions of the DPA, our firm's lawful basis for processing personal data is based on a legitimate interest.
The legitimate interest relates to a legal requirement for the firm to hold your personal data and financial information on record for up to a total of six years. This six-year period satisfies the requirement of our regulator, The Financial Conduct Authority and is also in line with other financial industry retention periods.
In the normal course of business there may be a need for Cheshire Trade Centre Limited or any other firm associated with the business, usually hen processing an application for credit, personal data would have to be transferred outside of the European Economic Area (EEA) where those countries do not typically have the same protections and safeguards on place for the protection of personal data to those countries within the EEA.
The Cheshire Trade Centre Limited deal with a number of large, international corporations where data is likely to be transferred in this way. Assurances and processes will always be put in place and considered before any international transfer to a non-EEA country is undertaken to ensure the protection and Security of the personal data.
Our Contact Details
We welcome your feedback and questions. If you wish to contact us, please send an email to [email protected] or you can write to us at Cheshire Trade Centre, Parkgate Road, Chester, CH1 4AY, or call us on 01244 398 451.
We may change this Policy from time to time. You should check this policy occasionally to ensure you are aware of the most recent version which will apply each time you deal with us.
Cookies are small text files that are placed on your computer by websites that you visit or certain emails you open. They are widely used in order to make websites work, or work more efficiently, as well as to provide business and marketing information to the owners of the site. For more detailed information about cookies visit www.allaboutcookies.org
How to control and delete cookies
List of the main cookies
Here is a list of some cookies that may be set by us while using our web site ASPSESSIONID and ASP.NET_SessionID allow us to recognise your requests from page to page. This allows us to remember your previous selections and choices, navigate back to previous pages etc. These cookies are removed when you close your browser.
AutoChat may be set if we use live chat on our web site. This is a web site analytic cookie.
Google.com provides web site analytics and may set the following cookies __utma, __utmb, __utmc, __utmz
Third Party Cookies
We use a number of suppliers who also set cookies on our website on its behalf in order to deliver the services that they are providing. We sometimes embed photos, video, social sharing icons and other content from external websites such as YouTube, Flickr and social networking sites such as Facebook, Twitter and Google+. As a result, when you visit a page with content embedded from one of these sites you may be presented with cookies from their website. We do not control the dissemination of these cookies. You should check the relevant third party website for more information about these. Here is a list of some cookies that may be set by our third parties while using our web site:
Flash Cookies (local shared objects)
From time to time, we may use Adobe's Flash Player to deliver content. To improve user experience, Local Shared Objects - or Flash Cookies as they are commonly known - are employed to provide features such as auto-resume and for saving your preferences. Flash Cookies are stored on a user's terminal much the same as cookies are, however it is not possible to manage them at browser level in the same way. The Adobe website provides comprehensive information on how to delete or disable Flash cookies either for a specific domain or for all websites - see Here for details. Please be aware that restricting the use of Flash Cookies may affect the features available to you for Flash based applications.
Information that is gathered from visitors
Almost all Web servers record users requests made upon them (such as the visitor's IP address, browser type, referring page and time of visit) in log files.
How the Information is used
The information is used to enhance the vistor's experience when using the website to display personalised content.
Personal data, such as names and email addresses will not be sold, rented or leased, and not kept longer than required to provide the service it was supplied for.
E-mail may be sent to you for the purpose you registered but will not be used for unrelated marketing.
If you have subscribed to our newsletter, you may unsubscribe by replying to any of the email correspondants and simply state you wish to unsubscribe to the service.