This Privacy Statement explains how we process your information to provide you with our services in line with the General Data Protection Regulations (GDPR) and Data Protection Act 2018.
Please read the following sections carefully, as it explains what personal information, we collect about you and how we use this information. Debt Support Service are committed to respecting and preserving your privacy and personal data.
Debt Support Service is the controller and we’re responsible for your personal data. If you have any questions or queries in relation to this privacy notice or how we process your personal information you can contact us. This includes any requests to exercise your legal rights such as a data subject access request (DSAR) or to update your preferences.
The Data Controller
Debt Support Service Ltd
8 Exchange Quay,
Tel: 0161 375 3328
When you contact us, please include your DS reference number, name, address, telephone number and e-mail address.
What data do we collect about you?
Personal Data / Information means any details about an individual whereby that person can be identified and does not include anonymous data, where the identity has been removed.
The types of data we may collect, store, use or transfer include some or all the following:
- Your personal details such as name, address, and date of birth.
- Contact details such as your phone number and email address.
- Special category data / special personal information such as your health including mental and physical health.
- Details relating to your household / family and limited information about them.
- Financial information such as your income, expenditure, assets, and liabilities.
- Employment information.
- Information regarding your creditors.
- Information on how you use our website and products/services.
- Your preferences in receiving marketing from us and any associated third parties including your communication preferences (SMS, Email, Phone).
- Aggregated data, such as statistical or demographic data.
Special Category Data / Information
Information about other people
If you provide personal information about someone else, for example when a joint application is made, or you provide details about a member of your family unit, you must do so with the permission of the other person. Your personal information and any information about the service provided to you will be shared with the other person. We will use the personal information about the other person in the ways as described in this policy.
How we collect your Personal Data
We may obtain personal data from you in several ways:
- When you make an enquiry or application to us by phone, email, via our website by a third party or by any other means.
- When we need to obtain updated information about you to meet our regulatory and legal obligations (such as an annual review).
- When you participate in market research or interact with us on social media.
- By leaving reviews relating to us.
- Where you have given permission for your information to be provided to us.
- Information received via a third party, for example a creditor providing information about an account you hold with them such as an outstanding balance.
- Where you have previously agreed for your information to be shared with us by another company.
How we use your Personal Data
We will only use your personal data where the law allows us to, and / or it falls into one or more of the below categories:
- It is necessary to enter or fulfil a contract with you, or one we already have.
- We have a regulatory or legal obligation to do so.
- It is in our legitimate interest to do so and does not go against your rights.
- It’s necessary to protect your vital interests.
- It’s necessary to carry out a task in the public interest.
- You have provided your consent.
Where you make an enquiry or apply for one of our services, we will use your information to provide you with appropriate information to recommend a suitable debt solution in line with our FCA regulatory requirements. If you’re unable to provide this information, we may not be able to progress with your application or enquiry. We may also use this information to contact you about and process your enquiry or application by phone, SMS or email.
After you have made your initial enquiry, if you then decide to go ahead with any of the services that we offer, the sections below explain how we will also process your data when we provide that service.
Debt Solution Information
Where we give you information on a debt solution, we will process your personal information to administer the service we provide. This may include contacting you where we may need further information or sending you updates on the progress of the service that we provide to you. We may also share your data with one of our third parties where we’re unable to provide a particular service, we will only do this with your prior consent.
Who will the data be shared with?
We may share your information with other debt solution providers or insolvency practitioners where necessary, we will only do this where they have agreed to keep your information confidential. If you decide to proceed with a debt solution from an organisation we have referred you too, in some instances Debt Support Service may receive a fee for introducing you to an alternative debt solution provider.
In addition to this, your information may also be shared with:
- Your creditors, this includes their agents, debt collectors, solicitors and bailiffs (where applicable). This is vital for us to act on your behalf and provide you with our service.
- Our regulators, the Financial Conduct Authority, Information Commissioner’s Office or any other regulatory body or authority that may request certain information as part of their role in regulating and monitoring us. We have a legal or regulatory obligation to provide this.
- We also use third-party companies to help us manage your data and provide to you the services we offer, these are: Customer record management systems (CRM), call recording systems and software providers, document storage systems and software providers.
- Where you have provided your authority and we have a legitimate interest to do so or where we may be legally required to, we will share information with credit reference agencies to obtain information about you, if you would like more information on how credit reference agencies use your personal data, you can view the Credit Reference Agency Information Notice which you can obtain from the three main credit reference agencies, Equifax, Experian and TransUnion (Formally Call Credit)
- IT Service Providers who provide IT platforms or other IT services
- Advertisers and social media companies
- Payment Service companies that process transactions for us such as Direct Debits and Debit Card Payments.
- Communication providers such as telephone line providers, and email and text service providers.
- Third Party administrators who provide ongoing support with the administration of your product or service.
- Third parties who may have introduced you to our services.
We may also share your personal information where we have your consent to do so or where we are required to do so under a legal or regulatory obligation or court order, such as the police, local authorities, or the courts.
How long will your data be stored for?
If you continue to be our client and we give you advice, we will keep a record of your personal information to ensure that we provide you with the best service possible and where we are required to keep your data to meet our legal and regulatory obligations.
This will normally be kept for at least six years, starting from the date when we are no longer providing you with a service.
Telephone calls and web chats will be retained for at least six years from the date the call was made. If you do not go ahead with any product or service offered by us, your personal information will normally be deleted after two years (except for any recorded telephone calls) unless we have another reason to keep your personal information, for example, if you have given your consent to receive marketing or promotional messages from us.
After this time, we will delete the information or anonymise the data so that it cannot be linked back to you.
Other Purposes for Processing Your Personal Data
Websites and Marketing
To help us understand you better and provide you with information about other products which may be suitable and relevant, we may use your personal information to create a profile of you and your circumstances. This allows us to provide more relevant, accurate and tailored services to you. For example, we may assess your income and expenditure to determine whether you would be eligible for a debt solution through us. We believe we have a legitimate interest to do this and that it is not against your rights. However, if you do not want us to profile your personal information this way, to then better enable us to tailor any marketing communications to you, you can contact us to let us know that you wish for your personal data not to be used in this way.
Reviews and Market Research
Where we have details of your personal information, we may contact you to ask you to provide a review about the services you’ve received or where we are carrying out market research which may help us design future products and services or to help improve our current services. Although this information would really help us, you would not be required to provide us with this information unless you were happy to. We consider that this is in our legitimate interests to contact you in this way for market research purposes, you will normally be asked to leave a review via Feefo or Google.
What Are Cookies?
Cookies are small text files that are placed in your computer or mobile device when you visit a website. These are small text files that facilitate the processing of your data and enable us to analyse how the website is being used.
There are two types of cookies.
Temporary Cookies: these cookies form part of the security process and expire when you close your web browser.
Permanent Cookies: these cookies stay in your device for a longer period or until you manually delete them.
Regarding the entity that sets the cookies, there are two forms of cookies:
First-party Cookies: these are cookies set by the website that you are visiting, either by us or by a third-party at our request.
Third-party Cookies: these are cookies set by a third-party rather than the provider of the website that you are visiting.
Why are Cookies used?
Cookies help visitors to a website: They allow sites to do things like provide personalised content and remember their log-in details and settings. You can turn them off at any time. This will not stop a website from working, but it might mean it will not work as well as it could, or that you must do the same thing more than once.
Cookies also help website owners: They tell website owners things like, what search engine a visitor used to find the website, how often they have visited it, how long they have spent on it, and so on.
Except for essential cookies, all cookies will expire after 10 years.
You can accept or decline cookies by modifying the settings on your browser. Please remember though that disabling certain cookies may affect the functionality of our website. Further information on the use of and managing of cookies can be found at allaboutcookies.org
Aggregate Visitor Information
Our web servers collect certain information about all visitors to our website, including:
- IP Address.
- Host names.
- Domain names.
- Time and date information is requested.
- Browser version and platform when information is requested.
- A record of which pages have been requested.
We use this information to produce aggregate visitor statistics in relation to which pages are being accessed. We may also use it to monitor usage patterns on this website to improve navigation and design features to help you get information more easily. These statistics do not include information that can be used to identify any individual.
Legal or Regulatory Obligation
We are required to process your personal information where we have a legal or regulatory obligation to do so, for example, to adhere to anti-money laundering or our regulatory obligations.
Responding to Complaints or Enquiries
If you make an enquiry or complaint with us, we will use your personal information to investigate the complaint and deal with your enquiry. We have a legal and regulatory obligation to deal with your complaint appropriately. We may also be required to share your data with the Financial Ombudsman Service should your complaint be escalated to them, and they request this information from us.
As part of our legitimate interest to develop our business and our products we will use your personal information to assess our performance as a business and for statistical analysis. We will use as little personal data as we can to achieve this.
Fraud Prevention and Law Enforcement Agencies
The personal information we have collected from you may be shared with law enforcement agencies and fraud prevention agencies who will use it to prevent fraud, money-laundering, and terrorist financing and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment.
We use publicly available social media platforms to promote our services, to provide updates and to share any news and promotional updates. We may collect personal information from these social media platforms, for example, if you post a message on our Facebook page.
By providing any of your information to us through these platforms you should be aware that:
- The social media web pages are publicly available, and you must not provide any personal or sensitive information on our pages that are accessible to the public, such as your account information. We may ask you for your account information via a private message to identify you and to service any request you make.
We take the protection of personal information very seriously and we will maintain appropriate measures to maintain the confidentiality, integrity, and availability of the information you have provided.
Such measures include:
- Company security policies and standards.
- Staff security awareness.
- Access controls to prevent unauthorised access to information.
- Encryption and anonymisation technology.
- Anti-malware technologies.
- Security monitoring.
- Security testing.
- Secure archiving and deletion.
- Compliance with industry regulation and legislation.
Please note that we are not responsible for the content or privacy practices of any other website to which our website may link.
We may record any telephone calls you make to us, or we make to you or any other third party. This is for training, monitoring and quality purposes and to meet our legal and regulatory obligations. Some telephone calls may be observed by staff for training and development purposes as well as for quality assurance. We may keep a copy of the telephone calls for up to six years from the date the telephone call was made.
Access To Your Personal Information
You have the right to request from us a copy of the personal information that we may hold about you. This is often called a “Data Subject Access Request” or referred to as a “DSAR”. You can request this information by contacting us. We won’t charge you to provide you with this information. Before providing this information to you or to another person or company that you have requested this personal information to be sent to, we may ask for proof of identity or ask sufficient questions to enable us to locate the information and ensure that we’re only providing it where you have given your agreement.
Right To Have Your Personal Information Corrected
If the personal information we hold about you is incorrect you have the right to request that we correct this.
Right to stop or limit the processing of the Data we carry out
You may request that your personal information is deleted or that we stop processing the information if we are no longer entitled to process it. There may be occasions where we are unable to delete the data due to our legal or regulatory obligations. We will however discuss this with you if you request for your information to be deleted.
Portability: In some cases, you may be able to request for your information to be provided to you or to another company in a format that can be processed electronically by you or the other company. If you want to request this, you will need to contact us.
Information Commissioners Office