In accordance with the UK General Data Protection Regulation (GDPR) and related UK data protection legislation, we are committed to protecting the confidentiality and security of the information that you provide to us. This Privacy Notice is designed to help you understand how we collect and use your information. If you have any questions or queries about this policy please contact us.
Acquis Data Services Limited
Celtic Springs Business Park
Why we need and how we use your personal information
We only collect, use and store your information where we have lawful grounds and legitimate business reasons to do so.
We collect, use and store your personal information in order to fulfil services as part of our provision of the central borrowing register. It may also be used to verify your identity where required.
The use of your data is essential for us to provide a login to the central borrowing register.
If you do not provide the information required we are unlikely to be able to provide certain services to you.
We may monitor calls, emails, text messages and other communications with you. When you contact us we may keep a record of that correspondence and any information provided to us during that or any subsequent communication.
We do not use any of the information provided to us for marketing purposes unless you have provided your consent.
Nature of personal information
Personal data is any information that may identify a living individual.
We collect personal information such as name, email address, contact details, and other personal details that may depend on the nature of the services we are providing to you.
This information may be shared with our third-party service providers. Where necessary, we shall obtain your consent to the processing of such information.
We will only supply your personal information to other parties where such a transfer is a necessary part of the activities that we undertake, where you give us consent or where we are required to do so by law or regulation (e.g. where the disclosure is necessary for the purposes of the prevention and/or detection of crime). Examples of other parties include regulatory bodies, legal and accountancy firms and other advisors.
We may also disclose your information to service providers engaged to perform services on our behalf. Such service providers are contractually restricted from using or disclosing the information we give them except as necessary to perform services on our behalf or to comply with legal requirements.
We only share your information if we are satisfied that our partners or suppliers have sufficient measures in place to protect your information in the same way that we do.
We may also disclose personal information to new owners of our business in the event that we are subject to a merger or acquisition. Disclosure may also be made to enable company audits, regulatory inspections or to investigate a complaint, suspicion of fraud or a security threat.
We never share your information outside our organisation for marketing purposes.
You understand that we may disclose the information you provide to relevant other parties for the purposes described in this Notice.
We will never sell, rent or trade your information under any circumstances.
Transfer of personal data outside the UK
Certain personal information held on our Information Technology systems may be transferred across geographical borders in accordance with applicable law.
By providing us with your information, you consent to the collection, international transfer, storage, and processing of your information. These transfers are governed by relevant data transfer agreements to protect the security and confidentiality of personal information.
How long we keep information about you
We will keep your information for as long as it is required to enable us to provide our services to you. Once we decide that we no longer need your information it will be securely and confidentially destroyed. This will usually be a minimum period of seven years or as otherwise determined by law or regulation.
Your data protection rights
You have certain legal rights under UK data protection law and regulations, summarised as follows:
- The right to be informed about our data processing activities, including through Privacy Notices such as this.
- The right of access to the personal information we hold about you, free of charge. To request a copy of this information you must make a subject access request in writing to us.
- The right of rectification. You may ask us to correct any inaccurate or incomplete data within one month.
- The right to erasure and to restrict processing. You have the right to have your personal data erased and to prevent processing except where we have a legal obligation to process your personal information. You should bear in mind that by exercising this right you may hinder or prevent our ability to provide products and services.
- The right to data portability. On your request, we will provide you with your personal data in a structured format.
- The right to object. You have particular rights in relation to automated decision making and profiling to reduce the risk that a potentially damaging decision is taken without human intervention. You can object to your personal data being used for profiling, direct marketing or research purposes.
Invoke data protection rights, withdraw consent or make a complaint
If you wish to invoke any of your data protection rights, withdraw consent to use your data, or to make a complaint about how we hold or use your data, please contact us using the following details:
Acquis Data Services Limited
Celtic Springs Business Park
If you are dissatisfied with how we deal with your complaint, you may contact the Information Commissioner’s Office by completing the form on their web site: https://ico.org.uk/global/contact-us/