Privacy Policy

Creditas Financial Solutions Limited is committed to protecting and respecting your privacy, we are registered with the UK Information Commissioners Office (ICO) as a data controller under registration Z1216459.

Creditas Financial Solutions Limited is registered in England and Wales, Company no. 06366166, and regulated by the Financial Conduct Authority (FRN 661849).

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

By visiting our websites, you are accepting and consenting to the practices described in this policy. For the purpose of the European Data Protection Regulations (‘GDPR’) and the Data Protection Act 2018 (the Act) and, the data controller is Creditas Financial Solutions Limited 72 Otley Road,Guiseley, West Yorkshire, LS20 8BN.

This Privacy Statement explains how we process your information and your rights under both DPA and GDPR.

The information we may collect, store and process the following data from you:

(a) Browser cookies

(b) The information that you provide to us when querying for quote with our website, detailed list found in the form data here

(c) The information provided by you when applying for a finance, further details of this can be found on the form data here.

(d) The information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters.

(e) The information that you provide to us when using the services on our website, or that is generated in the course of the use of those services.

(f) The information relating to any purchases you make of our goods and/or services or any other transactions that you enter into through our website.

(g) The information that you post to our website for publication on the internet.

(h) The information contained in or relating to any communication that you send to us or send through our website and

(i) Any other personal information that you choose to send to us.

Uses made of the information

Personal information submitted to us through our website will be used for the purposes specified in this policy or on the relevant pages of the website. We may use your personal information to:

(a) administer our website and business

(b) enable your use of the services available on our website

(c) send you non-marketing commercial communications

(d) send you email notifications that you have specifically requested

(e) send you marketing communications relating to our business or the businesses of carefully-selected third parties which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications)

(f) provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information);

(g) deal with inquiries and complaints made by or about you relating to our website

(k) keep our website secure and prevent fraud and

(l) verify compliance with the terms and conditions governing the use of our website.

Information you give to us

If you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the license you grant to us. Your privacy settings can be used to limit the publication of your information on our website and can be adjusted using privacy controls
on the website.

We will not, without your express consent, supply your personal information to any third party for the purpose of their or any other third party’s direct marketing.

Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may us this information and the combined information for the purposes set out above (depending on the types of information we receive).

Disclosure of your information

We do not share or disclosure any of your personal information without your explicit consent, other than for the purposes specified in this notice, where there is a legal requirement or to enforce our terms and conditions.

Where we store your personal data

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are
responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Your rights

You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by revoking consent during our telephone calls. You can also exercise the
right at any time by contacting us at compliance@creditas.org.uk

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. Your rights under Data Protection Law We operate under the Data Protection Act 2018 (‘DPA’) and the European General Data Protection Regulation (‘GDPR’). The DPA and GDPR apply to ‘personal data’ we process, and the data protection principles set out the main responsibilities we are responsible for. We must ensure that personal data shall be:

a) processed lawfully, fairly and in a transparent manner

b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes

c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed

d) accurate and where necessary kept up to date

e) kept for no longer than is necessary for the purposes for which the personal data are processed. We operate a data retention policy that ensures we meet this obligation. We only retain personal data for the purposes for which it was collected and for a reasonable period thereafter where there is a legitimate business need or legal obligation to do so. For details of our current retention policy contact our Teresa Jagger at compliance@creditas.org.uk

f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. We ensure lawful processing of personal data by obtaining consent; or where there is a contractual obligation to do so in providing appropriate products and services; or where processing the data is necessary for the purposes of our legitimate interests in providing appropriate products and services.
In the majority of cases we process personal data based on your contract with the us. In other cases, we process personal data only where there are legitimate grounds for so doing. To meet our Data Protection obligations, we have established comprehensive and proportionate governance measures. We ensure data protection compliance across the organisation through:

a) implementing appropriate technical and organisational measures including internal data protection policies, staff training, internal audits of processing activities, and reviews of internal HR policies.

b) maintaining relevant documentation on processing activities.

c) implementing measures that meet the principles of data protection by design and data protection by default including data minimisation, pseudonymisation, transparency, deploying the most up-to-date data security protocols and using data protection impact assessments across our organisation and in any third party arrangements. Under the GDPR You have the following specific rights in respect of the of the personal data we process:

1. The right to be informed about how we use personal data.
This Privacy Statement explains who we are; the purposes for which we process personal data and our legitimate interests in so doing; the categories of data we process; third-party disclosures; and details of any transfers of personal data outside the UK.

2. The right of access to the personal data we hold. In most cases this will be free of charge and must be provided within one month of receipt.

3. The right to rectification where data are inaccurate or incomplete. In such cases we shall make any amendments or additions within one month of your request.

4. The right to erasure of personal data, but only in very specific circumstances, typically where the personal data are no longer necessary in relation to the purpose for which it was originally collected or processed; or, in certain cases where we have relied on consent to process the data, when that consent is withdrawn and there is no other legitimate reason for continuing to process that data; or when the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.

5. The right to restrict processing, for example while we are reviewing the accuracy or completeness of data or deciding on whether any request for erasure is valid. In such cases we shall continue to store the data, but not further process it until such time as we have resolved the issue.

6. The right to data portability which, subject to a number of qualifying conditions, allows individuals to obtain and reuse their personal data for their own purposes across different
services.

7. The right to object in cases where processing is based on legitimate interests, where our requirement to process the data is overridden by the rights of the individual concerned; or for the purposes of direct marketing (including profiling); or for processing for purposes of scientific / historical research and statistics, unless this is for necessary for the performance of a public interest task.

8. Rights in relation to automated decision making and profiling. Please contact Teresa Jagger at compliance@creditas.org.uk for more information about the GDPR and your rights under Data Protection law.

If you have a complaint about data protection for Creditas Financial Solutions Limited contact Teresa Jagger at complaints@creditas.org.uk
Alternatively contact our supervisory authority for data protection compliance (www.ico.org.uk): Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)

Cookies

Our website uses cookies by using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.
About cookies A cookie is a file containing an identifier that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

Cookies can be used by web servers to identify and track users as they navigate different pages on a website and identify users returning to a website.

Our cookies
We use only session cookies on our website.
The names of the cookies that we use on our website, and the purposes for which they are used, are
set out below:

(a) we use https://catapultthemes.com/cookie-consent/ and
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage to
recognise a computer when a user visits our website

Analytics cookies
We use Google Analytics to analyse the use of our website, our analytics service provider generates
statistical and other information about website use by means of cookies.
The analytics cookies used by our website have the following names: _ga, catAccCookies, __cfduid
and wp-settings-time-64
The information generated relating to our website is used to create reports about the use of our
website.
Our analytics service provider’s privacy policy is available at:
http://www.google.com/policies/privacy/

Third party cookies

Our website also uses third party cookies, Details of the third-party cookies used by our website are set out below:

(a) https://catapultthemes.com/cookie-consent/.

(b) https://developers.google.com/analytics/devguides/collection/analyticsjs/

Blocking cookies

Most browsers allow you to refuse to accept cookies; for example:

(a) in Internet Explorer (version 11) you can block cookies using the cookie handling override settings available by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”;

(b) in Firefox (version 47) you can block all cookies by clicking “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and

(c) in Chrome (version 52), you can block all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Content settings”, and then selecting “Block sites from setting any data” under the “Cookies” heading. Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on our website.

Deleting cookies

You can delete cookies already stored on your computer; for example:

(a) in Internet Explorer (version 11), you must manually delete cookie files (you can find instructions for doing so at http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11);

(b) in Firefox (version 47), you can delete cookies by clicking “Tools”, “Options” and “Privacy”, then selecting “Use custom settings for history” from the drop-down menu, clicking “Show Cookies”, and then clicking “Remove All Cookies” and

(c) in Chrome (version 52), you can delete all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Clear browsing data”, and then selecting “Cookies and other site and plug-in data” before clicking “Clear browsing data”. Deleting cookies will have a negative impact on the usability of many websites.

Cookie preferences

You can manage your preferences relating to the use of cookies on our website by visiting: https://creditasfinancial.org.uk/cookie-policy/.

Our details

This website is owned and operated by Creditas Finance Solutions, we are registered in England and Wales under Company number 6366166, and our registered office is at 72 Otley Road, Guiseley, Leeds, West Yorkshire, LS20 8BN.

Our principal place of business is at 72 Otley Road, Guiseley, Leeds, West Yorkshire, LS20 8BN. You can contact us:

(a) by post, using the postal address given above;

(b) using our website contact form

(c) by telephone, on the contact number published on our website from time to time or

(d) by email, using the email address published on our website from time to time.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to compliance@creditas.org.uk

WE ARE A CREDIT BROKER NOT A LENDER