Menu

Privacy and Cookie Policy

Information applies from the 25th May 2018

  • We promise to be fair and transparent
  • We treat the security of our customers` data seriously
  • We believe in integrity and respect your privacy

 

What does this mean for you?

Our privacy notice provides you with information about how we use your personal data, which we are required by law to give you. Each section sets out different information – you can use the following list to choose which sections of our Privacy Notice you want to read:

  1. Our identity as a data controller and our contact details
  2. Types of personal data we collect and how we collect it
  3. The legal basis on which, and the purposes for which, we are processing your personal data
  4. How long we keep your personal data for
  5. Who we share your personal data with
  6. Transferring your personal data outside of the EEA
  7. Credit Reference Agencies
  8. Sharing information to prevent crime or harm
  9. How you can manage your personal data
  10. Cookies
  11. How to complain

We set out how your personal data will be used by members of the Cabot Credit Management Group as data controller, as advised below. You can contact our Group Data Protection Officer (DPO) at:

1 Kings Hill Avenue, Kings Hill, Kent ME19 4UA or alternatively by email on:

[email protected]

Occasionally we will need to tell you how we will process specific information you have provided to us, we will do this by providing a notice at the time we receive or obtain personal data.

 

1. Who are the Cabot Credit Management Group?

Cabot Credit Management Group is the data controller of your personal data. We are a market leader in the UK and one of the largest credit management services provider in Europe. We are authorised and regulated by the Financial Conduct Authority (FCA).

For the purpose of this notice where we refer to Cabot Credit Management Group or CCM Group we are referring to the Cabot Credit Management group of companies including its subsidiaries, holding companies and any associated and affiliated companies. When we become the data controller of your personal data, we will let you know which company within the CCM Group you have a relationship with.

To find out more about the CCM Group including who it incorporates please visit our website:

www.cabotcm.com

 

 

2. What types of personal data do we collect and how do we collect it?

 

Types of personal data we collect

The types of personal data that we collect are outlined below:

  • Personal Data - Personal data is information that can be used to identify you as an individual such as name, address and contact information, IP address
  • Financial Data - Financial data is information from your credit file, income and expenditure data, account information and any other information relating to your ability to repay your account

Special Categories of personal data:

Some categories of personal data are more sensitive, these are known as special categories of personal data for example:

  • Racial
  • Biometric data
  • Ethnic origin
  • Religious beliefs
  • Data concerning health, sexual orientation

If you ever disclose this type of personal data to us we will only keep this on record if it is necessary for the services we are providing. Where we do need to keep this data, we will always request your explicit consent. We will only store this data for as long as it is relevant and will check this with you periodically. You have the right to withdraw your consent and if you do, we will delete the special category data from our records.

If you disclose special category personal data to us without us having the opportunity to obtain explicit consent, for example if you send a letter to us detailing your medical situation, you will have given your consent for us to process that data.

Where we consider it necessary to record the special category personal data you give to us, we will securely record this information and tell you in writing how we will use it and how you can withdraw your consent.

 

How do we collect your personal data?

We collect your information in the following ways:

  • We obtain data from the previous (or current) owner of your account
  • We keep records of correspondence between us, including letters, live chat, email, SMS, and any social media communications
  • We record phone calls and webchats between you and our staff for training and monitoring purposes and to improve and enhance the service we offer you.
  • When you use our website and app, we collect information concerning your usage of the website, behavioral patterns, which pages you viewed, traffic data and the originating domain name of your internet service provider
  • We operate CCTV at our business premises, if you were to visit one of our offices your image could be captured on CCTV

·We access third party data sources and combine and process data from those sources with your personal data. Examples of such third party data sources include the Land Registry, Credit Reference Agencies (CRAs), registers of court judgments, bankruptcies, postcode lookup databases and telephone number verification databases.

  • Third parties that we appoint may collect personal data from you and pass it on to us
  • We collect information concerning your usage of the website, behavioral patterns, which pages you viewed, traffic data and the originating domain name of your internet service provider

 

3. How we use your personal data

We use your personal data:

  • To help us service your account
  • To manage our operations and improve our service to you
  • To manage security, risk and crime prevention
  • To meet our regulatory requirements
  • To undertake statistical analysis for business improvement

In order to process your personal data we need to have a justified legal basis, this means that processing your personal data must be necessary for one or more of the following:

  • To comply with a legal obligation
  • Where we have a legitimate interest
  • To perform a contract that you are party to
  • When you give us your consent
  • To protect your vital interests

The table below sets out the lawful bases that we rely on to process your personal data.

Business Process

Our lawful basis for processing

How do we use your data?

Debt recovery

  • Performance of a contract
  • Legitimate interests
  • Compliance with a legal obligation

As a business, our core operation is the recovery of an outstanding balance. As part of this recovery process we would need to perform trace and debt recovery activities; validate your identity, contact you in writing/email/SMS and telephone, agree payment arrangements, process payments and where appropriate take enforcement action.

Promoting responsible lending

  • Legitimate interests

We will collect personal data from and share your personal data with Credit Reference Agencies in order to help promote responsible lending.

Management of your account

  • Compliance with a legal obligation
  • Legitimate interests
  • Performance of a contract

As a business, we have an obligation to manage your account and, where your account is a consumer credit agreement, we have a legal obligation to provide you with statutory communications. We have a legitimate interest in understanding your ability to repay the outstanding balance as well as how best to communicate with you; in order to do this at times we will use scoring/statistical analysis and automated processes to make decisions about how best to engage with you.

Training, monitoring and improving our service

  • Compliance with a legal obligation
  • Legitimate interest

In order to ensure we provide the best service we can, we use recordings of telephone calls, which will contain personal data of our customers, to train staff. We may choose to ask another company to contact you to request feedback enabling us to review the service you’ve received and to make improvements where necessary. We monitor your website usage, collecting info to improve our service, business efficiencies and, statistical and analytical activities.

Complying with Legal and

regulatory requirements

  • Legitimate interests
  • Performance of a contract
  • Compliance with a legal obligation

At times we share data with other third parties where we have a legal or regulatory requirement to do, for example the Financial Conduct Authority. In the event that you are unhappy and have made a complaint to the Financial Ombudsman Service, we will share your personal data with them enabling them to review your complaint.

 

4. How long we keep your personal data

We will keep your personal data for as long as you are a customer of Cabot.

We will keep your personal data for 6 years and 3 months from when our relationship with you comes to an end, in order to respond to any complaints or queries, comply with legal and regulatory obligations to keep certain records.

 

5. Who we share your personal data with

At times we will need to share your personal data with other companies:

  • Other companies within the CCM Group - for example we could instruct another company within CCM to act on our behalf or perform administrative duties
  • Debt Collection Agencies or solicitor firms where they are acting on our behalf to help recover a debt
  • Other companies that may help us to validate that the data we hold is accurate or to obtain new information - for example a new telephone number
  • Your original creditor
  • Suppliers and service providers - for example companies that provide us with an IT, infrastructure or mailing service
  • Any person or company that you instruct us to liaise with - for example, a friend, family member, representative or a Debt Management Company

In the event that we sell part of our business or a portfolio of accounts, we will share your personal data with the prospective purchaser and any agent acting on their behalf in order to review and complete on the sale. Whenever we engage with a third party we ensure that the third party has a similar level of safeguards and controls in place before sharing your personal data with them.

 

6. Transferring your personal data outside of the EEA

We may transfer your personal data to organisations that operate outside of the European Economic Area enabling us to work with suppliers who help us to manage your account.

Where we do transfer your personal data outside of the EEA we will ensure that your data is protected and any suppliers are part of the privacy shield, and/or that the appropriate contractual requirements are in place.

 

7. Credit Reference Agencies Notice Explained

We are required where possible to share details of your account with us (including your personal data with Credit Reference Agencies) on a recurring basis to promote responsible lending. The three Credit Reference Agencies we report information to are Call Credit, Experian and Equifax. We also obtain personal data from the Credit Reference Agencies for the following purposes:

  • To recover debts
  • To trace your whereabouts
  • To prevent fraud and other financial crime
  • To validate personal information that may be passed to us from you or other legitimate sources
  • To inform us on the best way to engage with you

The type of information that may be exchanged is outlined below:

  • Full Name
  • Full address including history
  • Date of Birth
  • Financial Situation
  • Personal details of any person you are financially linked with

The Credit Reference Agencies may share the data that we provide to them with other organisations. You can find out more about the three main Credit Reference Agencies and the Credit Reference Agencies Information Notice on the websites below:

Call Credit:  https://www.callcredit.co.uk/crain

Experian:  http://www.experian.co.uk/crain/index.html

Equifax:  https://www.equifax.co.uk/crain.html

 

8. Sharing information to prevent crime or harm

We have systems that protect our customers and ourselves against fraud and other crime, including money laundering. Customer information can be used to prevent crime and trace those responsible.

As part of our ongoing monitoring of your account and to service your account, we have legal obligations that require us to obtain certain personal details to validate your identity, both at the beginning of your relationship with us and throughout it. If false or inaccurate information is provided by you, or if fraud or another financial crime is identified or suspected, we will obtain publicly available information, such as media reports or regulator publications, which may contain personal details about you such as any criminal convictions. If fraud or another financial crime is identified or suspected, we will be required to pass your personal data to fraud prevention agencies or other authorities for the prevention and/or detection of financial crime. We have legal obligations to pass this data to fraud prevention agencies and this is our legal basis for sharing personal data in this way.

The agencies we may share your personal data with are:

  • Cifas
  • The National Crime Agency
  • Action Fraud
  • The Police
  • Her Majesty’s Revenue and Customs

If we have reason to believe that you are in prison, we will obtain publicly available information, which may contain some of your personal data such as the name of the Prison you are in and the length of your sentence, to update the information we hold about you and to manage your account in the most appropriate way.

If we have reason to believe that you are in immediate danger, we will pass your personal data, including any details we have about your physical or mental health, to the Police and other emergency services in order to protect your vital interests.

9. How can you manage your data?

Managing your account

You are able to access and manage much of the data we hold that allows us to administer your account and provide our services to you. You can do this via our website - www.cabotfinancial.co.uk.

Once you have activated your online account you can edit and update your personal data, let us know how you prefer to be contacted and opt into and out of alerts and newsletters that are designed to provide you with support.

 

Your rights

Object to processing

You have the right to object to us processing your data if the processing itself is an unwarranted interference with your interests or rights. You can find out more about how and why we process your personal data in section 3 ‘How we use your personal data?’

If you still believe that you have a valid and justifiable reason to exercise this right you can contact us on the details below.

Restrict Processing

If you believe we are processing your personal data unlawfully or you believe that we no longer need your personal data you have the right to request that we restrict the processing of your personal data.

Right to be forgotten

Under data protection legislation you have the right to request that we delete your personal data if you believe we no longer have a lawful basis to process it.If you feel that we should not be processing your personal data you can submit a request on the below details.

Right to rectification

Upon obtaining personal data we conduct checks to validate that it is accurate as we are reliant on you and other third parties to provide us with correct information. If you believe that any of the personal data we hold for you is incorrect, it is important that you make us aware as soon as possible, for example if you have a new phone number or have moved address.

Automated profiling and decision-making

At times, we use the personal data we hold on you to conduct profiling and automated decisions, for example, to predict how likely you are able to pay back your outstanding balance or how best to engage with you.

The new data protection legislation changes stipulate that where profiling or automated decision making produces a legal effect or similarly significantly affects you, we need to make you aware of your right to object. We do not believe that the profiling and decision-making that we conduct has either a legal effect or similarly significant impact on you but we will keep such processes and controls under review and update this notice accordingly.

If you have any further questions regarding any of the above information please contact our Data Protection Office on:[email protected]

 

Your right to portability

You have the right to request that we transfer personal data you have provided to us either to yourself or to another data controller. You can exercise the right to data portability by contacting us on the below details:

Email:[email protected]

Writing:Cabot Financial PO BOX 241 West Malling Kent ME19 4NA

 

Accessing your data

You have the right to see the personal data relating to you that we hold. As a data controller we will also ensure that we provide any additional personal data that any of our data processors may hold about you.

We take the protection of your personal data seriously, so we reserve the right to request proof of your identity before supplying any personal data.

Once we have validated your identity, we will respond to your request within one calendar month. We typically will send your personal data on an encrypted disk, if however you wish to receive it in a different format for example, as a printed document then please let us know.

In order to make this request please contact us on the below details:

Writing:Cabot Financial PO BOX 241 West Malling Kent ME19 4NA

Email: [email protected]


Call: 
03445560242

 

10. Cookies

Our website operates and collects cookies. A cookie is a small file that is placed on your computer’s hard disk which may be placed for several reasons, for example:

  • Google analytics, such as analysing the traffic to the website and to speed up access to the website.
  • Targeted communications that help us to guide you back to specific pages within our website, or reach you via third party websites

We will always ask you on the homepage whether you want us to place a cookie on your computer. The vast majority of web browsers accept cookies, however you can manually change your browser settings so that cookies are not accepted. If you do this, you may lose some of the functionality of our website. For more information about cookies and how to disable them please go to:www.aboutcookies.org

We can confirm that any cookies placed by us shall not store or collect any personally identifiable information.

 

11. How to complain

If you would like to make a complaint or have a query about how we use your personal data, you can contact us on the below details:

Email: [email protected]

In writing: Data Protection Officer, 1 Kings Hill Avenue, Kings Hill, Kent ME19 4UA.

If you are unhappy about how we have handled your complaint you have the right to complain to the Information Commissioners Office:

Website: https://ico.org.uk/concerns/

Call: 0303 123 1113