Personal information is any information that tells us something about you. This could include information such as your name, contact details and bank account details. account details.
2.1.1 your name, surname, email address and mobile phone number. You will provide this information directly if you register for our services on consents.online ("Site") and create your own profile on our Site.
2.1.2 as part of our service, you will provide your password and security login details ("Internet Banking Credentials") for your online bank account ("Bank Account"). We will then arrange for the transfer of your Internet Banking Credentials to Yodlee Inc (a Delaware corporation, having its principal place of business at 3600 Bridge Parkway, Redwood City, California 94065) ("Yodlee") or the bank holding your Bank Account ("Bank").
2.1.3 our online portal allows you to control how data from your Bank Account(s) is used by your proposed lender, debt advisor or financial services provider (as applicable) ("Approved Provider") and link such Bank Account(s) to your profile on our Site. This will enable us to report on your record of transactions as revealed in your Bank Account history (your "Transaction Data") to your Approved Provider.
2.1.4 your Transaction Data.
2.1.5 information you provide us by filling in forms on our Site (including your name, address, email address, mobile number(s)).
2.1.6 a record of correspondence if you contact us or we contact you (including personal information you choose to provide us with, such as your name, surname and email address).
2.1.7 proof of identification or details to confirm or verify your identity, address, Bank Account or payment card.
2.1.8 details of your visits to our Site (including traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise) and the resources that you access.
2.1.9 information from third parties, including your employer or a referee.
3.1.1 to invite you to register for our services, where you will create a username and password. This may also include your fingerprint, if applicable to your device.
3.1.2 to access, use and retrieve your Transaction Data following the process set out in section 3.3.
3.1.3 to administer the contract we have with you.
3.1.4 to investigate where you report a problem with our Site.
3.1.5 to verify or enforce compliance with the policies governing our Site and/or applicable laws.
3.1.6 fraud and crime prevention.
3.1.7 to protect against misuse or unauthorised use of our Site.
3.1.8 to comply with our regulatory obligations, to bodies such as the FCA.
3.2.1 reasons for disclosing your data to your Approved Provider;
3.2.2 type of access granted and for how long (i.e. whether this is unlimited, until a specific date or on a one-off basis only); and
3.2.3 frequency of access to your information (i.e. whether this is restricted to daily or weekly access).
3.3.1 we will arrange for the transfer of your Internet Banking Credentials to Yodlee or to your Bank. We will not retain your Internet Banking Credentials. We will only pass your Internet Banking Credentials onto Yodlee or your Bank using an encrypted and secure method of transmission;
3.3.2 your Bank (or Yodlee if your Bank does not provide direct access to your Transaction Data) will collate and send the Transaction Data to us;
3.3.3 we will analyse the Transaction Data and separate out your transactions into different categories and set out the amount you spend within each category. It will also set out the credits and debits from your Bank Account(s) over the same period;
3.3.4 depending on your instructions your Approved Provider may be able to:
Our access, the access of your Approved Provider and the access of Yodlee will be limited to the process set out in section 3.3 and will be in accordance with your instructions.
We also have an app, which is available for download from Apple's App Store and Android's Google Play Store. Please be aware that separate terms will govern your use of our app and you should read these carefully when you download the app.
Under data protection legislation, we are only permitted to use your personal information if we have a legal basis for doing so as set out in the data protection legislation. We rely on the following legal basis to use your information:
4.1.2 where we need to comply with a legal obligation. This includes compliance with our regulatory obligations, to bodies such as the FCA.
4.1.3 where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. This includes:
In more limited circumstances we may also rely on the following legal bases:
4.2.1 where we need to protect your interests (or someone else's interests).
4.2.2 where it is needed in the public interest or for official purposes.
We need some of your personal information in order to perform our contract with you. For example, we need to know your Internet Banking Credentials so that we can arrange for your Transaction Data to be provided to your Approved Provider.
Where information is needed for these purposes if you do not provide it we will not be able to perform our contract with you and provide you with our services. We explain when this is the case at the point where we collect information from you.
6.1.1 your Approved Provider, where we are required to do so in order to provide you with our services;
6.1.2 your Bank and Yodlee (to the extent such information is required in order to provide you with the services);
6.1.3 regulators, including the FCA, where we are required to do so to comply with our regulatory obligations;
6.1.4 AccountScore Limited, to assist us with categorisation of your Transaction Data in order to provide you with the services; and
6.1.5 third parties where we are required to do so by law. For example, if a government authority is conducting an investigation and requires us to share your personal information.
6.3.1 we will only share your Transaction Data with Yodlee and/or your Bank and your Approved Provider for the purpose of providing our service to you; and
6.3.2 we will only arrange for the transfer of your Internet Banking Credentials to Yodlee and/or your Bank for the purpose of providing our service to you.
We may collect information about your computer. This may include your IP address, operating system and browser type. This will be for our system administration. We may also report combined information to our advertisers. Please note that this information will not be personal information and will not identify you, and this information will only be statistical data about our users' browsing actions and patterns.
A "cookie" is a small electronic file that collects information about you when you visit our Site. A cookie can identify the pages that are being viewed, and this can assist us to select the pages that you see. Some cookies only exist whilst you are online, but "persistent" cookies remain on your computer, so that you can be recognised as a previous visitor when you next visit our Site. We may use persistent cookies to allow us to collect information about your browsing habits whilst on our Site, so that we can monitor and improve our services.
We do not store your sensitive information in persistent cookies. Cookies in themselves do not contain enough information to identify you. We will only acquire a personal identity in relation to your browsing habits after you have provided us with your personal data for the purposes outlined at section 3 above.
In addition to using cookies, we might also use web tools to collect information about your browsing activities whilst on our Site. In this respect the information that is provided is similar to the information supplied by cookies, and we use it for the same purposes.
Any information that we acquire about you using cookies or web tools is subject to the same restrictions and conditions as any other information we collect about you in this policy.
|__utma||Google Analytics||Persistent||This cookie is part of Google Analytics and helps us improve your experience by anonymously tracking how users interact with our Site. It is specifically used to track the number of visits to our Site.|
|__utmc||Google Analytics||Persistent||This cookie is part of Google Analytics and helps us improve your experience by anonymously tracking how users interact with our Site. It is specifically used to check approximately how long you stay on our Site.|
|__utmz||Google Analytics||Persistent||This cookie is part of Google Analytics and helps us improve your experience by anonymously tracking how users interact with our Site. It is used specifically to track how you arrived at our Site.|
|_vis_opt_exp*||Visual Website Optimizer||Persistent||This cookie is used to run content experiments so we can improve the effectiveness of our Site.|
|ASP.NET_SessionId||ASP.NET Session ID||Session||This cookie is required to make our Site work by setting an anonymous ID which is used when you navigate the Site.|
Please note that it is not possible for you to carry your settings between your browsers and devices, so you will need to change these settings for each browser you use.
All information you provide to us is stored on our secure servers.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
As a general rule, we will keep your personal information for the duration in which we are providing the services to you, and for a period of six years thereafter. However, where we have statutory obligations to keep personal information for a longer period or where we may need your information for a longer period in case of a legal claim, then the retention period may be longer.
11.1.2 Consents Online Limited, Marble Arch House, 66 Seymour Street, Marylebone, London W1H 5BT; or
11.1.3 by telephone: 0800 180 8570.
If you have any concerns about the information we hold, please contact our Data Protection Officer via the above methods.
If you still feel dissatisfied, you can appeal to our Managing Director at the above address.
Please contact us by using the details in section 11 and we will try to resolve your issue. You also have the right to lodge a complaint with the Information Commissioner's Office ("ICO"). You can contact the ICO by writing to them at: Information Commissioner's Office Client Services Team, Wycliffe House, Water Lane, Wilmslow, SK9 5AF or by visiting their website for further information at https://ico.org.uk/.
12.2.1 You have the right to request a copy of the information that we hold about you. This right relates to personal information that you have provided to us that we need in order to perform our agreement with you and personal information where we are relying on consent to process your personal information.
12.2.2 You can also ask us to:
· provide a copy of the personal data we hold about you in a commonly used and machine-readable format; and
· send your personal data to another data controller (e.g. another service provider).
12.2.3 We want to ensure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate, incorrect or incomplete.
12.2.4 You have the right to request us to erase the personal information we hold about you in certain circumstances, which is also known as the "right to be forgotten":
· if we are continuing to process your personal information beyond the period when it is necessary to do so for the purpose for which it was originally collected
· if we are relying on consent as the legal basis for processing and you withdraw consent
· if we are relying on legitimate interest as the legal basis for processing and you object to this processing and there is no overriding compelling ground which enables us to continue with the processing
· if it is necessary to delete the personal information to comply with a legal obligation
12.2.5 You have the right to ask us if we are processing your personal data. If so, you have the right to access such personal data and obtain certain information about our processing, including the purposes of our data processing and the categories of personal data which we are processing.
12.2.6 You have the right to object to our processing of your personal information where we are relying on legitimate interests or exercise of a public interest task to make the processing lawful. If you raise an objection we will carry out an assessment to determine whether we have an overriding legitimate ground which entitles us to continue to process your personal information
12.2.7 You have the right to ask us to restrict the processing of your personal data where you consider that:
· our processing of your personal information is unlawful
· where we no longer need the personal information but you require us to keep it to enable you to establish, exercise or defend a legal claim
· where you have raised an objection to our use of your personal information
12.2.8 You have the right not to be subject to automated decisions which produce legal effects or which could have a similarly significant effect on you.
12.2.9 You have the right to withdraw our consent at any time, where consent is the legal basis for our processing. This will not affect the lawful ness of our processing based on your consent prior to its withdrawal.
If you would like to exercise any of your rights or find out more, please contact us via the methods set out in section 11.