For the purposes of the Data Protection Act (‘DPA’), we are the ‘Data Controller’ (i.e. the company who is responsible for, and controls the processing of, your personal data).
This Policy was last updated in in line with the General Data Protection Regulation (GDPR) reform that came into effect in May 2018. The reform sets out more rights for individuals and greater transparency in how personal data is processed by Data Controllers, such as consent, distribution, marketing and deletion. As we are a credit intermediary, we undertake a number of financial tasks that relate to consumer credit. Our firm’s lawful basis for processing your personal data is done so under a Legitimate Interest – Article 6(1)(f) – “the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.”