For the purposes of the Data Protection Act (‘DPA’), we are the ‘Data Controller’ (i.e. the company who is responsible for, and controls the processing of, your personal data).
This Policy was last updated in 20th December 2019 in line with the General Data Protection Regulation (GDPR) reform that came into effect in May 2018. The reform sets out more rights for individuals and greater transparency in how personal data is processed by Data Controllers, such as consent, distribution, marketing and deletion. As we are a credit intermediary, we undertake a number of financial tasks that relate to consumer credit. Our firm’s lawful basis for processing your personal data is done so under a Legitimate Interest - Article 6(1)(f) – “the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.”
Personal data we may collect
We will obtain personal data about you (including your name, address, date of birth, contact information, interests, payment details, financial information and opinions) and those whose personal data you have with express authority disclosed to us (‘others’) whenever you complete an online or paper form, make a telephone enquiry with us, or visit our showroom to receive our services. If you submit an online enquiry you will be required to agree to the terms of this Policy which include permitting us to contact you for the purposes of the finance related enquiry via the contact means of which you provide us with the details of. I.e. email address, telephone number, etc.
For example, we will obtain personal data when you (e.g. contact us for any reason, or purchase services). In certain circumstances, we may hold sensitive personal data if you provide us with such information if you feel that it is relevant for the purpose of your enquiry, but we will not ask for such information. Any sensitive personal data obtained and recorded will only be done so with your explicit consent.
How we use personal data
We will use the personal data you disclose to us for the purposes described in Our Terms. These purposes include:
1 to assist us in processing your enquiries and obtaining the services which you require;
2 to help us identify you and any accounts that you hold with us;
3 undertaking credit checks;
5 research, statistical analysis and behavioural analysis;
6 customer profiling and analysing your preferences;
7 marketing (providing you have opted-in) [for further information see ‘Marketing and opting-in’ below];
8 fraud prevention and detection;billing and order fulfilment;
9 customising our website and its content to your particular preferences;
10 to notify you of any changes to our website or to our services which may affect you;
11 security vetting; and
12 improving our services.
Marketing and opting-in
We may share your personal data with organisations as set out in the ‘Disclosure of personal data’ section below. If you have opted-in to receive our marketing material, we will ensure that it is to your requirements and granular. We or they may contact you or others (unless you have asked us or them not to do so) by mail, telephone, text message, email, (each contact method requires its own consent via an opt-in selection) The nature of these marketing communications relate to information on products, services, promotions and special offers which we believe may be of interest to you or others. If you or others would prefer not to receive any further direct marketing communications from us or our business partners, it is possible to opt out at any time. See further ‘Your rights’ below.
Disclosure of personal data
We may disclose personal data which you provide to us to:
1 Our agents and service providers (e.g. providers of web hosting, maintenance services or potential funders);
2 Law enforcement agencies in connection with any investigation to help prevent unlawful activity;
3 Our business partners in accordance with the ‘Marketing and opting out’ section above, specifically being:
(a) our group companies (as defined in the Companies Act 2006);
(b) finance companies with whom we deal for the purposes of providing our services to you;
(c) Insurance companies with whom we deal for the purposes of providing our services to you and to verify information provided to us by you; and
(d) other third parties with whom we deal with in the course of providing our services to you; and
4 Any regulators within whose jurisdiction we operate within from time to time.
5 Any finance companies with whom we deal for the purposes of providing our services to you;
6 Insurance companies with whom we deal for the purposes of providing our services to you and to verify information provided to us by you; and
7 other third parties with whom we deal within the course of providing our services to you; and
Please be aware that we will not sell or otherwise disclose any personal data provided to us to any other party.
Keeping data secure
We currently safeguard personal data by storing it on a CRM protected by password and shall ensure that from time to time we use no lesser technical and organisational measures to safeguard personal data which is disclosed to us. Whilst we will use all reasonable efforts to safeguard such personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data which are transferred from you or to you via the internet.
We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention or compliance purposes.
Information about other individuals
If you give us information about others, you confirm that the other third party person has appointed you to act on his/her behalf. This is also relevant where others are concerned if you indeed ask another person to act on your behalf as a third party.
Under the third party authorisation, the other person can:
1 Give consent on his/her behalf to the processing of his or her personal data for the purposes and reasons set out in this Policy; and
2 Receive on his/her behalf any data protection notices.
Such authorisation will remain in place until this has been revoked, either by verbal or written communication.
Use of Google Analytics Advertising
We use Google Analytics Advertising Features (‘GAAF’) through our website, which means that certain information about the traffic on our website is collected. In light of using GAAF, We will not facilitate the merging of personally-identifiable information with non-personally identifiable information collected through GAAF unless we receive your express consent to that merger.
Furthermore, We are hereby notifying You that:
1 The specific GAAF feature(s) which we have implemented are:
(a) Remarketing with Google Analytics
(b) Google Display Network Impression Reporting
(c) Google Analytics Demographics and Interest Reporting
2 We use first-party cookies (such as GAAF cookies) or other first-party identifiers, and third-party cookies (such as advertising cookies) or other third-party identifiers together and that this is done in the ways detailed under the sub-heading ‘Use of First & Third Party Cookies and Identifiers’ below; and
3 You can opt-out of the GAAF you use, including through Ads Settings, Ad Settings for mobile apps, or any other available means such as the Google Analytics currently available opt-outs accessible via tools.google.com/dlpage/gaoptout.
You have the right to request access to your personal data which we process. This formal request is made under the DPA and is referred to as a Subject Access Request. If you wish to exercise this right and make a Subject Access Request, you should;
1 Put your request in writing; either by Email or by letter.
2 Include proof of your identity and address (e.g. a copy of your driving licence or passport, and a recent utility or credit card bill);
3 Specify the personal data you want access to, including any account or reference numbers where applicable.
You have the right to require us to correct any inaccuracies in your data free of charge. If you wish to exercise this right, you should:
1 Either speak to us via telephone or put your request in writing;
2 Provide us with enough information to identify you (e.g. account/order number, username, registration details); and
3 Specify the information that is incorrect and what it should be replaced with.
You also have the right to ask us to stop processing your personal data for direct marketing purposes. If you wish to exercise this right you should:
1 put your request in writing (an email sent to email@example.com with a header that says ‘unsubscribe’ is acceptable);
2 provide us with enough information to identify you (e.g. account/order number, username, registration details);
3 if your objection is not to direct marketing in general, but to direct marketing by a particular channel (e.g. email or telephone) please specify the channel you are objecting to.
We will only process your personal data providing you have given your consent for us to do so. Under the provisions of the DPA, our firm’s lawful basis for processing personal data is based on a Legitimate Interest.
The legitimate interest relates to a legal requirement for the firm to hold your personal data and financial information on record for up to a total of six years. This six year period satisfies the requirement of our regulator, The Financial Conduct Authority and is also in line with other financial industry retention periods.
We and the other companies processing your data for the purposes of processing any order or finance application may from time to time need to undertake some of the processing in countries outside of the European Economic Area. Different privacy laws may apply in these countries and you understand and unambiguously agree to the transfer of personal information to these countries and parties. We only make these arrangements or transfers where we are satisfied that adequate levels of protection are in place to protect any information held in that country or that the service provider acts at all times in compliance with applicable privacy laws.
Whenever we transfer your personal data outside of the European Economic Area, we impose standard data protection clauses adopted by the commission in accordance with the examination procedure referred to in Article 93(2) of the UK GDPR. We impose obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. We may also require the recipient to subscribe to "international frameworks" intended to enable secure data sharing.
Under the GDPR, you have the right to lodge a complaint with the Supervisory Authority, the Information Commissionaires Office (ICO), who are the national authority responsible for the protection of personal data. A complaint can be made to the ICO via their website: ico.org.uk or through their helpline: 0303 123 1113.
If you have received an email or other communication sent by us that you believe is spam or in violation of our acceptable use policies, please contact us via one of the methods below.
Our contact details
We welcome your feedback and questions. If You wish to contact us, please send an email to firstname.lastname@example.org or you can write to us at 15f Ponderosa Park Smithies Lane, Heckmondwike, England, WF16 0PR or call us on 0330 029 0192. We may change this Policy from time to time. You should check this policy occasionally to ensure you are aware of the most recent version which will apply each time you deal with us.
Changes to this statement
We will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.
We will use this information to:
Lenders may continue to exchange information about you with CRAs while you have a relationship with them. They will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs. When CRAs receive a search from a lender post approval this will place a search footprint on your credit file that may be seen by other lenders.
If you are making a joint application, or tell us that you have a spouse or financial associate, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application. CRAs will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.
The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail at www.callcredit.co.uk/crain. The Credit Reference Agency Information Notice is also accessible from each of the three CRAs – clicking on any of these three links will also take you to the same document:
How We Might Share Your Information
The third parties with whom we may need to share personal information to help us provide services and products to you are detailed within this section.
Car, Bike and Van Finance
Our partners, including brokers, introducers, lenders and motor dealers we work with dependent upon your individual credit profile and the specific criteria determined by the lender.
Motor Insurance & Guaranteed Asset Protection (GAP) Insurance
Insurance providers, in the event that you apply for an insurance product, for the purposes of underwriting, processing, claim handling and fraud prevention.
Vehicle Movement Providers:
Vehicle logistic providers we work with dependent upon your geographic location for the purposes of transporting your vehicle.
Our subsidiaries or affiliates:
For the purpose of managing our customer relationships, administering our business and to provide you with information about other products and services which might be of interest to you.
Credit and fraud agencies:
(including Call Credit, Equifax, Experian and Cifas) to help make decisions (See Section 6: Credit Checking and Automated Decision-Making for more information).
Law enforcement bodies:
In order to comply with any legal obligation or court order.
For the purpose of validating and assessing fitness and propriety in connection with any application for employment.
Who may or do acquire any rights in us for the purpose of a business sale or reorganisation.
For the purpose of assisting us to better manage, support or develop our business and comply with our legal and regulatory obligations.
Occasionally, we may make your details available to reputable suppliers of credit and insurance related services that we feel may be of interest to you, where you have agreed to receive such marketing.
Debt recovery agencies:
Or service providers, tracing agents or investigators, solicitors or other agents for the purpose of collecting monies or assets due or outstanding on your account.
Marketing & Technology Partners:
Reviews.io, Google, Facebook, Twitter, Reddit, Taboola, SnapChat, News Corp UK & Ireland Limited, SocialTap, Digital Discovery & TikTok
Who need to know the information in order to provide us or you with a product or service (including our third party service providers who process information on our behalf to help run some of our internal business operations including email distribution, electronic signature processing, storage of customer documentation, our HR careers portal, IT services, customer services and for data analytics (using anonymised data).
Third party credit providers:
Where you have been unsuccessful in applying for personal lending services and/or product(s); in which case third party credit providers will become the relevant data controller.
We are a credit broker and not a lender. Your vehicle may be repossessed if you do not keep up the repayments.
i3.finance is a trading style of i3 Technology Group Ltd, who are authorised and regulated by the Financial Conduct Authority. The guidance provided within this website is subject to the UK regulatory regime and is therefore primarily targeted at consumers based in the UK.
Registered in England | Registered number 11075528 | VAT number 332205743 | ICO registration ZA550010 | FCA number 915462
All finance is subject to status, income and affordability. Applicants must be 18 or over. Terms and conditions apply. Guarantees and indemnities may be required. Written quotations on request. We can introduce you to a limited number of finance providers and other brokers who may be able to offer you finance facilities for your purchase. We receive a commission payment from the finance provider if you decide to enter into an agreement with them. You may be able to obtain finance for your purchase from other lenders. If you would like to know how we handle complaints, please view our complaints page.