Maxcroft Securities Ltd – Data Privacy Notice

This explains how and why we acquire and use your personal information in accordance with Regulation (EU) 2016/679, the General Data Protection Regulation (GDPR) and the Data Protection Act 1988. We will process your information fairly and compliantly. You have a right to know how we intend to use your information so you can decide whether or not to proceed with services we provide.

We are:

Maxcroft Securities Ltd (‘Maxcroft’)
632 Eastern Ave
Ilford
Essex IG2 6PG
Telephone 020 8518 1828
You can also contact us at enquiries@maxcroft.co.uk

When you use our services and throughout our relationship, we will ask for personal information from you.

We may update this Privacy Policy, these updates becoming effective immediately when posted to the website.

The data we collect/hold about you

We use different ways to collect data about you including the information you supply to us when you make a loan application or use our foreign currency exchange.  If you fail to provide this information we may not be able to proceed or to transact with you.

As necessary personal data is processed by us consisting of the following as applicable: –

  • Identity and contact details including car registration
  • Marital status and family details
  • Employment details and income
  • Personal/background information including occupation/status
  • Bank details and bank statements
  • Verification and credit status
  • Photograph of you
  • Tenancy details or home ownership status
  • Proof of address such as utility bills
  • Information regarding source of funds
  • Rent and other payments
  • Recovery of arrears, claims or proceedings
  • Council Tax liability
  • Water charges payable
  • Utilities cost
  • Welfare Benefits
  • Other monthly incomes and outgoings
  • Proof of funds
  • Proofs of provenance of items pawned
  • Audio and CCTV recordings
  • Complaints
  • Insurance
  • Emails texts and other communications and via our website
  • Website and online portal information.

We also generate and use data internally, e.g. our loan account records.

We also collect and receive data about you from third parties.

This can include information from a guarantor where there is a guarantor a joint borrower.  Public bodies such as local authorities or the police, or other law enforcement agencies may give us information about you.  Where we employ a third party to manage any aspect of the service we provide you, they will supply us with information about you.  We obtain information about you when we carry out credit checks or checking ownership of an item.  We may also obtain information about you which is publically available via search engines such as Google or Facebook and websites. This will include information about you which you yourself made public

For a business customer, we may receive information about other people in the business from the person we are dealing with.

Depending on the type of service we are providing, we may also collect certain information from third parties or public records such as:

  • Data confirming your identity and address.
  • Data relating to credit history and status of you or any associated person.
  • Data relating to any fraudulent activity or suspected fraudulent activity concerning you or any associated person.
  • Data relating to Politically Exposed Persons (PEPs) or Financial Sanctions
  • Data relating to your vehicle

We use personal information in order to

  • provide you with our products and services
  • to determine your eligibility for different products and services that you may be interested.
  • verify the accuracy of the data you’ve provided
  • make credit decisions about you
  • communicate with you by telephone, email, SMS or post using the contact details you have provided
  • tell you about changes to services provided or updates
  • respond to your queries and complaints
  • Review accounts and transactions for accuracy and statistics
  • manage your account make collections and trace you if necessary
  • recover arrears and for debt recovery and or repossession activities
  • prevent fraud and money laundering, crime detection, prevention and prosecution. We will study patterns of activity and monitor for unusual transactions
  • to authenticate ownership of goods or property
  • report positive, delinquent and default data to CRAs which will be available to others undertaking a search of your credit record
  • to test new systems, upgrade our existing system, training, analysing transactions, auditing and assessing risk.
  • to respond to your queries about your transactions with us.
  • To notify you about changes to our service

We may use your data for the above purposes to fulfil our legitimate interest of managing our legal agreement with you and where otherwise required to comply with our legal and regulatory obligations and where permitted by the GDPR.

We will endeavour to protect your interests and rights when processing your personal information. We won’t use your personal information for any purpose incompatible with those set out above. We’ll keep your data appropriately secure, and let you know if we use it for a new purpose.

We treat your personal information as private and confidential. This may include allowing our subcontractors access to it. This will be solely for the purposes set out above.

Occasionally, where we have your consent, we’ll let you know by email or post of the products or services we believe may be of interest.

We’ll disclose information to others to meet our contractual obligations to you in accordance with the Terms and Conditions, including where:

  • your information relates to a joint account, where the other account holder(s) may be entitled to know about your account activity
  • we need to share information with other parties who also have an interest in your goods, property or dealings with us.

We will also disclose information where absolutely necessary to comply with our legal obligations, including where:

  • HMRC or another regulatory authority requires it
  • it’s needed as part of our duty to protect your accounts.
  • it’s required by us or others to detect, investigate or prevent crime, fraud or money laundering or for public interest. This includes law enforcement agencies, other lenders, collection agencies and regulatory authorities.

We may share your information with:

  • third parties to which we transfer, charge or assign your agreement or which provide services for us
  • companies that validate your identity
  • Third parties who provide anti-crime and anti-money laundering search services
  • consultants, specialists and advisors to the company
  • In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • In the event that the ownership of the company changes or if most of the company’s assets are acquired by a third party, the personal data held by us about our customers will be one of the transferred assets. This will enable the new owners to continue to run the business and provide a good service to our customers.
  • We may share your personal information with other companies in our group who may process your personal information for the purposes specified above.
  • We may need to share your information in order to sell an unredeemed pledge
  • Information can also be made available to a third party where you have asked us to do so. This consent can also be withdrawn later.
  • Courts
  • Other lenders and financial organisations (including banks and insurance companies);
  • debt collection and tracing agents;
  • public and government bodies,
  • police and law enforcement agencies;
  • taxation authorities;
  • foreign Exchange wholesaler
  • We may need to share information with your next of kin etc., e.g. in an emergency.
  • In some cases, we may be under a legal obligation to provide information because of the law. What we share will depend on what is necessary in the circumstances.

CCTV

Maxcroft operates a CCTV surveillance system at its premises (‘the system’) with Images being monitored and recorded.

The purpose for processing personal data through use of the system is crime prevention and general monitoring

CCTV is used for maintaining public safety, the security of property and premises and for preventing and investigating crime and money laundering, it may also be used to monitor staff and customer transactions. For these reasons the information processed may include visual images, personal appearance and behaviours. This information may be about staff, customers and clients, offenders and suspected offenders, members of the public and those inside, entering or in the immediate vicinity of the area under surveillance. Where necessary or required this information is shared with the data subjects themselves, employees and services providers, police forces, court or tribunal, security organisations and persons making an enquiry.

Maxcroft recognises the effect of such systems on the individual and the right to privacy.

The system is intended to produce images as clear as possible and appropriate for the purposes stated. The system is operated to provide when required, information and images as evidence.

Cameras are located at strategic points throughout the premises.

Signage is prominently placed inside and outside the office to inform staff, visitors and members of the public that a CCTV installation is in use and includes contact details for further information.

Images captured by the system are recorded continuously and may be monitored by the directors. Certain images can be viewed by staff on screens in the premises for security reasons in order to see what is happening in other parts of the building or outside.

No more images and information shall be stored than is required for the stated purpose. Images will be deleted after 1 month.

Access to images is restricted to those who need to have access in accordance with this policy.

Disclosure of recorded material will only be made to third parties in accordance with the purposes of the system and in compliance with the Data Protection Act.

Access requests should be addressed to Maxcroft (details at the top)

Credit Reference Agencies. (CRA’s)

In order to process your application, we will perform credit and identity checks on you with one or more credit reference agencies (“CRAs”).

To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.

We will use this information to:

  • Assess your creditworthiness and whether you can afford to take the product;
  • Verify the accuracy of the data you have provided to us;
  • Prevent criminal activity, fraud and money laundering;
  • Manage your account(s);
  • Trace and recover debts; and
  • Ensure any offers provided to you are appropriate to your circumstances.

We will continue to exchange information about you with CRAs while you have a relationship with us. We will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs.

When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders.

If you are making a joint application, or tell us that you have a spouse or financial associate, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application. CRAs will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.

More about CRAs, their role as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with CRAs are explained in detail at www.experian.co.uk/crain CRAIN is also accessible from all CRAs:

Please email, telephone or write to us at the contact details below if you want to have details of the credit reference agencies from whom we obtain, and to whom we pass, information about you. You have a legal right to these details. You have a right to receive a copy of the information we hold about you.

We store your information:

  • within the European Economic Area (EEA)
  • if we transfer data outside the EEA we will ensure that before we do so, there is adequate protection in place to ensure the security of your data.

How long will we keep your Information

We will keep your personal information for as long as you are our customer

Once you are no longer a customer, we may retain your personal information for up to 7 (seven) years. The reason for this is:

  • Adherence to regulations applicable to us
  • To respond to questions or complaints from when you were a customer

You have the right to:

  • access the information we hold about you. If you would like to do this, contact Noam Margolin.
  • ask us to make any changes to your information to make sure it is accurate and up to date
  • ask us to stop or limit our use of or to delete your information
  • receive your information in a format that suits you
  • transfer your information to a third party
  • be told which CRAs we have used and obtain a copy of your file from CRAs.

We aim to work with you on any request, complaint or question you have about your personal information. However, if you believe we have not adequately resolved a matter, you have the right to complain to the Information Commissioner’s Officer (the ‘ICO’). You have a right, at any time, to complain to the ICO. As an independent UK authority, it upholds information rights in the public interest, promotes openness by public bodies and data privacy for individuals. You can visit their website at https://ico.org.uk