Who we are
Access to Finance is an online trading style of Prequire working in partnership with a specific Commercial Finance Broker based in Birmingham, who are authorised and regulated by the Financial Conduct Authority ref: FRN 672773.
How we will use the information about you
Here at Prequire we take your privacy seriously and will use your personal information in several ways which will help us;
- make lender decisions,
- for fraud prevention,
- for audit,
- for statistical analysis,
We may share your information with, and obtain information about you from, credit reference agencies or fraud prevention agencies.
We will not disclose your information to any company outside of the lender(s) except to help prevent fraud or if required by law to do so.
For further information on how your information is used, how we maintain the security of your information and your rights to access/alter and change the information we hold on you, please contact firstname.lastname@example.org
Your Personal Data:
What we need
Prequire will be what is known as the Controller of the personal data you provide to us. We collect personal data about you which may also include any special types of information or location-based information.
We also gather
Name, addresses, date of Births, dependants, financial status, marital status, income details, personal assets, personal liabilities, personal bank statement, copies of personal credit searches or any information we feel may be relevant to your application to a particular lender.
Why we need it
We need to know your basic personal data to provide you with an accurate recommendation for your personal circumstances. We will not collect any personal data from you we do not need to provide and oversee this service to you.
For processing of data to be lawful under GDPR, Prequire use;
- Consent: the individual has given clear consent for you to process their personal data for a specific purpose.
- Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.
- Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations).
- Vital interests: processing is necessary to protect someone’s life.
- Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law.
- Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. (This cannot apply if you are a public authority processing data to perform your official tasks.)
What we do with it
Prequire will pass your data captured to [partners/brokers/lenders/funders/banks] who may use automated decision-making in respect of your application for finance. We will only collect the minimum amount of data needed and have a clear retention policy for the profiles we create.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or any significant affects. You can request human intervention and challenge a decision made this way by email@example.com
All the personal data we use is controlled by Prequire in the UK, however, for the purposes of IT hosting and maintenance, this information is located on servers within the European Union. No 3rd parties have access to your personal data unless the law allows them to do so. We have a Data Protection regime in place to oversee the effective and secure processing of your personal data. More information on this framework can be found by contacting us on firstname.lastname@example.org
We may pass your data to lenders to provide you with offers of products suitable to meet your customer requirements.
Your data is stored electronically on our cloud encrypted server. Our server is based in the Two geo-redundant data centres within the European Union (separate locations within Demark), these datacentres are monitored 24/7.
Your data on our Customer Relationship Management system is held in ISO 27001 certified data centres. These are all based in the EU, including the backup facilities.
How long we keep it
We are required under regulation to keep your basic personal data, such as Name, addresses, date of Births, dependants, financial status, marital status, income details, personal assets, personal liabilities, personal bank statement & copies of personal credit searches for a minimum of 6 years, after which time it will be destroyed. The information used for marketing will be kept with us until you notify us that you no longer wish to receive this information.
What are your rights?
If at any point you believe retained information is incorrect you can request to see this information and even have it corrected and possibly deleted. Providing you with this information is free of charge, but charges may apply for excessive requests.
If you wish to raise a complaint on how we have handled your personal data, you can contact email@example.com and we will investigate the matter.
Where relevant, you have the right to withdraw consent and object at any time and this means that we cannot process your data provided without your consent.
More information about your rights can be found on the Information Commissioners website. https://ico.org.uk/
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).