AutoMoney Limited: Privacy Notice
Last updated August 2024
Contents
- Who we are
- The information we process
- How we obtain information
- Your rights
- Changes to the way we use your information
- How we use and share your information
- Sharing with third parties
- Transferring information overseas
- Marketing information
- Communications about your account
- Credit reference agencies and fraud prevention agencies
- How long we keep your information
- Security
- Automated processing
1 Who we are
1.1 This privacy notice (the “Notice”) applies to all information we collect, use, and process in relation to the products (including hire purchase agreements) and services (including credit broking) you receive from AutoMoney Limited (“AutoMoney”). This includes information about customers, prospective customers, and any other individuals who provide personal information to us or whose information we may receive in connection with our business activities.
1.2 AutoMoney is a data controller in respect of personal information that we process in connection with our business (including the products and services that we provide). In this notice, references to “we”, “us” or “our” are references to AutoMoney.
1.3 Our registered address is 25-27 Surrey Street, Norwich, Norfolk, NR1 3NX.
1.4 Our office address is Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW.
1.5 Our contact details can be found here.
1.6 We are a member of the Norfolk Capital Group. Find more information about the Norfolk Capital Group here.
1.7 We are authorised and regulated by the Financial Conduct Authority under Firm Reference Number 912573.
1.8 We are registered as a data controller with the Information Commissioner’s Office under registration number ZA761449.
1.9 We respect individuals’ rights to privacy and to the protection of personal information. The purpose of this Notice is to explain how we collect and use personal information in connection with our business. “Personal information” means information about a living individual who can be identified from that information (either by itself or when it is combined with other information).
2 The information we process
2.1 We collect and process various categories of personal and confidential information at the start of, and for the duration of, your relationship with us and beyond (subject to appropriate retention periods as set out in Section 12 below). We will limit the collection and processing to information necessary to achieve one or more legitimate purposes as identified in this Notice. Personal and confidential information may include:
a) basic personal information, including name and address, date of birth, contact details, the fact you are our customer;
b) financial information, including agreement and transactional information and history;
c) information about your financial circumstances, including proof of income and expenditure, and credit and borrowing history;
d) employment and business information;
e) products and services provided; and
f) visual images and personal appearance (such as copies of passports), and voice recordings.
2.2 We may also process certain special categories of information for specific and limited purposes, such as detecting and preventing financial crime, if it is in the wider public interest (for example, to protect customers’ economic well-being), to make our services accessible to customers, or for reporting of complaints for regulatory purposes. We will only process special categories of information where we’ve obtained your explicit consent or are otherwise lawfully permitted to do so (and then only for the particular purposes and activities for which the information is provided as set out in Schedule A below). This may include information revealing:
a) information revealing racial or ethnic origin;
b) religious or philosophical beliefs;
c) trade union membership; and
d) data concerning a person’s sex life and sexual orientation.
2.3 Where permitted by law we may process information about criminal convictions, criminal offences, alleged offences including unproven allegations, or spent or previous convictions.
2.4 Where you have provided your consent for us to process your special category data, you can change it any time by contacting us:
By post: Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW
By email
3 How we obtain information
3.1 Your information is made up of all the financial and personal information we collect and hold about you. It includes:
a) information you give to us;
b) information that we receive from third parties including:
(i) third parties who provide services to you or us;
(ii) credit reference, fraud prevention, law enforcement or government agencies;
(iii) industry and trade bodies; and
(iv) other lenders or brokers (where permitted by law);
c) information that we learn about you through our relationship with you;
d) information that we gather through cookies or similar tracking tools when you use our website; and
e) information that we gather from publicly available sources, such as the press, the electoral register, company registers and online search engines. Information that you make public on social media e.g. Facebook, Twitter.
4 Your rights
4.1 We want to make sure you are aware of your rights in relation to the personal information we process about you. We have described those rights and the circumstances in which they apply in Table A.
If you wish to exercise any of these rights, if you have any queries about how we use your personal information that are not answered here, or if you wish to complain to our Head of Compliance, please contact us:
By post: Unit 3 Brooklands, Moons Moat Drive. Redditch, B98 9DW
Alternatively please use our online complaints process here.
Please note that in some cases, if you do not agree to the way we process your information, it may not be possible for us to continue our relationship with you.
| Rights | Description |
| Access – You have a right to get access to the personal information we hold about you. | If you would like a copy of the personal information we hold about you, or for more information on how to get access to your information please contact us: By post: Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW |
| Rectification – You have a right to rectification of inaccurate personal information and to update incomplete personal information. | If you believe that any of the information that we hold about you is inaccurate, you have a right to request that we restrict the processing of that information and to rectify the inaccurate personal information. Please note that if you request us to restrict processing your information, we may have to suspend the operation of the products and services we provide to you. |
| Erasure – You have a right to request that we delete your personal information. | You may request that we delete your personal information if you believe that: we no longer need to process your information for the purposes for which it was provided; we have requested your permission to process your personal information where required for a particular purpose and you wish to withdraw your consent; or we are not using your information in a lawful manner. Please note that if you request that we delete your information, we may have to suspend the operation of the products and services we provide to you. |
| Restriction – You have a right to request that we restrict the processing of your personal information. | You may request that we restrict processing your personal information if you believe that: any of the information that we hold about you is inaccurate; we no longer need to process your information for the purposes for which it was provided, but you require the information to establish, exercise or defend legal claims; or we are not using your information in a lawful manner. Please note that if you request that we restrict processing your information, we may have to suspend the operation of the products and services we provide to you. |
| Portability – You have a right to data portability. | Where we have requested your permission to process your personal information or you have provided us with information for the purposes of entering into a contract with us, you have a right to receive the personal information you provided to us in a portable format. You may also request us to provide it directly to a third party, if technically feasible. We’re not responsible for any such third party’s use of your account information, which will be governed by their agreement with you and any privacy statement they provide to you. If you would like to request the personal information you provided to us in a portable format, please contact us: By post: Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW |
| Objection – You have a right to object to the processing of your personal information. | You have a right to object to us processing your personal information (and to request us to restrict processing) for the purposes described in Section C of Schedule A below, unless we can demonstrate compelling and legitimate grounds for the processing, which may override your own interests, or where we need to process your information to investigate and protect us or others from legal claims. Depending on the circumstances, we may need to restrict or cease processing your personal information altogether or, where requested, delete your information. Please note that if you object to us processing your information, we may have to suspend the operation of the products and services we provide to you. |
| Marketing – You have a right to object to direct marketing. | You have a right to object at any time to processing of your personal information for direct marketing purposes, including profiling you for the purposes of direct marketing. For more |
| Withdraw consent – You have a right to withdraw your consent. | Where we rely on your permission to process your personal information, you have a right to withdraw your consent at any time. We will always make it clear where we need your permission to undertake specific processing activities. |
| Lodge complaints – You have a right to lodge a complaint with the regulator. | If you wish to raise a complaint on how we have handled your personal information, please use our online complaints process here. Alternatively, you can contact our Head of Compliance: By post: Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW We hope that we can address any concerns you may have, but you can always contact the Information Commissioner’s Office. |
5 Changes to the way we use your information
5.1 From time to time we may change the way we use your information. When we do, we will publish the updated Privacy Notice on our website. We would encourage you to visit our website regularly to stay informed of the purposes for which we process your information and your rights to control how we process it.
Where we believe you may not reasonably expect such a change we will notify you and will allow a period of at least 30 days for you to raise any objections before the change is made. However, please note that in some cases, if you do not agree to such changes it may not be possible for us to continue to provide certain products and services to you. Where relevant, we may also include further details or information in relation to a particular service or activity at the point information is collected or the product or service is considered.
7 Sharing with third parties
7.1 We will not share your information with anyone outside of AutoMoney except:
a) where we have your permission;
b) where required, whether directly or indirectly, for your product or service (including credit broking);
c) with law enforcement agencies, judicial bodies, government entities, tax authorities or regulatory or trade bodies;
d) with other lenders, brokers and third parties in relation to fraud or financial crime or criminal activities; or in the event of suspected fraud or financial crime or criminal activities; or the monitoring, prevention and investigation of the same;
e) with third parties providing services to us, such as market analysis and benchmarking, agents and sub-contractors acting on our behalf such as the companies which print our statements, where advice or services are requested in connection with our legal, regulatory or contractual rights or obligations relating to products or services provided to you;
f) with credit reference agencies and with third parties in relation to debt collection and related activities;
g) where required for a proposed or actual sale, reorganisation, transfer, financial arrangement, asset disposal or other transaction relating to our business and/or assets held by our business, where such data is shared with a third party it is done so under strict duties of confidentiality;
h) where required by our funders, who may share your information with their funders, and in each case to their professional advisors, where such data is shared with a third party it is done so under strict duties of confidentiality;
i) in anonymised form as part of statistics or other aggregated data shared with third parties; or
j) where permitted by law, it is necessary for our legitimate interests or those of a third party, and it is not inconsistent with the purposes listed above.
7.2 If you have been introduced to us via third party, for example a credit broker or price comparison website, we may disclose information concerning the progress of your application to them, whether you have been successful and details of the loan taken out. Where the loan application is declined, we may inform the broker of the reasons why. The broker may be informed about the performance of your loan for the purpose of recovering costs from them.
7.3 In addition to the above, we may share your personal information with brokers via WhatsApp for the purposes of providing you with the services you have requested. This will be done under the following conditions:
a) where we have a legitimate interest in using efficient communication tools, such as WhatsApp, to facilitate the provision of our services and to ensure timely and effective communication with brokers; and/or
b) where sharing your data with brokers via WhatsApp may be necessary to perform our contract with you, particularly when arranging finance for your vehicle.
We ensure that WhatsApp communications are secure and comply with GDPR requirements, including end-to-end encryption.
8 Transferring information overseas
8.1 We may transfer your information to organisations in other countries on the basis that anyone to whom we pass it protects it in the same way we would and in accordance with applicable laws.
8.2 In the event that we transfer your information to countries outside of the UK and European Economic Area (which includes counties in the European Union as well as Iceland, Liechtenstein and Norway), we will only do so where:
a) the UK has decided that the country or the organisation we are sharing your information with will protect your information adequately;
b) the transfer has been authorised by the relevant data protection authority; or
c) we have entered into a contract with the organisation with which we are sharing your information (on terms approved by the UK) to ensure your information is adequately protected.
9 Marketing information
9.1 Unless you have told us that you do not want to hear from us, we may send you relevant marketing information (including details of other products or services provided by us), by mail, phone, text and other forms of electronic communication. If you change your mind about how you would like us to contact you or you no longer wish to receive this information, you can change your preferences at any time by contacting us:
By post: Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW
By email
10 Direct Marketing and Credit Broking Activities
10.1 If you are an existing customer and do not meet our criteria for finance, we may refer you to one of our broker partners. With your consent, we will share your personal information with the broker partner, and your data will then be subject to that broker’s Privacy Notice.
10.2 Additionally, we may market directly to our existing customers where we have valid marketing consent. This direct marketing may include information about products and services provided by us, and it will be conducted in accordance with your preferences and consent.
11 Communications about your account
11.1 We will contact you with information relevant to the operation and maintenance of your account (including updated information about how we process your personal information), by a variety of means including email, text message, post and/or telephone. If at any point in the future, you change your contact details you should tell us promptly about these changes.
11.2 We may monitor or record calls, emails, text messages or other communications in accordance with applicable laws for the purposes outlined in Schedule A below.
11.3 We may contact you if we have concerns about your economic wellbeing and offer support.
12 Credit reference agencies and fraud prevention agencies
12.1 We may access and use information from credit reference agencies and fraud prevention agencies to:
a) manage and take decisions about your account, including assessing credit worthiness and checks to avoid customers becoming over-indebted;
b) prevent criminal activity, fraud and money laundering;
c) check your identity and verify the accuracy of the information you provide to us; and
d) trace debtors and recover debts.
12.2 If you are making a joint application, or tell us that you have a spouse or financial associate, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application. Credit reference agencies will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the credit reference agencies to break that link.
Application decisions may be taken based solely on automated checks of information from credit reference and fraud prevention agencies and internal AutoMoney records. To help us make decisions on when to give you credit, we use a system called credit scoring to assess your application. To work out your credit score, we look at information you give us when you apply; information from credit reference agencies that will show us whether you’ve kept up to date with payments on any credit accounts (that could be any mortgages, loans, credit cards or overdrafts), or if you’ve had any court action such as judgments or bankruptcy; your history with us such as maximum level of borrowing; and affordability, by looking at your available net income and existing debts. You have rights in relation to automated decision-making, including a right to appeal if your application is refused. You can appeal via our normal complaints process which can be found here.
12.3 We will continue to share information with credit reference agencies about how you manage your account including your account balance, payments to your account and any arrears or default in making payments, while you have a relationship with us. This information will be made available to other organisations (including fraud prevention agencies and other financial institutions) so that they can take decisions about you, your associates and members of your household.
12.4 If false or inaccurate information is provided and/or fraud is identified or suspected, details will be passed to fraud prevention agencies. Law enforcement agencies and other organisations may access and use this information. Fraud prevention agencies may allow the transfer of your personal data outside of the UK. This may be to a country where the UK Government has decided that your data will be protected to UK standards, but if the transfer is to another type of country, then the fraud prevention agencies will ensure your data continues to be protected by ensuring appropriate safeguards are in place.
12.5 If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we and others may refuse to provide the services and financing you have requested, to employ you, or we may stop providing existing services to you.
12.6 A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. Fraud prevention agencies can hold your information for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
12.7 Our Fair Processing Notice for the Purposes of Fraud Prevention Detection can be found in Schedule B, below.
12.8 If you would like a copy of your information held by the credit reference and fraud prevention agencies we use, or if you want further details of how your information will be used by these agencies, please visit their websites or contact them using the details below. The agencies may charge a fee.
| Credit Reference Agency | Contact Details |
| Equifax Limited | Equifax Ltd, Customer Services Centre, PO Box 10036, Leicester, LE3 4FS Phone: 0333 321 4043 or 0800 014 2955 |
| Experian Limited | Post: Experian, PO Box 9000, Nottingham, NG80 7WF Email: customerservices@uk.experian.com Phone: 0344 481 0800 or 0800 013 8888 |
| TransUnion International UK Limited | Post: Consumer Service Team, PO Box 491, Leeds, LS3 1WZ Visit the TransUnion International website Phone: 0330 024 7579 |
| CIFAS | Post: Consumer Affairs, CIFAS, 6th Floor Lynton House, 7-12 Tavistock Square, London, WC1H 9LT Phone: 0330 100 0180 |
13 How long we keep your information
13.1 By providing you with products or services, we create records that contain your information, such as customer account records, activity records, tax records and lending and credit account records. Records can be held on a variety of media (physical or electronic) and formats.
13.2 We manage our records to help us to serve our customers well (for example for operational reasons, such as dealing with any queries relating to your account) and to comply with legal and regulatory requirements. Records help us demonstrate that we are meeting our responsibilities and to keep as evidence of our business activities.
13.3 Retention periods for records are determined based on the type of record, the nature of the activity, product or service and the applicable local legal or regulatory requirements. We normally keep customer account records for up to six years after your relationship with the bank ends, whilst other records are retained for shorter periods. Retention periods may be changed from time to time based on business or legal and regulatory requirements.
13.4 We may on exception retain your information for longer periods, particularly where we need to withhold destruction or disposal based on an order from the courts or an investigation by law enforcement agencies or our regulators. This is intended to make sure that we will be able to produce records as evidence, if they’re needed.
13.5 If you would like more information about how long we keep your information, please contact us:
By post: Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW
By email
14 Security
14.1 We are committed to ensuring that your information is secure with us and with the third parties who act on our behalf. For more information about the steps we are taking to protect your information please contact us:
By post: Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW
By email
15 Automated processing
15.1 The way we analyse data relating to our services may involve profiling. This means that we may process your personal data (including sensitive personal data) using software that can evaluate your personal circumstances and other factors to predict risks or outcomes. We may also use profiling, or other automated methods, to make decisions about you that relate to the following:
a) credit and affordability checks to see whether your application will be accepted;
b) anti-money laundering and sanctions checks;
c) identity and address checks;
d) screening people who may be classed as “politically exposes” (for example, if you are a government minister);
e) assessments required by our regulators and appropriate authorities to make sure that we meet our regulatory obligations (for example, making decisions about those at risk of becoming financially vulnerable); and
f) enhancing our quality assurance processes by using artificial intelligence software to transcribe calls, further details of which can be found in Schedule D, below.
15.2 This is known as “automated decision-making” and is only allowed when we have a lawful basis for this type of decision-making. We may make automated decisions about you in the following circumstances:
a) if automated decisions are necessary for us to enter into a contract. For example, we may decide not to offer our services to you, or how much to charge you for our products, based on your credit history and other financial information we have collected about you;
b) if automated decisions are required or authorised by law (for example, to prevent fraud); and/or
c) if it is a reasonable way of complying with regulation or guidance, such as our obligation to act to deliver good outcomes for our customers.
15.3 You have the right:
a) not to be subject to a decision that is based solely on automated processing if the decision affects your legal rights or other equally important matters, including automatic refusal of a credit application;
b) to understand the reasons behind decisions made about you by automated processing and possible consequences of the decisions; and
c) to object to profiling in certain situations, including direct marketing.
15.4 To request human intervention, express your point of view and/or contest an automated decision:
By post: Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW
By email
Schedule A - Purposes of processing
We will only use and share your information where it is necessary for us to carry out lawful business activities. Your information may be shared with and processed by other Norfolk Capital Group companies. We want to ensure that you fully understand how your information may be used. We have described the purposes for which your information may be used in detail in the table below:
A - Contractual Necessity
We may process your information where it is necessary to enter into a contract with you for the provision of our products or services or to perform our obligations under that contract. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to provide products and services to you.
This may include processing to:
a) assess and process applications for products or services;
b) provide and administer those products and services throughout our relationship with you, including opening, setting up or closing your agreement, collecting and issuing all necessary documentation, processing transactions, resolving any queries or discrepancies and administering any changes. Calls to and from us may be recorded and monitored for these purposes;
c) manage and maintain our relationship with you and for ongoing customer service;
d) administer any debts, including agreeing repayment options; and
e) communicate with you about your agreement or the services you receive from us.
B - Legal Obligation
When you apply for a product or service (and throughout your relationship with us), we are required by law to collect and process certain personal information about you. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to provide products and services to you. This may include
processing to:
a) confirm your identity;
b) perform checks and monitor transactions data for the purpose of preventing and detecting crime and to comply with laws relating to money laundering, fraud, terrorist financing, bribery and corruption, and international sanctions. This may require us to process information about criminal convictions and offences, to investigate and gather intelligence on suspected financial crimes, fraud and threats and to share data with law enforcement and regulatory bodies;
c) assess affordability and suitability of credit for initial credit applications and throughout the duration of the relationship, including analysing customer credit data for regulatory reporting;
d) share data with police, law enforcement, tax authorities or other government and fraud prevention agencies where we have a legal obligation, including reporting suspicious activity;
e) deliver mandatory communications to customers or communicating updates to product and service terms and conditions;
f) investigate and resolve complaints;
g) conduct investigations into breaches of conduct and internal policies by our employees;
h) manage contentious regulatory matters, investigations and litigation;
i) provide assurance we have effective processes to identify, manage, monitor and report the risks we are or might be exposed to;
j) coordinate responses to business-disrupting incidents and to ensure facilities, systems and people are available to continue providing services; and
k) provide reasonable adjustments.
C - Legitimate Interest
We may process your information where it is in our legitimate interests do so as an organisation or where it is in the legitimate interest of a third party.
a) We may process your information in the day-to-day running of our business, to manage our business and financial affairs and to protect our customers, employees and property. It is in our interests to ensure that our processes and systems operate effectively and that we can continue operating as a business. This may include processing your information to:
i) monitor, maintain and improve internal business processes, information and data, technology and communications solutions and services;
ii) ensure business continuity and disaster recovery and respond to information technology and business incidents and emergencies;
iii) ensure network and information security, including monitoring authorised users’ access to our information technology for the purpose of preventing cyber-attacks, unauthorised use of our telecommunications systems and websites, prevention or detection of crime and protection of your personal data;
iv) provide assurance our material risks and reporting to internal management and supervisory authorities on whether we are managing them effectively;
v) perform general, financial and regulatory accounting and reporting;
vi) protect our legal rights and interests; and
vii) enable a proposed or actual sale, reorganisation, transfer or other transaction relating to our business.
b) It is in our interest as a business to ensure that we provide you with the most appropriate products and services and that we continually develop and improve as an organisation. This may require processing your information to enable us to:
i) identify new business opportunities and to develop enquiries and leads into applications or proposals for new business and to develop our relationship with you;
ii) send you relevant marketing information. We may show or send you marketing material online (on our own and other websites including social media platforms), or by email, SMS or post. We will not share your information with third parties for their own marketing purposes;
iii) understand our customers’ actions, behaviours, preferences, transactions, feedback and financial history in order to improve our products and services, develop new products and services, and to improve the relevance of offers of products and services offered by us;
iv) research your experiences with us and to monitor the performance and effectiveness of products and services;
v) assess the quality of our customer services and to provide staff training. Calls to and from us may be recorded and monitored for these purposes;
vi) perform analysis on customer complaints for the purposes of preventing errors and process failures and rectifying negative impacts on customers;
vii) compensate customers for loss, inconvenience or distress as a result of services, process or regulatory failures;
viii) combine your information with third party data, such as economic data in order to understand customers’ needs better and improve our services; and
ix) consider your welfare needs including any adjustments, support or different products or services which might be suitable or protections to put in place.
c) It is in our interest as a business to manage our risk and to determine what products and services we can offer and the terms of those products and services. It is also in our interest to protect our business and customers and others by preventing financial crime, fraud and other criminal activities. This may include processing your information to:
i) carry out financial and credit risk assessments;
ii) manage and take decisions about your products and services;
iii) carry out checks (in addition to statutory requirements) on customers and potential customers, business partners and associated persons, including performing adverse media checks, screening against external databases and sanctions lists and establishing connections to politically exposed persons;
iv) share data with credit reference, fraud prevention agencies and law enforcement agencies;
v) trace debtors and recovering outstanding debt;
vi) for risk reporting and risk management;
vii) perform checks, monitoring and investigation to prevent and detect crime including in relation to money laundering, fraud, terrorist financing, bribery and corruption, trafficking and international sanctions. It may involve investigating and gathering intelligence on suspected financial crimes, fraud and threats and sharing data with third parties including law enforcement and regulatory bodies;
viii) responding and participating in industry improvements and consultations; and
ix) responding to and investigating complaints both raised directly to us, or raised through a third party such as a regulatory body.
Schedule B – Fair Processing Notice for the Purposes of Fraud Prevention and Detection
1 General
1.1 Before we provide services, goods or financing to you, we undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process personal data about you.
1.2 The personal data you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and money laundering, and to verify your identity.
1.3 Details of the personal information that will be processed include, for example: name, address, date of birth, contact details, financial information, employment details, device identifiers including IP address and vehicle details.
1.4 We and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
1.5 We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested. CIFAS has published its assessment of the legitimate interests in relation to the National Fraud Database.
1.6 Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
1.7 As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct, or is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity. You have rights in relation to automated decision making: if you want to know more please contact us:
By post: Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW
By email
2 Consequences of Processing
2.1 If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services or financing you have requested, or to employ you, or we may stop providing existing services to you.
2.2 A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact the organisation that referred you to this page.
3 Data Transfers
3.1 Fraud prevention agencies may allow the transfer of your personal data outside of the UK. This may be to a country where the UK Government has decided that your data will be protected to UK standards, but if the transfer is to another type of country, then the fraud prevention agencies will ensure your data continues to be protected by ensuring appropriate safeguards are in place. Cifas has published more information about data transfers.
4 Your Rights
4.1 Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data, request that your personal data is erased or corrected, and request access to your personal data.
4.2 For more information or to exercise your data protection rights, please contact us:
By post: Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW
By email
4.3 You also have a right to complain to the Information Commissioner's Office which regulates the processing of personal data.
Schedule C – Fair Processing Notice for the Purposes of Employment Validation
1.1 You expressly authorise us to conduct a search for, and if available, obtain details of your employment with those employers named in your application for finance us, including your salary, job title, length of service and place of work (“Employment Data”), which shall be used to assess you eligibility for finance with us.
1.2 A search of your Employment Data will be conducted via our partner Equifax Limited, in accordance with its Privacy Policy, and a request will sent to His Majesty’s Revenue and Customs (“HMRC”), and you will be directed to a web address (or notified of the same) asking you to provide your HMRC authentication details and enable disclosure of your Employment Data.
1.3 We will not have sight of, or access to, any of your HMRC authentication information.
1.4 You always have the option not to give your authorisation, but please be aware that without it, we may not be able to able to provide certain products or services to you, or alternative verification your Employment Data may be required, which may cause some delay.
Schedule D – Additional Processing by Third-Party Service Providers: Voyc
1 General
1.1 In addition to the general processing activities outlined in this privacy notice, AutoMoney uses the services of Deepsight BV trading as Voyc (“Voyc”) to automatically transcribe and quality-assure customer phone calls. This section provides specific information about the processing of personal data by Voyc, including sensitive personal data.
2 Scope of Data Processing
2.1 Voyc may process the following types of personal data:
a) basic personal information (e.g., name, contact details);
b) financial information (e.g., agreement data); and
c) sensitive personal data (e.g., health information, criminal records).
3 Purpose of Data Processing
3.1 Voyc processes personal data, including sensitive personal data, using artificial intelligence for the following purposes:
a) transcription of phone calls;
b) quality assurance of customer interactions; and
c) internal use and improvement of Voyc’s services.
4 Quality Assurance Example
4.1 Voyc provides the technology and platform for AutoMoney, enabling the following quality assurance activities for up to 100% of phone calls:
a) identification of complaints; ensuring that our processes effectively identify and address customer complaints;
b) identification of customers with characteristics of vulnerability; recognising signs of vulnerability in customers to provide appropriate support and services;
c) compliance with regulatory requirements; verifying that customer interactions adhere to regulatory standards and guidelines;
d) enhancing customer service; monitoring and improving the quality of customer service provided during phone calls;
e) training and development; evaluating call handling to identify training needs and improve staff performance;
f) accuracy of information provided; ensuring that the information provided to customers during calls is accurate and complete;
g) adherence to our policies and procedures; checking that our customer service agents follow our established policies and procedures during interactions;
h) resolution efficiency; assessing the effectiveness and timeliness of issue resolution during customer interactions;
i) customer satisfaction; gathering insights on customer satisfaction and identifying areas for improvement based on call analysis;
j) fraud detection and prevention; identifying potential fraudulent activities during calls to enhance security and protect customers;
k) tone and empathy assessment; evaluating the tone and empathy shown by our customer service agents to ensure positive and supportive interactions;
l) root cause analysis; identifying common issues and their root causes to implement corrective actions and improve processes;
m) innovation and best practices; identifying innovative practices and successful strategies in customer interactions to share across our teams and implement more broadly;
n) identification of customer needs; understanding and anticipating customer needs to enhance service delivery;
o) behavioural analysis; analysing customer behaviour patterns to improve customer experience and interaction strategies;
p) service optimisation; identifying opportunities to optimise services and streamline processes;
q) feedback collection; gathering and analysing customer feedback during calls to improve products and services;
r) adherence to customer commitments; ensuring that commitments made to customers during calls are tracked and fulfilled;
s) crisis management; monitoring calls for potential crisis situations and ensuring appropriate responses are implemented;
t) language and communication assessment; evaluating language proficiency and communication skills of customer service representatives; and/or
u) ensuring fairness and non-discrimination; monitoring calls to ensure fair and non-discriminatory treatment of all customers.
5 Legal Basis for Processing
5.1 The processing of personal data by Voyc is based on the following legal grounds:
a) legitimate interest of AutoMoney in maintaining and improving customer service quality; and/or
b) compliance with legal obligations, particularity regarding the processing of personal sensitive data.
6 Data Sharing and Use
6.1 AutoMoney grants Voyc a royalty-free, non-exclusive, non-transferable, and non-sub licensable right to use data (including metadata) from the transcriptions and analyses solely for internal use and improvement of Voyc’s services. Voyc is obligated to handle this data in accordance with applicable data protection laws and the terms agreed upon with AutoMoney.
7 Safeguards and Security
7.1 AutoMoney ensures that Voyc implements appropriate technical and organisational measures to protect personal data, particularly sensitive personal data, from unauthorised access, disclosure, alteration, or destruction.
8 Data Subject Rights
8.1 Data subjects have the following rights concerning their personal data processed by Voyc:
a) right to be informed about the processing activities;
b) right to access their personal data;
c) right to rectification of inaccurate personal data;
d) right to erasure of personal data;
e) right to restrict processing;
f) right to data portability; and
g) right to object to processing.
8.2 To exercise these rights or for any queries regarding the processing of personal data by Voyc, please contact us:
By post: Unit 3 Brooklands, Moons Moat Drive, Redditch, B98 9DW
By email