Burnley Savings and Loans Limited (“We / Us”) is committed to protecting and respecting your privacy.
For the purpose of the General Data Protection Regulation, the data controller is Burnley Savings and Loans Limited of 30 Keirby Walk, Burnley, Lancashire, BB11 2DE.
You may contact us directly with regards to any data protection concerns at firstname.lastname@example.org
Information we may collect from you, the purpose for processing your information and the lawful basis for processing
- Information that you provide by filling in forms on our site www.burnleysavingsandloans.co.uk (our site). This includes information provided at the time of registering to use our site, subscribing to our service, posting material or requesting further services. This is so we can respond to your request.
- When you report a problem with our site. This is so can we can respond to the error, where appropriate.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them. The legitimate interest pursued is to improve our organisations performance, and to gain insight from our customers to offer them better products.
- If you contact us with a general query, we may keep a record of that correspondence. The legitimate interest pursued is to improve our organisations performance and to respond to our customers effectively.
- We may pass your information on to our 3rd party recovery agents, to enable them to collect assets or outstanding balances for you. The legitimate interest pursued is one of ensuring our organisation is not at a fundamental financial loss.
- We may collect information about your computer, including where available your IP address, operating system and browser type. Also details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, for system administration. This is statistical data about our users’ browsing actions and patterns. Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data. This data is anonymised and does not provide the ability for us to identify you. The legitimate interest pursued is to analyse the performance of our website and ensure it is meeting the requirements of our customers.
- If you contact us with regards to your account, we will keep a record of that correspondence
- We will process your personal information in order to manage your account with us. We will also retain this information after your account is closed, in line with industry standards for financial services companies.
- For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on your browser or the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. Some of the cookies we use are essential for the site to operate. Cookies are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
- Except for essential cookies, all cookies will expire after 30 days.
- We may also ask you for information when you enter a competition or promotions.
Sensitive personal data:
We do not normally collect or store sensitive personal data (such as information relating to health, beliefs or political affiliation) about our customers. However, there are some situations where this will occur. If this does occur, we’ll take extra care to ensure your privacy rights are protected.
The categories of recipients of your data:
We will share your data with the following categories of recipient:
- Credit reference agencies
- Brokers to assist in the opening of accounts or to resolve issues you may raise.
- Recoveries or trace agents if required.
- Our IT managed service providers who host our applications to enable us to manage your account
- Legal parties, including our solicitors and courts
Sending data outside of the European Economic Area:
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How Long we store information:
We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored for depends on the information in question and what it is being used for. For example, if you ask us not to send you marketing emails, we will stop storing your emails for marketing purposes (though we’ll keep a record of your preference not to be emailed).
We continually review what information we hold and delete what is no longer required. We never store payment card information.
Under the GDPR, you have the right to ‘block’ or request the deletion or removal of personal data to prevent further processing. This right to erasure is also known as ‘the right to be forgotten’. Specific circumstances in which you can request the deletion or removal of personal data includes:
- Where the personal data is no longer necessary for the purposes for which it is collected or otherwise processed
- Where you withdraw consent
- When you object to the processing and there is no overriding legitimate interest for continuing the processing
- Where the personal data was unlawfully processed (i.e. otherwise in breach of the GDPR)
- Where the personal data has to be erased in order to comply with a legal obligation
- In case a deletion is not possible due to legal, statutory or contractual retention periods, or if it requires disproportionate efforts or prejudices your legitimate interests, the data will be blocked instead of deleted.
You also have the right to see what personal information we are processing. This can be requested by emailing us using info@email@example.com. There will be no charge for this service. If however, you log multiple requests, then there may be nominal charge which we will request to cover the administration of these requests.
You may also request from us a copy of the personal data which has been processed through automated means This will be provided in a structured, commonly used, and machine-readable format (where technically feasible) which you may then transmit to another controller. You have the right to request us to send this to another controller on your behalf, but only if this is technically feasible for us to do so.
You have the right to withdraw your consent for us to collect, process and store your data at any time. If you wish to withdraw your consent, please confirm this in writing to our info@firstname.lastname@example.org.
If you have a complaint about any aspect of data protection or if you feel your privacy has been breached by us, we would like to hear from you. To help us investigate and resolve your concerns as quickly as possible, please contact us at info@email@example.com.
If you are unhappy with the final response you have received from Burnley Savings and Loans, you have the right to complain to the supervisory authority, the Information Commissioner’s Office (ICO) within three months of your last meaningful contact with us. You can call the ICO on 0303 123 1113 or by visiting their website: https://ico.org.uk/.
You will be required to provide personal data, and this is a requirement to enter in to contract. You are obliged to provide this data. Failure to provide this personal data may mean we will be unable to execute the contract and could result in termination of our services.
If at any time we intend to further process your personal data for a reason not originally communicated, we shall provide you, prior to that processing taking place.