Privacy Policy

Buyline Ltd. is committed to protecting your information when you use our services, obtain our products or otherwise interact with us.

This privacy notice was last updated on 28 May 2018.

 

1. Who we are

Buyline Ltd. collects, processes and stores certain personal data about you. When we do so we are required to comply with data protection legislation.

For the purposes of the Data Protection Act 2018, Buyline Ltd is a data controller. Our registered and trading address is: Unit 11, Basepoint Business Centre, Oakfield Close, Tewkesbury GL20 8SD

 

2. What this notice applies to 

This notice applies to personal information we collect about you when you apply for any of our products or services, when you use our website, when you otherwise interact with us (for example when you contact us) or that we collect from third parties, as described in this privacy notice. It tells you:

  • What information we collect, and from whom;
  • How we use that information;
  • Who we share your information with;
  • How your information is protected;
  • Your rights in relation to information we hold about you; and,
  • How long we keep your information.

 

3. Changes to our privacy notice

We keep our privacy notice under regular review. We encourage you to review this page regularly for the latest information on our privacy practices. If we make material changes, we will notify you by updating our website together with any other methods as may be appropriate.

 

4. The information we collect

Information you provide voluntarily to us:

 You may give us your personal information when you:

  • apply for a loan;
  • use our products and services;
  • correspond with or contact us or raise any concerns with us;
  • request contact through our website;
  • register for an online account with us;
  • contact our Call Centre;
  • communicate with us regarding the repayment of your loan/s;
  • interact with us on social media platforms;
  • sign up to our newsletter;
  • agree to be referred to us; or,
  • otherwise interact with us.

Please note that telephone calls to and from our office are recorded for monitoring and training purposes and to store customer feedback and information.

 

Information we collect automatically:

We, or the companies which work on our behalf, collect certain related data of visitors to our website automatically, including:

  • your use of our website (for example, what pages you have viewed and what links you have clicked on);
  • how you arrived at our website in the first place;
  • your website journey;
  • information about your operating system, IP address and browser type; and,
  • your login details.

For further information please see our Cookies notice.

 

Information we collect from third parties:

We also collect information from other companies, for example to supplement the data we hold. Where this happens, we will take appropriate steps to assure ourselves that your information was collected legally.

For example, we collect information from credit reference agencies (CRAs) in order to assess your loan application, to trace your whereabouts and we may also verify information you’ve given us in the same way. You can find out more information about CRAs in section 7.

We collect information when you’ve agreed to be referred to us (for example, credit brokers).

We also collect information from those working on our behalf, for example, our debt recovery partners who may share information with us in relation to the repayment of your loan/s.

Information which is publicly available:

Your personal information may be available to us from external publicly available sources, for example, public registers such as the insolvency register and press reports. Depending on your privacy settings for social media services, we may also access information from those services.

 

5. The type of information we process

We collect, store and use the following types of information:

  • your name and contact details (including your postal address, telephone numbers and email addresses);
  • lifestyle information (such as your marital status and living arrangements);
  • identification information (such as your date of birth, identity documents, proof of address etc.);
  • financial information (for example, your bank and debit card details, salary information, payslips, credit commitments and debts, mortgage details, financial expenditure, utility bills, bank statements, credit reports and your entitlement to benefits);
  • employment information;
  • health information;
  • details about the product and services we provide to you and how you use them;
  • information you provide on other individuals (for example, dependants and third parties you may have instructed to act on your behalf);
  • correspondence you have had with us;
  • information about your computer / mobile device and the telephone number you call us from; your visits to our website as mentioned in section 4;
  • any other information provided, collected or shared with us as described in section 4.

 

6. How we use your information and on what legal grounds

We use information we collect and receive for a number of purposes, including to:

  • deliver our products and services;
  • engage with you to understand your situation;
  • assess your creditworthiness and whether you can afford our loan product/s;
  • verify your identity;
  • verify the accuracy of certain information you have provided to us;
  • prevent criminal activity, fraud and money laundering;
  • to make and manage payments;
  • administer your account/s and communicate with you;
  • trace you if you have an outstanding loan and you have moved without informing us;
  • recover money which you owe;
  • respond to complaints and seek to resolve them;
  • develop and enhance your online experience;
  • develop and manage our products and services and test new products and services;
  • better understand our customers in general;
  • let you know about products and services that may be of interest to you (unless you ask us not to);
  • put you in touch with other companies whose products or services may be of interest; communicate with regulators and law enforcement agencies;
  • administer and keep safe and secure our website and internal operations;
  • train our staff and measure the quality of services we provide;
  • to carry out risk management; and,
  • comply with laws and regulations applicable to us.

 

The legal grounds we rely on to process your information

We rely on the following legal grounds:

  • to enter into or carry out a credit agreement we have with you;
  • to pursue our legitimate interests (for example, to facilitate your use of our website);
  • to establish, exercise or defend our legal rights;
  • your consent; and / or,
  • to fulfil a legal duty.

When we rely on our legitimate interests, these are usually for:

  • keeping our records up to date;
  • charging for products and services;
  • developing products and services;
  • marketing our products and services;
  • administering our website and keeping it safe and secure;
  • identifying customer trends; and,
  • generally enhancing and improving our business, products and services.

 

Special category data

Where we process information that is particularly sensitive (“special category data”), such as health data, we process that information on the basis that you have provided explicit consent for us to do so or on the basis that processing is necessary in the establishment, exercise or defence of legal claims.

We process personal data related to health:

  • in order to assist you in finding solutions to repayment of your loan/s;
  • to establish, exercise or defend our legal rights, for example, in order to defend ourselves against any legal claims or pursue any legal claims ourselves; and,
  • where we have a legal or regulatory obligation to use such information, for example, when regulators such as the Financial Conduct Authority (FCA) and the Information Commissioner’s Office (ICO) wish us to maintain certain records of any dealings with you.

 

7. Sharing your information

We, or individuals and companies working on our behalf, share your information as follows:

 

Data processors

In order to fulfil contracts and to pursue our legitimate interests, we may share your information with third parties who provide services to us. For example, debt recovery partners, IT suppliers, payment processors and other financial institutions.

We do not authorize these companies to use or disclose your personal information except for the purpose of providing the service. Buyline is based in the UK but some data processors may be based outside of the European Economic Area (EEA). See section 13 for more information.

 

Credit reference agencies

In order to process your application, we will perform credit and identity checks on you with one or more credit reference agencies (“CRAs”). We may also verify some of the information you gave to us when you applied, for example, your income and credit commitments.

We will also share information with CRAs while you have a relationship with us, for example, how you manage your loan account/s with us.

And, we will inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, we will notify CRAs and they will record any adverse payment markers (such as late or missed payments or default) and the outstanding debt. This information may be supplied to other organisations by CRAs.

When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders.

If you require more information about how the CRAs use your personal data, please look here: www.equifax.co.uk

 

Group companies

We may share your information between companies in our group in order to provide you with our products and services and to develop and enhance our products and services. Buyline Ltd. is wholly owned by Precise Prediction Finance AS, a company based in the EEA and with similarly high standards in the treatment of your information.

 

Corporate transactions

We may share information with third parties involved in any reorganisation, restructuring, merger or sale, or other transferring of assets (including assigning any of our rights or obligations under any agreement we may have with you), provided the receiving party gives appropriate assurances of compliance with the general data protection regulation.

 

Other third parties

We may share information with individuals or companies you have instructed to act on your behalf, for example, debt management companies, debt advice organisations, family and friends.

We may also disclose your information to regulators such as the FCA and ICO, law enforcement agencies and courts and tribunals where we have a legal obligation to do so or where we believe compliance with the request to be fair, reasonable and lawful, for example, to prevent or investigate security breaches fraud and other crimes.

We will also disclose information:

  • to establish or defend legal claims;
  • to enforce our terms and conditions;
  • to ensure the safety and security of our users, customers, third parties and staff; and
  • to protect our rights and property and those of our customers and staff.

 

8. Your rights 

You have the following rights in relation to the personal data we hold about you. In order to help us to respond efficiently to your request, we may ask you to verify your identity. You can exercise your rights by emailing us at info@buyline.co.ukor writing to us at the address in section 1.

It is normally free to exercise your rights. However, in some circumstances, we may charge a reasonable fee, for example, if your request is manifestly unfounded or excessive or repetitive. We will tell you if this is the case.

We may refuse to act on your request to exercise a right. Where we do so we will explain why and tell you about any further rights you may have.

We will do our best to respond to you as quickly as possible and within one month of the receipt of your written request. If we need longer to respond, for example, due to the complexity of your request, we will tell when you can expect to hear from us.

 

Right of Access

You can ask us to confirm whether or not we have and are using your personal data. You can also ask to get a copy of your personal data from us and for information on how we process it.

We may need to verify your identity to provide information to you and, if a third party is acting on your behalf, we may need to check you have given your consent to us disclosing this information to them.

Sometimes, we may release the information to you directly rather than your third party so as to give you the opportunity to choose what information you may share with them.

 

Right of Rectification

We want to make sure that your personal information is up to date and accurate. Please always let us know if you think it is not and needs updating. You can contact us by emailing us at info@buyline.co.ukor by writing to us at the address in section 1.

We may need to verify the accuracy of any information you provide.

 

Right to Restrict processing

You can ask us to pause processing your information in certain circumstances, for example, when you are disputing its accuracy.

 

Right to Object / Withdrawal of Consent

You can object to any use of your personal data in the following situations:

  • Direct marketing – you can ask us to stop processing your personal data for direct marketing purposes at any time. We will suppress your data to respect your preference.
  • If the purpose for processing is for our legitimate interests, however, this is not an absolute right.

Please be aware that you do not have a right to object to our processing your data where we are doing so in order to enter into a contract with you or when exercising our rights and obligations under our credit agreement with you.

 

Right of Erasure

In some circumstances, you may have a right to erasure (to be “forgotten”).

If there are legitimate grounds for us to continue processing your information or if the processing is for the establishment, exercise or defence of legal claims or to comply with a legal obligation then we may not be able to comply with your request.

 

Right to Portability

You can ask us to transfer your data electronically to you or another organisation in certain circumstances. You may only exercise this right where we use your personal data in order to perform a contract with you, or where we asked for your consent to use your personal data. This right does not apply to any personal data which we hold or process outside automated means.

 

Finding out more about your rights

You can find out more information at: https://ico.org.uk/your-data-matters

Please be aware that you are under no obligation to provide us with your personal information. However, failure to do so may prevent us from being able to provide you with products and services or to communicate with you.

 

9. Automated Processing

The way we analyse personal data in relation to our services may involve profiling. This means that we may process your data using software that is able to evaluate your personal aspects and predict risks or outcomes.

We may also use automated means to make decisions about you related to:

  • credit and affordability assessment checks to determine whether to accept your application (for example, to consider a range of factors such as how much income you have and outgoings and how you have kept up on payments in the past);
  • credit limit decisions;
  • anti-money laundering and sanction checks;
  • identity and verification checks;
  • fraud checks;
  • screening of individuals who may be classed as ‘politically exposed’;
  • determining if an account is dormant / has a nil balance and dealing with its closure.

We may make automated decisions about you where such decisions are necessary for entering into a contract, where such decisions are required or authorised by law (for example, for fraud prevention purposes) or where it is as reasonably way of complying with regulation.

You can contact us to request an automated decision be reviewed by a human being.


10. How long we keep your information

We will only keep information about you for as long as we need to fulfil the purposes for which we are processing your information. After that we will either delete or anonymise your data.

The criteria we use to determine how long to retain data includes:

  • the type of data and the nature of our relationship with you (for example, whether you have an outstanding loan with us);
  • the original purpose of the processing;
  • any legal or regulatory obligations (for example, to comply with Money Laundering Regulations or HMRC requirements);
  • any other legitimate interest we may have (for example, in the establishment, exercise or defence of legal claims or complaints, to assist with fraud prevention and monitoring);
  • any other legitimate reason (for example, to maintain records for audit purposes or to maintain records of those who do not wish to receive marketing from us);

 

11. Keeping your information secure

We take security of your information very seriously indeed and we maintain appropriate safeguards to prevent the information you have provided from being accidentally lost, used or accessed in an unauthorised way.

However, since the internet is not a 100% secure environment, we cannot ensure or warrant the security of any information you transmit to us. We have controls and processes to minimise the risk of a data breach occurring. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

 

12. Marketing and advertising

If you’ve previously indicated to us that you’d like to hear about the products and services of our group, or other carefully selected companies, we or they may contact you by post, telephone, email or SMS. You can change your preferences / unsubscribe at any time – just send us an email to info@buyline.co.uk. We’ll action your request as soon as we reasonably can.

 

13. Sending information outside of the European Economic Area (EEA)

Although we do not routinely transfer personal information outside the EEA, we may need to transfer your personal data to companies within our group or to one of our suppliers (“data processors”) who are based outside of the EEA. We will take appropriate steps to ensure that your data is protected.

Please see section 7 for more information on who we share information with.

 

14. Your responsibilities

It is your responsibility to provide us with honest, accurate and up to date information both when you apply for a loan with us and during our relationship with you.

If false or inaccurate information is provided to us and fraud is identified, details may be passed to fraud prevention agencies, or other law enforcement agencies. Further details explaining how the information held by fraud prevention agencies may be used can be found in the credit agreement we will provide you with prior to your applying for a loan with us. Once you have been approved for a loan, your credit agreement can be accessed via your online account, by using the login details we will provide you with.

You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to your email communications at all times. There are some simple steps that you can take to keep your information secure; www.getsafeonline.org provides practical advice on how to protect yourself, your computers and mobile devices against fraud, identity theft, viruses and many other problems encountered online.

 

15. Links to other websites

Our site may contain links to other websites. The information contained within this notice does not cover those links. You should read the privacy notices on the other websites you visit, or contact those companies for information on how they collect and use your information.

 

16. Our use of cookies

A cookie is a small file of letters and numbers that is downloaded to your computer or device when you visit a website. Cookies are used by many websites and can do a number of things such as remembering your preferences and counting the number of people visiting a website.

We, and the companies who work on our behalf, use cookies and other tracking technologies on our websites. Please read our Cookies Policy for more information.

 

17. Children / Minors

Those under the age of 18 are not eligible for our services.

 

18. Questions or concerns

If you have a question, complaint or query with regards to how we use your information, please contact us and we will do our best to resolve it as soon as possible. If it’s a complaint concerning your data security and we have failed to deal with it to your satisfaction, you can lodge a complaint with the Information Commissioner’s Officer (ICO) or other relevant supervisory authority. You can complain to the ICO at www.ico.org.uk/global/contact-us