Privacy Policy

Evergreen Finance London Limited are committed to protecting and respecting your privacy at all times.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed. In this policy, we will also outline the lawful basis for processing your data, why we wish to collect the data, and what your rights are in regards to the data.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the General Data Protection Regulations, the data controller is Evergreen Finance London Limited of 5 Broadbent Close, Highgate, London, N6 5JW.

 

Security

We understand the importance of data security, how we collect personal data from you and how it is managed thereafter. All information that you provide to us, or that is collected about you, is stored on our secured servers. We use safeguards such as firewalls and physical access barriers to ensure that your personal data is protected.

Our systems use role based authorisation and authentication where any action made is logged (e.g. to view, edit or delete data of any kind) as an enhanced security measure. Any repayment transactions that take place will be encrypted using secure socket layer (SSL) technology, and all debit card details are encrypted on our system to comply with PCI DSS (Payment Card Industry Data Security Standard) requirements.

Information we collect about you

We will collect and process the following data about you from our application form:

  • Your full name, date of birth and address
  • Contact details including your mobile telephone number, email address and home telephone number
  • Financial information including your income and expenditure, residential status, number of dependants, bank details and purpose of the loan
  • Employment details including your employers name, job title, work email address and work telephone number
  • The IP Address used to make the application

Upon completion of the application form we may also request the following data from you:

  • Debit card details
  • Updated personal data (such as updated address, updated contact details, updated employment etc.)

If you contact us via email, SMS, post of telephonically we may keep a record of the correspondence or conversation. We may also collect data from third party sources, such as social media, credit reference agencies, third party tracing services and debt collections agencies. This data will only be collected and stored if deemed necessary and will not affect your rights.

The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found by accessing the full notice available under the heading “Fair Processing Notice (Fraud Prevention), below.

We will collect information from organisations that have your consent to share your data with us or for a separate legal basis for a specific or defined purpose. This could include for direct marketing or assessing your eligibility for a partner’s product which may be suitable for you – from public sources such as the Companies House register, the Individual Insolvency register or the ‘Open Register’ part of the electoral register. This may include tracing you if you have moved in order to recover monies owed to us. 

In some circumstances we may also collect and process special categories of personal sensitive information should you share it with us. This is to help ensure that our services are accessible and so that we can offer appropriate levels of support where required. We will only process and record special category/personal sensitive information data with your explicit consent to do so. 

BUD Open Banking data

As part of our application process, we offer the option of connecting to Open Banking for a safe and secure method of expediting and simplifying the application process. This is an optional step in the process and should you opt-in you can at any time withdraw your permission by contacting your own bank.

Evergreen Finance partners with BUD to securely request account information from your bank. BUD cannot do this without your permission. This information would include account details, account transactions, and regular payment details in order to provide an accurate picture of your current and future financial situation. This information assists in our decision as to whether or not a loan is affordable to you now and will remain affordable in the future.

If you opt-in to BUD Open Banking service the information is initially used as part of the underwriting process. Once you opt-in to Open Banking, our access to your banking data is valid for a period of 6 months unless you contact your bank to withdraw that access. During that 6 months, we may access your financial information to better assist and support you in managing your loan with us. 

BUD is approved by the Financial Conduct Authority (FCA) and the banking institutions to provide Account Information Services (AIS) and Payment Initiation Services (PIS) in the UK under licence numbers 793327 and 765768. We obtain read-only access to your information via bank-grade encryption. 

How we will use the information collected from you

The aforementioned data will be processed for the following purposes:

  • To process and complete your loan application with us.
  • We will search credit reference and fraud prevention agencies for information on all applicants. If you give us false or inaccurate information and we identify fraud, details may be passed to credit reference and fraud prevention agencies.
  • We will use the information provided to us by credit reference and fraud prevention agencies to verify your identity, help make our lending decisions, prevent fraud and/or money laundering and to manage accounts once we begin our relationship.
  • Any contact details provided may be used to contact you to discuss any relevant issues (such as arrears, underwriting verifications etc.) and to recover any monies owed.
  • Financial information will be used to ascertain your ability to meet prospective repayments in an affordable and sustainable manner.
  • To set up and process payments under the credit agreement repayment instalments. 
  • If you borrow from us and do not make the repayments due we may use your information provided to trace your whereabouts to recover outstanding debts.
  • The information we provide to the credit reference and fraud prevention agencies may be supplied to other organisations (via the credit reference and fraud prevention agencies) and used by them to perform similar checks.
  • To comply with our legal and regulatory obligations and duties.
  • To offer you products and/or services that may be of interest to you, where you have explicitly consented to be contacted for such purposes.
  • To pre-populate fields on our site to make it easier for you to navigate when you return to our website and login as an existing customer.
  • To help us analyse our business and develop marketing strategies, develop products and improve our advertising materials and our customer services.

We may process your information to assist with automated decision making often associated with finance companies and their ability to assess affordability. Any information provided to build such decisions within our internal scorecard will be anonymous and will not impact your rights.

If you are unhappy with the manner that we have made a decision you will be able to request further information from our Underwriting team, with the possibility of having the decision reviewed. Further information is given in our application correspondence issued if you wish to continue with your applications.

If we are unable to offer you a loan we may check your eligibility for loans and/or other relevant credit products from our affiliates and partnered brokers. We will always seek your explicit consent to do this before passing on your contact information to any third-party provider. 

Should you initially opt-in to any consent for marketing purposes you will always be provided with a clear and obvious opportunity to opt-out at any point within the customer journey. 

Lawful and legal grounds for processing your information and data retention

The general data protection laws allow use of personal data for the purpose of legitimate interests which does not outweigh the interests, rights or freedoms of customers.

Any data collected from you will be processed lawfully, fairly and in a transparent manner. The lawful basis for processing the following data is legitimate interests:

  • Your full name, date of birth, address, IP Address, and all employment details will be processed to confirm your identity and for fraud prevention purposes and to assess your affordability. A record of all of this information will be retained for a period of 6 years after the end of our business relationship.
  • Financial information will be processed to assess your affordability, which will ensure any loan approved is affordable and sustainable for you. A record of all of this information will be retained for a period of 6 years after the end of our business relationship.
  • Contact details will be processed for customer contactability, whether that be processing the application, verifying information that has been input or collecting repayment arrears. A record of this information will be retained for a period of 6 years after the end of our business relationship.
  • All of the above data may be transferred to a third party, such as a debt collection agency, if repayments are not met as outlined on your contract for a prolonged period of time (you will be notified prior to the transfer).
  • Your bank details will be processed to deposit the funds if your application is successful. A record of all of this information will be retained for a period of 6 years after the end of our business relationship.
  • Your debit card details will be processed to debit repayments using continuous payment authority. A record of all of this information will be retained for a period of 6 years after the end of our business relationship, although this information will be encrypted.

Disclosure of your information

Any personal data held about you may be disclosed for the following purposes:

  • Personal data will be shared with credit reference agencies to verify your identity,  help make our lending decisions, prevent fraud and/or money laundering and to manage accounts once we begin our relationship.
  • The account information will be shared with credit reference agencies regarding your repayment history and account status on a monthly basis throughout the life of the loan. This information will be uploaded by the credit agencies to form part of your credit file history which informs your credit score. Should you apply for other forms of credit or financial services, other lenders will see the loan history data on your file. 
  • Personal data may be transferred to a third party, such as a debt collection agency if repayments are not met as outlined on your contract for a prolonged period of time (you will be notified prior to the transfer)
  • Personal data may be transferred to law enforcement (such as the police) or other public bodies if there is a legal obligation and we are formally required to do so. 
  • Personal data may be transferred to legal service providers, IT service providers or payment processors as part of the day-to-day management and servicing of your loan. 

Members of staff at Evergreen Finance London Ltd. or appointed representatives (such as a debt collection agency) may be passed your data in order to service your account for any of the above purposes. Data will only be shared with these recipients on the basis that we have a legitimate interest in which to do so.

Personal data may be accessed by members of staff at Evergreen Finance London Ltd. or appointed representatives who operate outside of the EU. Any data processed in this manner will be accessed and used via our secure servers to ensure there is no risk to the confidentiality of your personal data, and any activity is logged to ensure security and accountability.

We will not pass on any of your details for marketing purposes, whether internal marketing or externally unless you actively consent to marketing via explicit opt-in.

Credit reference agencies (CRA's) and fraud prevention

When assessing your application, like most companies in consumer credit, we will run a credit check to verify your identity and assess your creditworthiness and affordability to check that the loan is affordable to you. When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders.

Credit reference agencies (CRAs) have compiled their own privacy notice which we recommend you review, titled Credit Reference Agency Information Notice (CRAIN). CRAIN will give you further information about how your data is handled by CRA’s. You can find out more information by visiting www.callcredit.co.uk/crain.

As part of the loan underwriting process, we supply your details, that you completed on the application form, to the CRAs in order for them to return your financial history and credit scoring to us. From this data, we make an informed decision as to your creditworthiness and affordability. The data includes financial situations, financial and credit history, and public information including the Electoral Register. 

If you have any further queries in regards to the above, you are able to contact the three main CRA’s in the UK using the following details:

We will continue to exchange information about you with CRAs while you have a relationship with us. We will also inform the CRAs about your accounts including settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt and payment performance. This information may be supplied to other organisations by CRAs.

Where you have a financial association with someone else, such as a joint account, your records may be linked, so you should discuss your application with them before you make it. CRAs will also link your records together and these links will remain on your and their files until such time as you or your partner successfully file for a disassociation with the CRAs to break that link.

If you believe that we are reporting inaccurate information regarding your credit activity to any of the above agencies I would urge you to contact us to discuss the inaccuracy in the first instance. You can send us an email using the address data@moneyboat.co.uk or contact our office on 0203 818 7470. More information is available by visiting the section entitled “YOUR RIGHTS”.

Fair Processing Notice (Fraud Prevention)

GENERAL

  1. Before we provide services, goods or financing to you, we undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process personal data about you.
  2. The personal data you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and money laundering, and to verify your identity.
  3. Details of the personal information that will be processed include, for example: name, address, date of birth, contact details, financial information, employment details, device identifiers including IP address and vehicle details.
  4. We and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
  5. We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested.
  6. Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.

AUTOMATED DECISIONS

  1. As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct, or is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity. You have rights in relation to automated decision making: if you want to know more please contact us using the details above.

CONSEQUENCES OF PROCESSING

  1. If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services or financing you have requested or to employ you, or we may stop providing existing services to you.
  2. A record of any fraud or money laundering risk will be retained by the fraud prevention agencies and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details above.

DATA TRANSFERS

  1. Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.

YOUR RIGHTS

  1. Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data; request that your personal data be erased or corrected; request access to your personal data.
  2. For more information or to exercise your data protection rights, please contact us using the contact details above.
  3. You also have a right to complain to the Information Commissioner’s Office which regulates the processing of personal data, but we would always advise contacting us directly in the first instance. 

How we store your data

We will retain your information for as long as it is needed to manage your account and for a maximum of six years from the end of our relationship with you unless a longer period is required by law or we have legitimate reasons for doing so.

In order to prevent unauthorised access or disclosure, we have implemented suitable physical, electronic and managerial procedures to safeguard and secure all data. This includes secure socket layer (“SSL”) encryption technology, storing data in encrypted form, and controlling access to data by physical security measures and procedures which meet or exceed the industry standard.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Website; any transmission is at your own risk and must be done in accordance with the Website terms of use.

Access to your information

Under the General Data Protection Regulations, you have the right to request access to the personal data held about you at any time. This is often referred to as a “Subject Access Request”.

You will not be charged for the information provided unless it is deemed excessive, unfounded or repetitive. If we deem this to be the case we may charge you a reasonable administration fee.

Your personal data will be supplied to you within one month of receipt of the request. If we require more time to process your request you will be informed.

If we refuse your request you will be informed of the reason why, and you will be able to raise a complaint to the supervisory authority or to a judicial remedy. More information is available by visiting the section entitled “COMPLAINTS REGARDING THE USE OF PERSONAL DATA”.

You can request access to your data by emailing data@moneyboat.co.uk. Please include the specific information that you are requesting, alongside details that allow us to locate your data (such as full name, reference number etc.) Alternatively, you can request access to your data by contacting us on 0203 818 7470 or writing to us 34 The Mall, High Street, BR1 1TS.

Your rights

Under the General Data Protection Regulations you have the following rights regarding the processing of your data:

Right to be informed: We aim to be completely transparent in the manner that we process your data. This privacy policy and our pre-contract information are written to provide a full overview of how we use your data. If you wish to query any aspect of this notice, or you have any questions not addressed in this notice, please email our dedicated mailbox data@moneyboat.co.uk.

Right to restrict processing: If you believe that any of the personal data that we hold on you, have processed about you, or will process about you is unlawful you can request that we restrict processing while we look at the points you have raised.

You can request for the data to be restricted by emailing data@moneyboat.co.uk.

Please include the personal data that you want to be restricted, why you want this data restricted and details that allow us to locate your data (such as full name, reference number etc.) 

Alternatively, you can request to restrict the use of your data by contacting us on 0203 818 7470 or writing to us 34 The Mall, High Street, BR1 1TS.

If we refuse your request you will be informed of the reason why, and you will be able to raise a complaint to the supervisory authority or to a judicial remedy. More information is available by visiting the section entitled “COMPLAINTS REGARDING THE USE OF PERSONAL DATA”.

Right to rectification: If you believe that any of the personal data that we hold on you, or have processed about you (such as credit reference agency data) is inaccurate you have the right to request that we correct the information. Please note that the record must be correct, factual and accurate and cannot be amended or altered without a justifiable reason. 

You can request for the data to be rectified by emailing data@moneyboat.co.uk

Please include the specific information that you are disputing, alongside details that allow us to locate your data (such as full name, reference number etc.) Alternatively, you can request data rectification by contacting us on 0203 818 7470 or writing to us 34 The Mall, High Street, BR1 1TS.

If we refuse your request you will be informed of the reason why, and you will be able to raise a complaint to the supervisory authority or to a judicial remedy. More information is available by visiting the section entitled “COMPLAINTS REGARDING THE USE OF PERSONAL DATA”.

Right to object: You have the right to object to the manner that we are processing your data if you do not believe we have legitimate grounds to engage in the processing activity.

You can object to the data being processed by emailing data@moneyboat.co.uk  

Please include the specific reason you are objecting to us processing your data, alongside details that allow us to locate your data (such as full name, reference number etc.) Alternatively, you can object to the use of your data by contacting us on 0203 818 7470 or writing to us 34 The Mall, High Street, BR1 1TS.

If we refuse your request you will be informed of the reason why, and you will be able to raise a complaint to the supervisory authority or to a judicial remedy. More information is available by visiting the section entitled “COMPLAINTS REGARDING THE USE OF PERSONAL DATA”.

Right to access: Please refer back to the section entitled “ACCESS TO YOUR INFORMATION” which explains your rights to obtain personal data.

The following rights will not be applicable if you opt to proceed with your application:

Right to erasure: In certain circumstances where personal data is processed you will be able to request that your information is erased.

Due to the legitimate interests involved in our processing of your personal data (such as fraud prevention and possible debt recovery) we will be unable to erase all data permanently unless there is an exceptional circumstance in which to do so that overrides the legitimate interests for processing.

You can contact us by emailing data@moneyboat.co.uk if you wish to obtain more information regarding the right to erasure. If you are unsatisfied with our explanation you will be able to raise a complaint to the supervisory authority or to a judicial remedy. More information is available by visiting the section entitled “COMPLAINTS REGARDING THE USE OF PERSONAL DATA”.

Right to data portability: Due to the legitimate interests involved in our processing of your personal data we will be unable to transfer your data as outlined by the General Data Protection Regulation.

You can contact us by emailing data@moneyboat.co.uk if you wish to obtain more information regarding the right to data portability, and why it does not apply in this instance. If you are unsatisfied with our explanation you will be able to raise a complaint to the supervisory authority or to a judicial remedy. More information is available by visiting the section entitled “COMPLAINTS REGARDING THE USE OF PERSONAL DATA”.

Where we require your explicit consent

We will not typically ask you for any ‘special categories’ of personal data or sensitive data, which generally includes information revealing an individual’s political opinions, racial or ethnic origin, religious or philosophical beliefs, or trade union membership, and genetic data, biometric data, data concerning health or data concerning an individual’s sex life or sexual orientation.

We may process personal data about your health or medical conditions, where we need to understand this in order to provide you with the most appropriate support possible or to make adjustments in how we provide you with information. We will not record any such information on your account without your explicit consent to do so or where we are required by law to do so.

Complaints regarding use of your personal data

If you are unhappy with the manner that we handle your personal data you can make a complaint directly to us. A copy of our full complaints procedure can be found on our website www.moneyboat.co.uk or you can also raise a complaint by:

Phone: +44 203 818 7470

Email: complaints@moneyboat.co.uk

Post: 34 The Mall, High Street, Bromley, BR1 1TS, England

If you remain dissatisfied with the manner that we have handled the complaint you may have the right to refer your complaint to the Financial Ombudsman Service (FOS). More information can be located by reviewing our complaints procedure on our website: www.moneyboat.co.uk

You can also refer your concerns regarding the handling of personal data to the Information Commissioner’s Office (ICO). You can contact them using the following methods:

Phone: +44 300 123 9123

Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF

Website: https://www.ico.org.uk/

Third party links

Our site may contain links to and from third-party websites. If you follow a link to any of these websites, please note that these websites have their own terms of use and privacy policies, and we do not accept any responsibility or liability for these policies.

Please check these policies before you submit any personal data to these websites and please note that we are not responsible for the services or representations of third parties.

Contact us

For any additional queries regarding this notice or how we intend to use your data please contact us using the details below:

Phone: +44 203 818 7470

Emaildata@moneyboat.co.uk

Post: 34 The Mall, High Street, Bromley, BR1 1TS, England

 

Policy Updated: July 2021