The data controller is Simplifi Financial Solutions Limited (Symplifi, we or us or our). We are a company registered in England and Wales (company number 10872479) and our registered address is Templeback, First Floor, 10 Temple Back, Bristol BS1 6FL. You can write to us at this address or email us at firstname.lastname@example.org.
What information will we collect?
We will collect any information we need from you in order to process your application as well as any other information which we reasonably need to operate your account:
Your name, date of birth, addresses, email and phone number;
Payment Card information. We will keep your debit card details;
If you are a borrower, details about you and the loan agreement you enter into or intend to enter into;
Details of when you contact us and when we contact you;
If a card is identified as having been used fraudulently then we will maintain a record of its use for reporting and preventing fraud;
We may record your customer journey on our website or app for usability monitoring, testing and improvement. However, we will not record any personal information you input.
We will record and/or monitor the calls, texts, emails and letters you send to us or receive from us.
We will also collect information for the purpose of staff training, and system improvement.
How will we collect your information?
Information you provide to us through our website and any communication with us;
From other individuals who nominate you as a potential guarantor;
From our partner lending institutions, in relation to loan applications and the status of a loan;
From services that we use to verify your identity, undertake credit or fraud checks, and process payments;
From third parties, such as partners, affiliate services, advertising networks, search engine providers, and social networking sites;
In customer surveys.
Our lawful basis to process your information
We collect personal information to allow us to:
perform the contract we have with you and deliver our services;
comply with our legal obligations to prevent financial crime, including money laundering and fraud; and
to pursue our legitimate interests.
We will collect your consent in order to process your information for marketing purposes, this includes contacting you about our product and our offers;
We will perform adequate checks to confirm your identity to ensure that we prevent criminal activity (i.e fraud, money laundering)
How will we use your information?
We will use your information:
To manage your account with us and any application, agreement or correspondence you may have with us;
To take and make payments;
To process requests for a SympliFi Guarantee and administer guarantees given to us;
To identify, prevent, detect or tackle fraud, money laundering and other crimes
To contact you via email, SMS, letter, telephone or send you push notifications about managing your guarantee with us, including if the Borrower you are guaranteeing has fallen into arrears or if we have out of date information;
To contact you about our products and services, unless you tell us that you prefer not to receive marketing;
To respond to complaints;
To exercise our rights set out in agreements or contracts.
We will also use your information to run our business in an efficient and correct way. This includes managing our financial position, business planning, statistical research, governance, monitoring risk and auditing.
To detect, investigate, report, monitor and analyse our business;
To carry out market research, to develop and manage our brand, product and services;
To carry out internal and external audits;
To test our processes and systems;
To obey laws and regulations that apply to us;
To manage security and risk for us and you.
How long will we store your information?
If you have an application with us, we will store your information up to 2 years depending on your individual circumstances (providing we have no reason to keep your data).
If you have a guarantee with us, we will keep your information indefinitely until your guarantee has been repaid or called. Once your guarantee has settled, and providing we have no ongoing relationship with you or any reason to keep your data, we will remove your information after 4 years.
Who we will share your information with?
We work with some carefully selected partners who use your personal data to enable us to deliver our services to you, and to meet their own legal and regulatory requirements. In particular, we would draw your attention to the following:
The GC Partners companies who process payments on our behalf;
Companies who verify your information for us;
In relation to Borrowers, Lenders in relation to the status of your loan;
When we are legally obliged to, for example, to the courts, to respond to your complaints, or to the police for criminal activity;
Our insurers if we need to manage claims;
Third party companies who help us document, record, assess and test our internal processes and systems
Processors acting on our behalf such as cloud storage providers, customer support systems, mail and telecom companies.
We are not responsible for the privacy policies or practices of our partners (or other websites you may click though to from our website). You should ensure you read and are fully aware of the terms and conditions and the privacy policies of third-party websites.
All the personal information we collect is stored within the UK (or the EEA), including information received from non-EEA jurisdictions. We will only transfer your personal information outside of the UK (or the EEA) where there is a legitimate reason for doing so and there are adequate safeguards to ensure the privacy and confidentiality of your personal information.
We recognise how important it is to protect and manage the information you share with us. We use computer safeguards such as firewalls and data encryption to keep your details safe. Our security systems meet or exceed industry standards and we are constantly monitoring internet developments to ensure our systems evolve as required.
Privacy and Confidentiality
We will treat all your personal data as private and confidential. We comply with and are registered under the data protection laws in the United Kingdom and take all reasonable care to prevent any unauthorised access to your personal data. Other than under the terms of this Notice, we will not disclose any personal data about you. Please be aware however that under certain circumstances we may be subject to a legal obligation to disclose personal data about you, or there may be a public duty to disclose that personal data.
Should you decide to complain about the service we have provided to you, we may be obliged to forward details about your complaint, including your personal data, to the relevant ombudsman. You can be assured that they are similarly obliged to adhere to data protection legislation and to keep your personal data strictly confidential.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law, you can complain to the Information Commissioner’s Office (ICO), contact details of which are:
Serious breaches should be reported to the ICO using its security breach helpline on 0303 123 1113 (open Monday to Friday, 9am to 5pm). Select option 3 to speak to staff, who will record the breach and give you advice about what to do next.
If you would like to report a breach in writing you can send it by post to the office address Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
Under the terms of the data protection legislation you have a number of rights. You may:
ask of a copy of the information, or some of the information, that we hold about you (rights of access and portability);
ask us to correct or remove any information about you that we hold (rights to rectification and erasure);
ask us to stop processing or restrict the processing of information that we hold about you (rights to restrict and object to processing, including profiling).
If you cannot do any of these things this through ‘My Account’, you may ask us to do so by writing to the Privacy Officer, by email, email@example.com or to the correspondence address above, and we will do this free of charge. We will respond to your request within 30 days.