Privacy and Cookie Policy for Newable Business Loans

Introduction

Newable Business Loans Ltd is a subsidiary of Newable Ltd (both “Newable”), and is committed to implementing leading data protection standards and to respecting human rights in data management. This policy sets out how Newable will collect, use and protect an individual’s personal data, including data from Newable’s websites. It will also inform you about your privacy rights and how the law protects you. Newable is also committed to obtain user data through lawful and transparent means, with your explicit consent, where required and will only collect and process your data, limited to the stated purpose.

If you have any questions about this Privacy Notice or any questions or concerns regarding the manner in which your personal data is being processed, then please send your query to the Data Protection Officer, detailed below.

1. How Your Personal Data is Collected

Newable is the Data Controller for personal data about clients, event attendees, newsletter subscribers or when sending marketing material, which you expect to receive or have consented to receive.

Newable uses different methods to collect data from and about you including through:

Direct Interactions – you may give us your identity, contact and financial data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

Newable will also collect anonymised statistics to improve its website.

2. The Data we Collect about You

Personal data means any information about an individual from which that person can be identified. It does not include anonymised or aggregated data, where it is not possible to identify an individual from the data.

We collect certain personal information from you when you ask us to provide, or express an interest in our services.

This includes:

 

 

 

 

 

 

3. How do we use the personal information we collect?

We use the personal information that you provide to us for the following purposes:

 

 

 

 

 

 

 

 

 

4. What is our legal basis for using personal information?

We will only use your personal information if we have a lawful basis for doing so. In particular, we will only use your personal information:

 

 

 

 

 

 

 

 

 

 

5. Consent to process and criminal records information

If you would like to receive certain products and services from us, we may ask you to

provide certain types of sensitive personal information about you, in order for us to provide those services. In particular:

 

 

 

We will only ever use this information with your consent, which we will obtain from you at the time. This information will only ever be used to assess your suitability for products and services which you have asked us about, and to provide those products and services to you.

 

We will share this information with relevant third-party organizations to enable us and them to provide the services you have requested.

6. We may transfer personal information outside the UK and the EEA

We or third parties with whom we share personal information in accordance with this

privacy policy, may need to transfer personal information provided to us outside the

UK and the EEA in order to provide our services to you. This may include, for

example, transferring personal information to our suppliers, legal advisers,

consultants and subcontractors operating outside the UK and the EEA. If we transfer

personal information outside the UK and the EEA, we will do so where one of the

following applies:

 

and/or the European Commission which means that the recipient country is deemed to provide adequate protection for such personal information.

 

we have in place binding corporate rules with such member which safeguard the personal information.

 

recipient which have been approved by the UK Information Commissioner’s Office. These model contractual clauses include certain safeguards to protect the personal information.

 

7. With whom do we share personal information?

We may share personal information with third parties in the following circumstances:

● We share your personal information with third party insurance providers, CRAs, FPAs, mortgage companies, lenders, and other service providers (or organizations acting on their behalf) in order to provide services you have requested or expressed an interest in.

We share your personal information with third parties which provide technical, administrative or professional services to us, including for example, IT, hosting, logistical, legal, or professional advisory or administrative services.

● We may share your personal information if we think it is necessary in order to comply with the law, regulatory or legal compliance requirements, or if we need to do so to protect, defend or enforce our legal rights, or the legal rights of others.

We may share your personal information with other members of our group, which are involved in the provision of our services, or which provide services to us.

● We may share your personal information for corporate reasons. For example, we may need to share personal information with third parties if we restructure our business, or if a third party wishes to invest in, or acquire the whole or part of our business.

 

8. Your Legal Rights (including Access to Your Data)

Under certain circumstances, you have rights under data protection laws in relation to your personal data. Newable will only use your personal data when the law allows us to.

As an individual whose personal data is processed by Newable, you have the right to:

The General Data Protection Regulation (“GDPR”) includes a right for individuals to have inaccurate personal data rectified or completed if it is incomplete. An individual can make a request for rectification verbally or in writing and Newable has one calendar month to respond to a request.

You have the right to know if Newable is processing your personal data, and if so, to be provided with a copy of such personal data, along with other supplemental information, regarding the nature and scope of the processing.

It is important that such requests are handled fairly, ensuring that the application of those rights do not undermine other obligations, such as preserving the data protection or privacy rights of third parties, preserving any confidential duties and ensuring compliance with law enforcement activity.

To exercise any of these rights, write or email your request to Joanne Wilkinson, Data Protection Officer at the address below or by email to dpo@newable.co.uk. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Newable will confirm to you that inaccurate personal data has been rectified or completed if it is incomplete.

9. Contacting You

Newable will only contact you if you’ve asked to be contacted or if your contact details are featured in a third-party contact list, in which you’ve been included by consent. You have the ability to opt-out of being contacted by Newable at any point.

We may contact you by phone, email, direct message, or SMS, with information about other products and services we offer, which are similar to those which we have provided to you, or which you have expressed interest in, such as services relating to investments, loans, business advice, or workspace solutions. You can opt out of receiving these messages at any time by, emailing us at: financeconfident@newablefinance.co.uk, or by following the instructions provided alongside the message we send you. You can also opt out by writing to us using the postal address set out below.

Newable also engages in business to business marketing activity.

10. Your Duty to Inform us of Changes

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes, by contacting us.

11. Storing Your Data

Newable will store your data securely and do its utmost to protect your data and privacy using suitable security technology.

In general, we will only keep your personal information for as long as we need to, in order to provide the services you have requested.

If we have collected personal information about you in order to carry out suitability checks for particular products or services, or to meet our compliance or regulatory requirements, we will delete your personal information once it is no longer needed for these purposes.

If we need to keep certain personal information for legal reasons, or if we are recommended by guidance to keep personal information for a particular period of time, we will retain such information for this period of time.

We will keep personal information about products and services we have previously provided to you, as well as your contact details, in order to send you marketing messages about products and services you may be interested in which are similar to ours, until you tell us that you no longer wish to receive these messages.

For other types of personal information which we collect in connection with the provision of services to you, we will retain this information for up to six years after our contract with you comes to an end.

Newable may contract with third parties to process your data on its behalf and they will do so in accordance with our principles and instructions and not for any other purpose. Newable will require any third parties with whom your data is shared, to comply with our company policy.

Newable will ensure that any third parties used in connection with the running of its website and services (for example, hosting providers) act according to its strict contractual obligations.

 

 

12. Changes to this Policy or Data Breach

Newable keeps this Privacy Notice under regular review and will publish any changes to this policy on its websites.

Where the changes to this policy are significant, Newable may also choose to email all of its registered users with the new policy.

Newable will also notify individuals of any data breach which affects you and will undertake incident investigation and corrective action to minimise the incident re-occurring.

13. Use of Cookies and Web Beacons (Pixels)

Newable will collect anonymised statistics using cookies and pixels.

A cookie is a small computer file containing letters and numbers, which a website may send to a user’s computer to improve their experience.

Newable uses cookies to:

For information on controlling cookies visit:

https://www.aboutcookies.org.

A pixel is a small tracking image inserted into some of our marketing and communications to track engagement.

Newable uses pixels to:

For information on pixels and other web beacons visit:

https://www.legislation.gov.uk/uksi/2003/2426/regulation/22/made

14. Anonymised Data

Newable will only share anonymised data or anonymised and aggregated data about its users with advertisers or other third parties.

15. Security Procedures and Staff Training

The GDPR requires Newable to follow strict security procedures when storing and disclosing information that you have given us, to prevent unauthorised access.

Newable will not sell, trade or rent your personal information.

Newable may provide aggregated data about its customers, sales, traffic patterns and related site information to reputable third parties but this data will never include personally identifying information.

Data processors given access to your data to provide services on behalf of Newable are subject to contractual restrictions to ensure that your data is protected. Your data will not be used independently by any such third party.

Newable reserves the right to access and disclose personally identifying information about you to comply with applicable laws, to comply with lawful government requests, to operate its systems properly and to protect its users.

All Newable staff are required to undertake and pass annual data protection and cyber security training. Where required, Newable will provide additional training to those areas of the business that Newable considers to be at a higher risk.

16. Data Retention

Newable will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements

To determine the appropriate retention period for personal data, we consider any applicable legal requirements, together with the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.

17. Legal Information under the GDPR

For the purposes of the GDPR, Joanne Wilkinson is the Data Protection Officer for Newable and can be contacted at:

Newable Limited, 140 Aldersgate Street, London, EC1A 4HY, United Kingdom.

Alternatively, you can email dpo@newable.co.uk.

Any queries regarding Newable’s use of data and its data policies should be addressed to the Data Protection Officer.

Newable Limited is registered in England under registration number 1653116.

For further information about Newable’s data protection processes, please refer to our separate data protection policy.

  1. Your Right to Complain

 

If you think that there is a problem with the way Newable handles your data or if you have a complaint, then please direct it to Newable’s Data Protection Officer, using the contact details set out in sections 8 and 9 of this Notice.

 

You also have the right to contact the Information Commissioner’s Office at:

 

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF with respect to a complaint regarding Newable’s use of your personal data.

 

 

February 2022