Your Personal Information and Privacy
We believe you deserve the highest possible levels of service, security and protection when we collect and use your personal information.
This page explains how we collect, use, disclose, transfer and store any personal data we collect from you.
Who are we?
Moneybarn is the trading style of Moneybarn No. 1 Limited. Our registered address is: Athena House, Bedford Road, Petersfield, Hampshire, GU32 3LJ.
You can see more information about us here.
When will we collect your personal data?
We will collect your personal information in two ways – when you apply for vehicle finance, and from third party organisations such as credit reference agencies.
Why and how do we use your personal data?
Our ‘Use of your personal information notice’ shown below, which we include as part of the contract you receive and sign when you start an agreement with us, explains why and how we will use your personal information in full:
Use of your personal information notice
What we will do when you apply
- Before we can supply you with services, goods or financing, we need to collect and process your personal information or ‘data’ so we can decide if we can accept you as a customer. The data will also be used to administer and perform obligations and responsibilities associated with the supply of the services, goods or financing.
- Further details of the ways we collect and use your personal information are also provided in the credit agreement which is to be read in conjunction with this Use of your personal information notice.
- We give you choices about the ways we use and share your personal information, and we’ll respect the choices you make
- We take all reasonable steps to ensure that your personal data is processed securely
Who we are
MoneyBarn No.1 Ltd is part of the Provident Financial Group, which includes other lending companies such as Vanquis Bank Ltd and Provident Personal Credit Ltd (trading as Provident Loans and Satsuma loans). More information on the Provident Financial Group can be found at www.providentfinancial.com
The identity of the Data Protection Officer
Should you have any questions regarding your data, please contact our Data Protection Officer by emailing DPO@moneybarn.com or you can write to us at this address: Data Protection Officer
Moneybarn, Athena House, Bedford Road, Petersfield, Hampshire, GU32 3LJ
Categories of personal data
We collect the following types of personal information about you;
- name, date of birth, email address, mailing address, phone number,
- employer name, take-home pay, banking information (such as bank sort code, debit card number and account number), and other financial information.
- information about your credit history, information about those to whom you are financially linked,
- information about how you have used other products and services provided by us or other members of the Provident Financial Group,
- information we receive from credit reference and fraud prevention agencies.
Where the personal data is obtained from
- Please see the following list of types and times when we will collect information from you and other sources:
- information collected directly from you through your online application, information collected through online forms or entries on our lead providers’, and/or associated group companies’ websites, or information you provide when you contact our customer services department
- your telephone, email or other electronic communications with us (for example when speaking to our Customer Services Team), which may be monitored and recorded
- information about your health or mental capacity. This information will be held so that we can comply with our obligations to you
- information about your transactions including loan balances
- information from outside sources such as credit reference agencies and customer service providers regarding credit worthiness and credit history
- information about your visits to our website, and information we collect when you use the website
- information about you when you use our feedback form
- information regarding your questions about our programmes with associated group companies & how you use products and services of other members of the group, for example from the transactions and operation of your accounts and services.
- Information at credit reference and fraud prevention agencies and that of your ‘financial associate’ if you have one, i.e. a person with whom you have, or have had, joint personal financial arrangements such as joint accounts or have made joint credit applications. It may be your spouse or partner (not a business partner). We may also, in certain limited circumstances, check the record, including credit details, of other members of your family and, if you are a director or partner in a small business, we may also check on your business or seek information from your employer
- We may also request that you provide details of individuals who are able to act as referees on your behalf by verifying some of the personal information you provide about yourself. The information we collect about these third parties may include their name, address, and phone number.
We may also compare the information you provide with information available from open public sources in order to verify the details you’ve given, such as ONS data & the Council Tax Valuation list.
How and why we process your personal data
Processing your data for legitimate business reasons
We process your personal data on the basis that we have a legitimate interest as a commercial organisation:
- To understand how our customersuse our products and services, so we can improve these;
- Developing new products and services and identifying which may be of interest to you – this will involve profiling;
- Where we have the relevant permissions, contacting you to make you aware of these products and services – note: we may contact you for a reasonable period after you cease your relationship with us. There is a right you can exercise to opt-out from receiving such communications;
- To make sure we deliver excellent customer service various methods of communication may be used when sending you information about your account. Sometimes this may be by SMS or Email. For example, this may include sending you reminders or receipts for payments or other information in relation to the administration/servicing of your loan. We will always ensure that we are not putting your data at risk;
- Sharing information for the purpose of ensuring your ongoing creditworthiness, throughout the life of your credit product;
- To share information with third parties for the purpose of preventing fraud and financial crime;
- Improving our systems and processes, which may include using your personal data to test the accuracy of these, but only where it is essential to do so;
- To process and analyse applicant data to improve business processes and credit decisions;
- To share applicant data with third parties for the purpose of improving business processes and credit decisions;
- To share your contact details with brokers who introduced you to us to help them with their accounting and administration. Brokers and Introducers sometimes use your information that you provided to them initially to contact you about products and services unless you have asked them directly not to do so;
- To recover money owed to us and trace your whereabouts;
- To otherwise exercise our rights under our contracts with you for the provision of the products and services you hold;
- To invite you to participate in market research and customer surveys;
- To sell to, or purchase debts from other firms.
- Sharing your personal data with any person to whom we may transfer, or may consider transferring any of our rights or business;
- We will also share the personal information you submit with our associated group companies as mentioned above (which includes any company linked to us in some way by common ownership or management) for the purposes of: (a) the provision of products and service you request and (b) consumer profiling and market research (c) business analysis and (d) data verification and data enrichment purposes (e) marketing purposes
- We will share your information with our associated group companies for the following administrative activities:
- Managing your relationship with us and notifying you of any changes to those products
- Responding to your queries and complaints
- Administering offers, competitions and promotions
- Undertaking affordability reviews
- Updating, consolidating and improving the accuracy of our records
- In addition, we will share your information with our associated group companies for the following data usage:
- Transactional analysis
- Arrears and debt recovery and debt sale activities including where we need to trace your whereabouts
- Crime detection, prevention and prosecution
- To evaluate the effectiveness of marketing, and for market research and training
- To support customer modelling, statistical and trend analysis, with the aim of developing and improving products and services
- To enable assessment of lending risks by considering all the products you have across the group of companies and also taking into consideration your payment history with any products you previously held for assessing your income and expenditure and periodically updating this information to enable us to make responsible lending decisions.
- Using your information for profiling to help ensure that if we do market to you this will be relevant to the information we hold about you
- Some of this sharing will be done on an individual basis, in other cases the data is shared using a secure transfer process or is uploaded into a central database repository where we are able to apply strict controls over the security and access to that data. By sharing this information, it enables our companies to better understand your needs and run your account(s) in the efficient way you expect.
Processing your data for Contractual reasons
We process personal data to consider and process applications made by our customers and prospective customers for products and services we provide. We would be unable to accept applications or service credit agreements without processing personal data and is needed for ongoing contractual relationships.
- To deliver the products and services we provide, including:
- Accepting payments on your behalf;
- Providing you with information, advice and guidance on the products and services you hold;
- This includes account statements, formal reminders and notices informing you of forthcoming changes;
- Calculating interest and, where relevant, determining fees and charges which may apply to your account;
- To address enquiries or complaints we may receive from you or a representative appointed by you;
- Undertaking credit searches to assess your suitability for a product;
- Assessing your application using an automated credit decisioning process;
- Assessing your ability to repay your loan, we may review your income and expenditure, based on data we hold, capture or you provide
Processing your data for Legal reasons
We will treat your information as private and confidential but may share it with other Group companies and only disclose it outside the Group if we are legally obliged to do so or required to do so to satisfy a court order. It will put us in breach of our legal duties if we are prevented from disclosing personal data to certain third-party organisations. Examples of where we would be legally obliged are:
- Passing information to HMRC where a court order is in place;
- Required by the Police and other law enforcement agencies to investigate or prevent crime;
- Required by the authorities when we report on any suspicious activity that could indicate money laundering;
- Undertaking affordability reviews, where we will use all the data across the group companies to ensure we are fully aware of your Group commitments;
- Required to provide information to our industry regulators;
- To otherwise meet our obligations under all laws and regulations based on law which apply to our business activities;
- Identifying and managing risks to our organization; and
- Where we have a duty to protect vulnerable customers.
Where and when we need your consent
There will be circumstances where we will only process your data if we have your consent to do so. For example, if you provide us with data that is classed as a special category of data such as health information, we will only process this with your permission (unless we feel the processing is necessary to protect your vital interests). You have a right at any time to ask us to stop the processing of that specific data. We also seek your permission to use your data for direct marketing activities, see below for further details.
Using automated decision-making processes and profiling
As part of the processing of your personal data, decisions may be made by automated means.
- When you apply for credit we use credit scoring. This will be through an automated system that helps us to understand behaviour and its impact on an individual’s likelihood to pay their credit commitments. It will take account of information you provide on your application, information already held in the Provident Group about you, data from Credit Reference Agencies & other open public sources. If you submit an application and it is declined through this automated process, you may contact us to have the decision reviewed.
This also means we may automatically decide that you pose a fraud or money laundering risk if our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct; or is inconsistent with your previous submissions; or you appear to have deliberately hidden your true identity. If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services and financing you have requested, or we may stop providing existing services to you. You have rights in relation to automated decision making: if you want to know more please contact us using the details provided later in this notice.
- We may use your personal data in profiling in order to identify your suitability for products and services we offer and to inform you of these. Where an individual’s financial history suggests they are unlikely to be accepted for a particular product or service, we may use that data to opt them out of receiving information about that product or service. This is in individuals’ interests as it helps stop them receiving irrelevant marketing or being targeted with marketing about products that they cannot afford. These types of profiling may only be used in relation to our own products and services and as such are generally not considered to have a significant effect on your rights and interests
How we use Credit Reference Agency data
- If you tell us that you have a financial associate, we will search link and record information about you both at credit reference and fraud prevention agencies. You must be sure you have your financial associate’s agreement to disclose their information.
- We and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
- We will add to your record with the credit reference agencies details of your Agreement with us, the payments you make under it, any default or failure to keep its terms and any change of name or address.
- Account information given to credit reference agencies remains on file for 6 years after the account is closed, whether settled by you or upon default, except where we legitimately believe a longer period is necessary.
- If we have reasonable grounds to believe that our asset is at risk, we may conduct credit reference agency, motor insurance database and fraud prevention agency searches, to confirm or establish your contact details, insurance cover, and to assess or manage our risk.
- Whether or not your application with us proceeds, the credit reference agencies will place a record of our search on your credit file. This record (but not our name) will be seen by other organisations when you apply for credit in the future. A large number of applications within a short period of time could affect your ability to obtain credit.
- The agencies will link your records and those of your financial associate(s), including any previous and subsequent names. These links will remain on your and their files until you or they tell the agency you are no longer financially linked, and the agency accepts this.
The identities of the credit reference agencies (CRAs), their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail at:
How we use Fraud Prevention Agency data
- Whenever fraud prevention agencies transfer your personal data outside of the UK and European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the UK and European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
- We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested.
- with fraud prevention or law enforcement agencies, in the event false or inaccurate information is provided and fraud or money laundering is identified. We and other organisations will also access and use this information to prevent fraud and money laundering, for example when checking details on applications for credit and credit related and other facilities, managing credit and credit-related accounts or other facilities, recovering debt, checking details on proposals and claims for all types of insurance, and checking details of job applicants and employees
- We will request that information held by credit reference and fraud prevention agencies, other industry participants and the Motor Insurance Database be disclosed to us and other organisations to, for example:
- prevent fraud and money laundering, for example by checking details on applications for credit and credit-related or other facilities, proposals and claims for all types of insurance and job applications and employee records
- to identify you when you contact us or visit our website, and to prevent and detect fraud or money laundering. This may involve the use of voice detection technology to analyse recordings of your telephone calls with us
- recover debts that you owe and trace your and the goods whereabouts
- manage credit accounts and other facilities
- verify your identity
- make decisions on credit, insurance and other facilities about you, your financial associate(s), members of your household or your business
- carry out statistical analysis to help with decisions about credit and account management
- assess that the vehicle you have agreed to purchase from us pursuant to the terms of the agreement is fully insured under a comprehensive insurance policy.
- Whether or not your application with us proceeds, a record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you.
- Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
If you consent to direct marketing, depending on the methods you have agreed to, we and our group companies will contact you by post, email, telephone or mobile text and/or messaging service (SMS) about Moneybarn and group company products or services we have available which we think are relevant to you. You have a legal right to prevent your information being used for direct marketing purposes. If you do not want your information to be used for these marketing purposes, you can opt out by calling our Customer Services Team on 0330 555 1230, or by emailing firstname.lastname@example.org or you can write to us at: Moneybarn, Athena House , Bedford Road, Petersfield GU32 3LJ.
Retaining your personal data
We will generally keep your personal data for a minimum of the term of your loan agreement with us plus 6 years, after which time it will be destroyed if it is no longer required for the lawful purpose(s) for which it was obtained. If you consent to us using your data for Marketing, any information we use for this purpose will be kept with us until you notify us that you no longer wish to receive this information.
Processing your data outside of the UK and European Economic Area
All the personal data we hold about you will be processed by our staff in the United Kingdom. However, please be aware that your information may be stored on a cloud-based system with servers located within the European Union.
Who else we share your personal data with
- We may pass your personal information to local authorities, councils, or other similar local government agencies in pursuing their or our legitimate interests.
- The personal information we hold about you will be disclosed to our funders, and may be disclosed by them to their funders and in each case to their professional advisors. It may also be used for statistical analysis, testing, marketing and training purposes, both internally and externally.
- We will share your personal information with third parties under the following circumstances:
- Credit reference agencies may add to their records about you, information about our search of their records and your application with us, and this will be seen by other organisations that make searches.
- with a purchaser, in the event our business or all its assets are acquired by a third party (in which case personal information held about customers will be one of the transferred assets)
- to enforce any of our terms and conditions
- with individuals who you nominate as your referees to verify certain information that you provide to us
- if required or compelled to do so by any legal authority, as required by law or when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process served on us
- We will also share your information with local authorities, councils, government and law enforcement agencies if a formal request is received. The use of your data by any of these parties will be governed by data protection and other relevant laws.
- Information held and obtained by us in relation to you will be passed to our agents for the purposes of taking enforcement action against you and/or a third party pursuant to our rights under the Agreement.
- We will also pass your details and information obtained on you if we transfer/assign our rights and duties in this Agreement to the transferee and/or its professional advisors, and may do so in advance of any transfer to assist in preparation for a transfer.
- We will share your information with your bank and other agencies to the extent necessary, and to perform checks for the prevention of fraud, to verify your banking details, and to validate your identification.
Using third parties
We will also share your information with:
- other third-party service providers, who act as agents to perform tasks on behalf of and under the instructions of Moneybarn. These service providers must agree to use personal information only for the purposes for which they have been engaged by us and must either: (1) comply with mechanisms permitted by the European data protection law(s) for transfers and processing of personal information (including contractual obligation under the EU model clauses); or (2) agree to provide adequate protections for the personal information that are no less protective than those set forth in this notice.
- lenders, credit reference agencies, customer service providers and collection agencies. We have trusted relationships with these carefully selected third parties who perform services on our behalf. All service providers are bound by contract to maintain the security of your personal information.
Important please read: Your rights explained
When exercising any of the rights listed below, to process your request we may need to verify your identity for your security. Any rights requests should be sent to our Data Protection Officer by emailing DPO@moneybarn.com.
Right of access to your data
- The right to access information we hold on you.
- At any point you can contact us to request the information we hold on you, including details of why we have that information, who has access to the information, and where we obtained the information from. Once we receive your request we will respond within one calendar month.
- There are no fees or charges for this request
Right to rectification
- The right to correct and update the information we hold on you.
- If the data we hold on you is out of date, incomplete or incorrect, you can inform us, and we will update your data.
Right to erasure
- The right to have your information erased.
- If you feel we should no longer be using your data or that we are using your data for a purpose you were unaware of, you can request us to erase some or all the data we hold for you.
- When we receive your request, we will confirm whether the data has been deleted or explain the reason why it cannot be deleted (for example we may need to keep the data because we have a legitimate interest or to comply with regulations).
Right to Object
- The right to object to processing of your data.
- You have the right to request that we stop processing your data. When we receive your request, we will confirm if we are able to comply or explain why we have legitimate grounds to continue processing your data. Even after you exercise your right to object, we may continue to hold your data to comply with your other rights or to bring or defend legal claims.
Right to restrict processing
- In some circumstances, you can ask us to restrict how we use your personal data. Your rights are set out within Article 18 of the GDPR, and if you need more information you can contact us using the details provided later in this notice. This is not an absolute right, and your personal data may still be processed where certain grounds exist. This is: With your consent; For the establishment, exercise, or defence of legal claims; For the protection of the rights of another natural or legal person; For reasons of important public interest. Only one of these grounds needs to be demonstrated to continue data processing. We will consider and respond to any requests we receive, including assessing the applicability of these exemptions.
Right to data portability
- You have the right to request that we transfer some of your data to another controller. We will comply with your request, where it is feasible to do so, within one month of receiving your request.
Right to withdraw consent
- The right to withdraw your consent for us to hold, process or share your data, where we sought your consent to collect and use it.
- You can withdraw your consent easily by telephone, email, or by post (see the contact details provided earlier in this notice).
Right to lodge a complaint
- If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer at DPO@moneybarn.com who will investigate the matter. If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO). The right to lodge a complaint with the Information Commissioner’s Office ( https://ico.org.uk/concerns )
Using our website
What personal information do we collect when you browse our website?
In addition to the personal information we collect from you when you apply for vehicle finance with us, when you use our website we will automatically collect information about your computer, including, where available, your IP address, operating system and browser type.
This is statistical data about browsing actions and patterns and does not identify you as an individual.
We may also collect information about your general internet usage by using a cookie file, which is stored on the hard drive of your computer. Cookies enable us to improve our service to you, estimate our online audience size and website usage patterns, store information about your preferences and recognise you when you return to our site.
You will have the option to amend your cookie settings via the preference centre on our website.
For more information on how to control or delete cookies, please visit www.aboutcookies.org.
Our website uses a web analytics service called Mouseflow. This service may record mouse clicks, mouse movements, and scrolling activity when you’re using the site, as well as any text or personal information you enter in the website, for example during the application process.
Mouseflow does not track your browsing habits across web sites which do not use their services.
We use the information collected by the Mouseflow service to improve our website, make it more user-friendly and monitor that it is performing correctly.
How to disable Mouseflow:
You can choose to disable the Mouseflow service by following the instructions at this link – https://mouseflow.com/opt-out.
Please note that the opt-out uses a third-party cookie; if you erase the cookie you will need to follow the Mouseflow opt-out instructions again to stop being tracked by the service.
When you contact us
Recording of communications
All calls, emails and LiveChat conversations to and from us are recorded and monitored so we can check the quality of the service we provide, to resolve queries or issues, for regulatory purposes and we may use the recordings for employee training. We may also share the recordings with third party organisations to help us combat fraud and money laundering.