In electronically signing your agreement with My Finance Club you are agreeing that we are able to hold and process the information provided to us; both personal and non-personal data. We make the assurance that we will only process your data for the following reasons:

• Manage your account
• Performing identity checks
• Make decisions on further borrowing
• Recover any debt
• Prevent, detect and potentially report crime
• Perform statistical analysis to ensure the accuracy and stability of our underwriting
• Use the data to understand our customers to ensure out products suit needs

We will not disclose your information except when:

• We liaise with credit reference and fraud prevention agencies
• We are obliged to disclose by law to governmental or regulatory bodies
• We need to seek assistance from an approved sub-contractor or business partner
• We have to appoint someone for the administration of the agreement
• We have to appoint someone for debt collection purposes
• We make the decision to sell or transfer your agreement

Unless required too by law we will not disclose your data or information to anyone without your consent.

We store all your data and information on our secure servers; we review this on a regular basis to ensure that all remains accurate and up to date. We make the assurance that we will not keep hold of your data and information for any longer than is needed; in line with the Data Protection Act and our Data Protection and Data Retention Policies.

Currently all data and information is stored within the European Economic Area (EEA); however if we ever had to transfer data and information outside of the EEA we will ensure that there is adequate protection as required under Data Protection Legislation.

When we are handling your personal details we work to protect the security and confidentiality of the details you provide to us. We do this in a number of ways including:

• Using Secure Socket Layer (SSL) software to encrypt the personal data you have entered onto our website
• By using firewalls in a multi-layer fashion with redundancy
• Secure network related equipment secured with passwords and access limited to authorised networking staff

Please remember that you also need to protect your personal data. As such, in order to prevent unauthorised access to your details, you need to ensure that you keep your user login details and password secure and do not share with other parties. Remember, make sure you sign off when you have finished using your account, especially if you are on a shared PC.

We will keep hold of the data and information that is necessary to enable us to provide you with the service or services you have requested through our website, for as long as it takes for us to provide the given services or services.

If you have opted out of marketing information then we may keep hold of your data and information to ensure that we hold onto your preference to opt out.

We will also keep all data and information required of us by law or where we deem it is appropriate to our business needs. We will keep records of your financial transactions for a minimum of 6 years from the end of our relationship.

All organisations that collect and process personal data from “data subjects” (our data subjects being our customers) are regulated by the Data Protection Act 1998.

Within the Act we are classed as the “data controller” and in being the data controller we are in control of how your data is then processed by any “data processors” (including ourselves).

To ensure that the decisions we are making are in the interest of serving you, our customers, all of our processes and procedures and overseen by the Information Commissioner’s Office.

All Credit Reference Agencies are also in regular communication with the Information Commissioner’s Office and their use of the Electoral Register (normally to assist in identity verification) is controlled under the Representation of the People Act 2000.

Should you have any queries in respect to the data which we may hold about you, how it is processed, or are unhappy with the way your data is processed or held, you may contact us either via our contact us page or at our registered address. Please clearly mark your communication for the attention of our Head of Legal, Risk & Compliance.

If you wish to learn more about the Information Commissioner’s Office, and what they do, you can do so my clicking this link https://ico.org.uk/.

In accordance with the Data Protection Act 1998, should you believe we hold data about you, you can make a Subject Access Request to us. Our response will detail the information which we store about you and we will process your request within 30 days. If you wish to make a Subject Access Request, you should put your request in writing either via the contact us page marking your request clearly for the attention of Head of Legal, Risk & Compliance or to:

Head of Legal, Risk & Compliance, My Finance Club, PO Box 102, Blyth, NE24 9DR

Subject to your consent your data and information may be used to notify you of products and services we believe may be of interest to you. This may be done via phone, email, SMS text messaging or writing to you.

You have the right to ask us at any time not to contact you for the purposes of marketing anymore. You can do this by going to contact us page, please note we do reserve the right to verify your identity following receipt of a request.

If you choose to visit our website, your visit and any dispute over privacy is subject to this Privacy Policy.

If you have any concern about privacy or have any questions or comments, please don’t hesitate to contact us.

We reserve the right at any time to change our privacy policy. Any revisions to the policy will be updated and posted onto our website.