Privacy Policy

Privacy Policy

We take the privacy of your personal data seriously and we are committed to protecting your privacy in compliance with the UK General Data Protection Regulation (UK GDPR), tailored by the Data Protection Act 2018 “Data Protection Laws”. This Privacy Policy explains what personal data (see below for details of what this means) is collected about you and what we do with that personal data. Please see our Cookies Policy below for information of how the Website uses cookies, and your choices regarding cookies use.

We encourage all of our customers to familiarise themselves with this Privacy Policy to understand our views and practices regarding your personal data collected via the Website and other means and how we will treat it.

We reserve the right in our sole discretion to amend this Privacy Policy from time to time. In this event, we will post the revised policy on the Website and we will notify you of any material changes via a banner on the Website. This Privacy Policy sets out the basis by which any personal data we collect about you via the Website (or you provide to us) will be processed by us. By visiting the Website you are accepting the practices set out in this Privacy Policy.

Where you interact with us other than through the Website (e.g. via the phone or where you make a loan application by post or through a broker), this Privacy Policy may be supplemented by separate privacy policies, notices or other privacy related information which will apply to personal data obtained by us (or on our behalf) other than through the Website. This additional privacy information will be made available to you at the relevant point at which we collect your personal data.

If you do not agree to your personal data being used in the manner described in this Privacy Policy then please do not provide this to us. However, please note that some functionality of the Website may be restricted/ unavailable and we may not be able to proceed with an application where you do not provide us with any personal data we request.

YOU HAVE A RIGHT TO KNOW HOW WE WILL USE YOUR PERSONAL DATA

We provide this Privacy Policy to make you aware of our practices in connection with your privacy and of the choices you can make about the way your personal data is collected via the Website and used.

 

We are committed to ensuring the security of your personal data.

Data Protection Laws place obligations on us to process your information fairly and lawfully and to keep it secure. For the purposes of Data Protection Laws, the controller of your personal data is Chordis Capital Limited who is registered with the Information Commissioners Office (ICO) under registration reference ZA819285. We review our registration status periodically to ensure it accurately reflects the information we collect and how we use it.

What is “Personal Data”?

Personal data broadly means information that relates to an identified or identifiable living individual (“identifiable” refers to being able to identify the living individual directly from the information held or when the information held is combined with other information).

 

How Will We Comply With Data Protection Laws?

Data Protection Laws require that we meet certain lawful grounds before we are allowed to use your personal data in the manner described in this Privacy Policy and that we explain these legal grounds to you. We take our responsibilities under Data Protection Laws seriously, including meeting these conditions. To use your personal data, we will rely on the following lawful grounds (more than one ground may be relevant to each example of our processing):

Contract: Where you are an existing customer we will process your personal data to the extent required for us to provide you with services related to products that you have purchased from us in accordance with its terms (for example existing customers can make a payment, request information in respect of how to obtain additional finance or how to obtain a redemption figure). Additionally, if you are not an existing customer but you have requested further information about one of our products or services, we will use your personal data to provide you with such requested information.

Legitimate Interests: We will also process your personal data where this processing is in our “legitimate interests”. It is in our legitimate interests to collect your personal data as it provides us with the information that we need to run the Website or provide our services and/or products more effectively. We also have a legitimate interest to keep our customers informed about relevant products and services. When relying on this condition, we are required to carry out a balancing test of our interests in using your personal data (for example, in order to improve the Website or our services), against the interests you have as a citizen and the rights you have under Data Protection Laws (for example, to not have your data sold to third party marketing companies without your knowledge, or store your personal data in insecure or unstable countries/ regions). The outcome of this balancing test will determine whether we can use your personal data in the ways described in this privacy policy. We will always act reasonably and give full and proper consideration to your interests in carrying out this balancing test;

Legal obligation: Where there is a legal requirement upon us to record, retain or share your personal data with authorities, we must do so.

Consent: Where you have provided your consent, we also rely on your consent to use your personal data in certain ways (for example, you may provide us with your consent to market our products and services to you via a particular delivery channel).

Special Category and criminal offence data: We do not collect information classified as special category data, such as relating to health, racial or ethnic origin, religious beliefs etc or criminal offence data unless it is lawful to collect such information, any separate conditions for processing this data as set out under Data Protection regulations have been met and the data is necessary to fulfil a transaction (for example data relating to health will allow us to comply with the Equalities Act 2010 and make reasonable adjustments for you if required).

 

The type of personal data we will collect about you via the Website

The Website provides users who are interested in our products/services with an opportunity to submit online enquiries to us. The personal data that you may provide to us through the Website is set out below:

 

How we use credit reference and fraud prevention agencies

In order to process your application, we will perform credit and identity checks on you with one or more credit reference agencies (“CRAs”). To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.

We will use this information to:

We will continue to exchange information about you with CRAs while you have a relationship with us. We will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs.

When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders.

If you are making a joint application, or tell us that you have a spouse or financial associate, we will link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application. CRAs will also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.

The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail from each of the three CRAs – clicking on any of these three links will take you to the same CRAIN document: Transunion (formerly Callcredit) [www.transunion.co.uk/crain]; Equifax [www.equifax.co.uk/crain]; Experian [www.experian.co.uk/crain].

 

How we handle your personal data

We will only use the personal data you provide to us as described in this Privacy Policy, including any supplemental privacy information, as set out above.

We will observe the rights granted to you under applicable Data Protection Laws and will ensure that queries relating to privacy issues are dealt with promptly and in a transparent manner. See below for details about how to contact us and how to exercise your right to obtain copies of your personal data from us under Data Protection Laws.

We will only collect and process your personal data where we have lawful grounds to do so.

We will update our records if you inform us that your details have changed. Please tell us (see contact details below) as soon as possible about this. We will update our records promptly once we are satisfied that the new information (such as your new address or contact detail) is accurate.

 

How we will use the personal data we collect about you

We will store and process your personal data on our computers. Please see the Data Security header below for details about how we keep your personal data secure, in line with our obligations under Data Protection Laws.

We will use your personal data collected (including from any third parties, where relevant and lawful) to:

 

Other Websites

Please note that our services / products may be available via other websites (e.g. broker or intermediary websites) and we may link to other websites through the Website. We are not in control of these websites. Their use of your personal data is governed by their privacy policies.

We therefore recommend that you check the policy of each website that you visit and make sure that you are comfortable with the terms of such policies before providing any personal data.

 

Who do we pass your data to?

We may use third parties to provide services on our behalf which may include processing (but not using themselves for their own purposes) your personal data and this means we will disclose your personal data to them.

 

We will provide your personal data to the following categories of third parties:

Companies that provide data hosting and website management services and Microsoft; and companies that provide website analytics services and /or help us to make advertising messages more relevant to you such as Google Analytics, Bing, AppNexus and/ or Response Tap (please see our Cookies Policy for further information).

In each case, we will, in accordance with our obligations under Data Protection Laws, put in place appropriate written protections for your personal data.

Other than set out in this Privacy Policy (and supplemental privacy information, notices and/or statements where relevant), we will not otherwise disclose, sell or distribute your personal data we collect via the Website or other means to any third party without your permission unless we are required to do so by law.

In addition to the disclosures described above, we may disclose your personal data to:

 

How long we keep your personal data

We take steps with a view to permanently deleting, destroying or anonymising your personal data (which means that we are no longer able to identify you from it) when it is no longer necessary for its purpose and we are not required by law to keep it.

How long we keep your personal data depends upon the purpose for which your personal data was collected was provided. Generally however:

Will my personal data be transferred outside of the European Economic Area?

We currently do not intend to transfer your personal data to third parties and organisations who hold data outside of the European Economic Area (EEA). However, some third party suppliers or service providers may have back up or disaster recovery data centres that are located in multiple jurisdictions outside the EEA (for example, in the United States). This may mean that in certain limited circumstances personal data is transferred to countries which do not provide the same level of protection for personal data as the EEA.

Where your personal data is being transferred outside the EEA, we will ensure that appropriate safeguards are in place, such as the use of the EU Commission approved model contract clauses to protect your information in accordance with Data Protection Laws.

 

Your rights in relation to your records

You have a number of rights under Data Protection Laws in relation to the way we process your personal data. These are set out below. You may contact us using the details below to exercise any of these rights and we will respond to any request received from you within one month from the date of the request. Kindly note that some of these rights are not absolute rights and there may be a legitimate reason why we cannot process your request. The rationale behind this will be fully explained to you.

 

DESCRIPTION OF RIGHT

Right 1

Individuals have the right to be informed about the collection and use of their personal data.

Right 2

A right to access personal data held by us about you.

Right 3

A right to require us to rectify any inaccurate personal data held by us about you.

Right 4

A right to require us to erase personal data held by us about you. This right will only apply where (for example): we no longer need to use the personal data to achieve the purpose we collected it for; or where you withdraw your consent (if we are using your personal data based on your consent); or where you object to the way we process your data (in line with Right 6 below).

Right 5

A right to restrict our processing of personal data held by us about you. This right will only apply where (for example): you dispute the accuracy of the personal data held by us; or where you would have the right to require us to erase the personal data but would prefer that our processing is restricted instead; or where we no longer need to use the personal data to achieve the purpose we collected it for, but you require the data for the purposes of dealing with legal claims.

Right 6

A right to receive personal data, which you have provided to us, in a structured, commonly used and machine readable format. You also have the right to require us to transfer this personal data to another organisation, at your request.

Right 7

A right to object to our processing of your personal data (including for the purposes of sending marketing materials to you).

Right 8

Rights related to automated decision making including profiling (making a decision solely by automated means without any human involvement); and profiling (automated processing of personal data to evaluate certain things about an individual). Profiling can be part of an automated decision-making process.

If you would like to exercise the rights listed above, you can send a request:

By mail to: Customer Services, Chordis Capital, 9th floor, Corner Block, 2 Cornwall Street, Birmingham.

 

Data Security

In accordance with our obligations under Data Protection Laws, to prevent unauthorised access to or disclosure of your personal data (including card payments), maintain data accuracy, and ensure the appropriate use of your personal data, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the personal data we collect online.

However, you acknowledge that, unfortunately, the transmission of information via the internet, including the online enquiry forms you submit to us is not completely secure. We cannot guarantee the security of your data transmitted to the Website: any transmission (i.e. your sending of the personal data to us) is at your own risk. Once we have received your personal data, we will use the steps detailed above to protect it.

You should be aware that there are inherent risks in transferring personal data over the Internet. For example, if you send us an e-mail from your private mailbox, we cannot guarantee the security of the content during its transmission to us. For that reason, please do not send to us an unsecured e-mail with confidential information such as your National Insurance or bank account numbers, or any sensitive personal data.

 

Customer feedback and complaints

If you are not happy with the way in which your personal data is held or processed by us, or if you are not satisfied with our handling of any request by you in relation to your rights or any automated profiling that we carry out, our Data Protection Officer would be happy to help. You can contact our Data Protection Officer at the Chordis address shown above.

Alternatively, you have the right to complain to the Information Commissioner’s Office (ICO) by calling 0303 123 1113. The ICO is the UK’s independent body set up to uphold information rights. You can find out more about the ICO on its website (www.ico.org.uk/).

 

Cookie Policy

This Website is operated by Chordis Capital Limited. References in this Cookies Policy to “we”, “us”, “our” and “ourselves” are references to Chordis Capital Limited. References to “you” or “your” are references to any person reading this Cookies Policy.

This Cookies Policy explains what cookies are used by the Website and what we do with the information we obtain from those cookies. Please see our Privacy Policy above for information of how the Website collects your personal data.

We encourage all of our customers to familiarise themselves with this Cookies Policy to understand how the Website uses cookies and your choices in relation to cookies usage. We reserve the right in our sole discretion to amend this Cookies Policy from time to time. In this event, we will post the revised policy on the Website. We encourage you to periodically re-read this Cookies Policy so that you remain informed as to how the Website uses cookies. We may, where necessary, notify users of any modified version of this Cookies Policy that might materially affect the way in which the Website uses cookies. We may do so via a banner on the Website which users will see at their next visit.

 

Use of Cookies

This Cookies Policy sets out how the Website (including (without limitation) any ‘web-chat’ facility) uses cookies. A cookie is a text-only string of information that a website transfers to the cookie file of the browser on your computer’s hard disk so that the website can remember who you are. A cookie will typically contain the name of the domain from which the cookie has come, the “lifetime” of the cookie, and a value, usually a randomly generated unique number. Where we make reference to ‘cookies’, we also include reference to other similar technologies, for example digital and pixel tags, which operate in a similar manner to cookies.

A description of the types of cookies used by the Website and how we use them can be found below. We may update this description from time to time. As mentioned, steps will be taken to draw this to the user’s attention and to collect appropriate new consents at that time, where necessary.

When users use the Website they will be using a browser and this means that they can control, block or restrict cookies through their browser settings. Information on how to do this can be found within the Help section of the browser used. All cookies are browser specific. Therefore, if you use multiple browsers or devices to access websites, you will need to manage your cookie preferences across all of these elements. In addition when you first visit our Website you will see a cookies consent banner or pop-up which draws your attention to the fact that cookies are used and which links through to this Cookies Policy.

There are also several online resources that can provide more information on cookies and how they can be controlled within a variety of different web browsers. Please visit either http://www.aboutcookies.org or http://www.allaboutcookies.org for more information.

If you use a mobile device to access the Website, you will need to refer to your instruction manual or other help/settings resource in order to find out how to control cookies on the particular device.

Please note: if you restrict or delete cookies, you may experience a loss of functionality while accessing the Website and you will be treated as a first time visitor the next time you visit the website.

The Website uses session cookies (which expire once a user closes their web browser), session cookies are analysed by Google Analytics and give us information about the time you spent on the Website, which parts of the Website you visited and any click-through you followed in the Website. The Website may also use persistent cookies (these remain on a user’s computer or other device when they close their web browser – until such time as they expire or the user deletes them).

We have grouped the cookies used by the Website into the following categories, to make it easier for you to understand why we use them:

Strictly Necessary: these cookies are strictly necessary for the Website to work properly and for us to keep it secure. They are needed to allow users to use the Website and its features, including to move between pages of the website.

Performance/Analytical: these cookies allow us to collect certain information about how a user navigates the Website. These cookies collect information that is used either in aggregate form to help us understand how our site is being used or how effective our marketing campaigns are, or to help us personalise our site for you.

Marketing: these cookies are used to make advertising messages more relevant to you. We may use this data to tailor the marketing and ads you see on our own and other third party websites and mobile apps, including social media.

You might notice that some cookies on the website are not related to us. This is because some of the pages on the Website contain embedded content from third party websites – such as video from YouTube, Twitter or LinkedIn for example. Because this content is from another website, we do not control the cookies which relate to this. If a user wants to change their cookie preferences to block these third party cookies, they should check the third party websites for information on how to manage their cookies.

We may also embed social sharing icons throughout the Website. These sharing options are designed to enable users to easily share the Website’s content with their friends using a variety of different social networks. These social sharing sites may set a cookie when a user is logged into their service. Please note that we do not control the dissemination of these cookies and users should consult the relevant third party website for information on how these cookies are used and how the user can control them.

 

Our Review of this Policy

Chordis Capital Limited keep this Policy under regular review. The Policy was last updated on 17th March 2021

Get in touch