Privacy Statement
Introduction
Agricultural & Groundscare Credit Ltd is committed to protecting and respecting your privacy.
This privacy policy sets out how Agricultural & Groundscare Credit Ltd uses and protects any information that you give Agricultural & Groundscare Credit Ltd. This policy also explains your rights under DPA (Data Protection Act) and GDPR (General Data Protection Regulation).
Agricultural & Groundscare Credit Ltd is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with this privacy statement.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the European Data Protection Regulation (GDPR) and the Data Protection Act 2018 (the Act), the data controller is Agricultural & Groundscare Credit Ltd, Hill Top Farm, Frogmarsh, Corse Lawn, Gloucester GL19 4PW.
What information we collect
We may collect the following information:
What we do with the information we gather
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
Information you give to us
Who we share the information you gave us with
If you instruct us to look for Finance on your behalf, we will share the information you have given us with our funders (a list of our funders can be found at the bottom of this policy).
What funders do with your data
In order to approve your application our funders will supply your personal information to credit reference agencies and the Credit Reference Agencies (CRAs) will give the funders information about you, such as about your financial history. The funders do this to assess credit worthiness, product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity.
The funders will continue to exchange information with the CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. Your data will also be linked to the data of your spouse, any joint applicants or other financial associates.
The personal information you have supplied will also be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and verify your identity. If fraud is detected, you could be refused certain services, finance or employment.
Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.
Where we store your personal data
All information you provide to us is stored on our secure servers.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Retention
We will normally retain your personal data for a period of 7 years. Under certain circumstances this period may vary if we consider it necessary for good operational or commercial reasons, or in order to meet other legal obligations.
Your rights
Your rights under Data Protection Law
We operate under the Data Protection Act 2018 (‘DPA’) and the European General Data Protection Regulation (‘GDPR’).
Your rights under Data Protection Law
We operate under the Data Protection Act 2018 (‘DPA’) and the European General Data Protection Regulation (‘GDPR’).
The DPA and GDPR apply to ‘personal data’ we process, and the data protection principles set out the main responsibilities we are responsible for.
We must ensure that personal data shall be:
We ensure lawful processing of personal data by obtaining consent; or where there is a contractual obligation to do so in providing appropriate products and services; or where processing the data is necessary for the purposes of our legitimate interests in providing appropriate products and services.
In the majority of cases we process personal data based on your contract with us. In other cases, we process personal data only where there are legitimate grounds for so doing.
To meet our Data Protection obligations, we have established comprehensive and proportionate governance measures.
We ensure data protection compliance across the organisation through:
Under the GDPR You have the following specific rights in respect of the personal data we process:
The right to be informed about how we use personal data.
This Privacy Statement explains who we are; the purposes for which we process personal data and our legitimate interests in so doing; the categories of data we process; third party disclosures; and details of any transfers of personal data outside the UK.
The right of access to the personal data we hold. This will be free of charge and must be provided within 30 days of receipt.
The right to rectification, where data is inaccurate or incomplete. In such cases we shall make any amendments or additions within 30 days of the request.
The right to erasure of personal data, but only in very specific circumstances, typically where the personal data is no longer necessary in relation to the purpose for which it was originally collected or processed; or, in certain cases where we have relied on consent to process the data, when that consent is withdrawn and there is no other legitimate reason for continuing to process that data; or when the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
The right to restrict processing, for example while we are reviewing the accuracy or completeness of data or deciding on whether any request for erasure is valid. In such cases we shall continue to store the data, but not further process it until such time as we have resolved the issue.
The right to data portability which, subject to a number of qualifying conditions, allows individuals to obtain and reuse their personal data for their own purposes across different services.
The right to object in cases where processing is based on legitimate interests, where our requirement to process the data is overridden by the rights of the individual concerned; or for the purposes of direct marketing (including profiling); or for processing for purposes of scientific / historical research and statistics, unless this is for necessary for the performance of a public interest task.
Rights in relation to automated decision making and profiling.
Please contact our compliance officer at info@agcredit.co.uk for more information about the GDPR and your rights under Data Protection law.
If you have a complaint about data protection at Agricultural
& Groundscare Credit Ltd contact our Compliance Officer
at info@agcredit.co.uk
Alternatively contact our supervisory authority for data protection compliance (www.ico.org.uk):
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
Changes to our Privacy Policy
Any changes we may make to our privacy policy in the future will be notified to you directly.
Contact
Questions, comments and requests regarding
this privacy policy are welcomed and should be addressed via email
to our compliance officer, at info@agcredit.co.uk