Seneca Bridging Limited (“Seneca”) will hold any personal information provided to it in confidence and in accordance with The Data Protection Act 2018 (DPA 2018), The UK General Data Protection Regulation (UK GDPR) and other applicable data protection legislation.
Seneca is registered with the Information Commissioner as a Data Controller under registration number ZA250297.
What is personal data?
Personal data is any information relating to an identifiable person, who can be directly or indirectly identified by reference to such data. Such information includes, name, email address, mailing address.
Seneca will ensure the lawful processing of your personal data.
In this notice, we explain;
- the types of information we collect about you;
- how we collect and use this information;
- who we might share this information with;
- the steps we’ll take to make sure your personal data remains private and secure; and
- your rights to access the information we hold about you.
If you have any questions on this policy, you can call us on 01942 295 982, email us at email@example.com or write to us at 9 The Parks, Haydock, WA12 0JQ.
Who we are
Under DPA 2018, Seneca is the data controller and processor of personal data for the purposes of its respective business. The data controller is responsible for deciding how your information is used and ensuring it is private and secure.
The information we collect
We collect information about you from different places including:
- directly from you;
- from a third party acting on your behalf (e.g. an adviser, intermediary or broker);
- from publicly available sources; and
- from other organisations.
We will only collect your personal data in accordance with relevant regulations and law. This may relate to any of our products or services you apply for, currently hold or have held in the past.
You are responsible for making sure you give us accurate and up to date information.
If you provide another person’s information so that they can act on your behalf or access your account with us, please tell them how to find this Privacy Notice and make sure they agree to us using their information for the purposes set out in it.
How we will use your personal data
We will use your personal data to provide any products and services that you have requested. In addition, we may use if for other purposes, such as:
- to confirm your identity and address;
- to carry out your instructions;
- to help us make fraud and money laundering checks;
- to improve our products and services; and
- to offer you other services we believe may benefit you unless you ask us not to.
We will only use your personal data where we are allowed to by law. This may include carrying out an agreement we have with you, fulfilling a legal obligation, where we have a legitimate business interest or where you explicitly agree to us doing so.
Who we can share your personal data with
We may share your personal with certain third parties who work for us but only where it is appropriate to do so. This may include a custodian, nominee, receiving agent, subcontractors, agents, or service providers. We may also share your information with other companies and agencies e.g. with other Seneca branded companies (but only where it is appropriate to do so), regulators, insurers, brokers and agents, as well as credit reference and fraud prevention agencies.
How long we’ll keep your information
We will keep your personal data for as long as you have a relationship with us. After the relationship ends, we will only keep it where we may need it for our legitimate purposes e.g. to help us respond to queries or complaints, or for other reasons e.g. fighting fraud and financial crime, and responding to requests from regulators.
Transferring your information overseas
Your information may be transferred and stored in countries outside the European Economic Area (EEA), including some that may not have laws that provide the same level of protection for personal information. When we do this, we’ll ensure it has an appropriate level of protection.
You have a number of rights relating to the personal data we hold. Should you wish to use any of these rights then please contact us using the contact details below. Please note that some of these rights are not strictly automatic and we do have the right to consider any request made. In ordinary circumstances we should respond to any request within 30 days of receipt of a request.
Your rights as per UK GDPR are as follows:
- Right to be informed
This privacy notice confirms how we collect and use data.
- Right to access
You can request a copy of the personal data that we hold about you via a ‘Data Subject Access Request’. If you do, we will respond within one month. Our response is normally free of charge although we may charge a reasonable fee if the request is excessive.
- Right to rectification
We make every effort to hold accurate data about you. Should you be aware that the information we hold is incorrect, please inform us and we will correct our records, normally within one month.
- Right to erasure
You have the right to request that we erase your personal information. We will do so as long as we no longer have a lawful basis for processing your information.
- Right to restrict
You can request that we do not process your information in a certain way either in full or in part.
- Right to object
If you do not believe that we have a legitimate interest to process your personal data, you have the right to object to this processing. Any and all requests will be fully reviewed by our Data Protection Team and responded to with appropriate actions taken within one month of the objection.
- Right to data portability
In limited circumstances you have the right for us to provide you with your data in a format that can be moved to another computer. This right only applies to information that you have provided to us which we are processing with your consent or to deliver a contract. It also only applies to information which is processed electronically.
- Right in respect of automated processes
If a decision is made as a consequence of an automated process, then you have certain rights. Such rights would include the right to request the decision be reconsidered. At present Seneca does not use automated processes exclusively to make decisions and consequently such rights are not applicable. However, should you believe that we have made a decision based exclusively on an automated process then please contact us and we will review.
Please note we will only seek to obtain sufficient information to allow us to carry out some or all of the activities listed in the “How we will use your data” section. However, you are free to consider our use of your personal data and make a request to apply one or more of the rights specified in this section.
As stated above we can consider and refuse requests in certain circumstances. Please note that under UK GDPR we are not required to consider all potential consequences of processing a request. For example, your request to restrict the use of your information may result in us being unable to provide you with a service you have sought. Therefore, we would suggest that you consider all consequences of asserting a right and we would be more than happy to discuss any concerns that you may have.
Nothing in this policy should be construed as seeking to limit or remove your statutory rights. Should you have any concerns in this regard please seek appropriate independent legal advice.
Changes to this Notice
Any Concerns or requests
If you have any queries, wish to exert a right or alternatively wish to make a complaint, please contact the Data Protection Team at:
Address: Seneca Bridging Limited, 9 The Parks, Haydock, WA12 0JQ
Tel: 01942 295 982
Right to escalate any complaint to the Information Commissioner
If you are dissatisfied with our use or management of your personal data, you have the right to complain to the Information Commissioner’s Office (ICO). You can contact them via their website: www.ico.org.uk.