Data Controller & Contact Details.
Quick Loans Ltd is the Data Controller, or Controller, and we are responsible for processing and storing the personal data, or data, that you provide to us along with any data that you provide in the future or which is obtained, observed or inferred about you.
Quick Loans Ltd is registered with the Information Commissioners Office (ICO) in respect of the Data Protection Act 1998 (DPA) and the General Data Protection Regulations (GDPR). Our ICO registration number is ZA207923.
If you have any questions about how we use your data, or wish to execute your rights as detailed in this Privacy Notice, or under the DPA/GDPR, we can be contacted by:
Phone: 0800 234 3019
Post: 12 Churchfield Court, Barnsley, S70 2JT
While we would urge you to read the whole of this privacy notice, we understand that sometimes you just want to get on with things. This summary is designed to give you a quick oversight into what we do with your data.
Our principle business is that of a credit broker. We will therefore use the data that you provide in the application to allow us to do this.
We will therefore collect the information that you enter into the web form and transmit this securely to one or more lender or other credit brokers. These third parties will use this data to assess your application. This may involve making searches of one or more Credit Reference Agency (CRA) or Fraud Prevention Agency (FPA).
These third parties will either accept or decline the application. If they accept the application you will be transferred to their website to continue the process. This will then be in accordance with their Privacy Notice.
We do not store ANY data after it has been passed to the third parties.
If you Opt In to your details being passed to third parties for marketing purposes you should review the ‘Direct marketing by us and third parties’ section of this Privacy Notice to see how your data will be used.
By submitting your data you are agreeing to us processing your data in accordance with this Privacy Notice. Where you give us data on behalf of someone else you confirm that you have given them the information provided in the Privacy Notice and that they have not objected to their data being used in this way.
Purpose for processing your data.
Your data is being processes by us in the attempt of find you a loan.
Legal basis for processing your data.
The legal basis for processing your data simply means what gives us the right to use your data in the way that we do. There are many possible legal basis’ for processing data but we use just two.
- For finding you a loan we use the legal basis that the processing is necessary for the performance of a contract, or to take steps to enter a contract, with you. The contract you have asked us to perform is that of finding you a loan.
- Where you have opted in to having your data shared with third parties for marketing purposes we will use your consent as the legal basis for processing your data by passing it on to these third parties.
As we only use your data in real time and nothing is stored on our systems, we do not rely on any other legal basis’.
Processing your data for our own legitimate interests.
We do not use our own legitimate interest as a legal basis for processing our data.
We only collect data from the application forms displayed on our websites.
This includes your contact details, previous addresses, date of birth, your income and expenditure and your bank account and sortcode.
Using your data
The principle use of your data is to electronically pass on to third party lenders and brokers to try and find you a loan.
When this process is complete we do not store any of your data. The third parties may do this and should tell you about this if you ask them.
Where you have consented to us passing your data to third parties to conduct marketing activities we will also pass some of your data to them for this purpose.
Recipients or categories of recipient of your data
We are required under the regulations to tell you who we pass your data on to. Where it is not possible to list these organisations by name, we are allow to list them by category. The following are categories of recipients of your data:
- Authorised and Regulated Credit Brokers
- Authorised and Regulated Lenders
- Where consent is given for 3rd party marketing, those organisations listed in that section of this Privacy Notice.
Transfers to third countries and the safeguards
Ordinarily we only knowingly transfer your data to organisations with the UK and European Economic Area (EEA).
When we do this we will always make sure that the people or organisations are registered with the relevant Data Protection Authority for that country. This should protect you and your Data to the levels specified by the current regulations. In the UK this is the Information Commissioners Office.
Should any organisation that we pass your data to then pass this outside of the EEA or UK it will be their responsibility, under their own data protection registration, to ensure that the proper safeguards are in place.
Direct marketing by us and third parties
As we do not store your data after the application is processed we will not have any data by which to conduct direct marketing to you, whether for our own products or those we believe you may be interested in.
If, when completing the application form, you explicitly consent to selected third parties contacting you by email and SMS regarding their products, we will only pass your detail to the organisations named below:
- Nouveau Finance Limited
It may be that you decide after opting in to receiving marketing information from these third parties that you change your mind. If this is the case you should contact these organisations directly to make this request. The email addresses to use for this is given above.
Retention period for your data
As already described, we do not store any data after the application is submitted to our panel of lenders and brokers.
Under the GDPR you have several ‘rights’ that you may exercise in relation to your data. This section gives details of these rights and how they may be used.
Your right of access
Under the Regulations you have the right to obtain confirmation that your data is being processed and also access to the data we hold. You also have the right to supplementary information, however this largely corresponds to the information which is provided in this document, where a copy will be supplied.
Generally, you have the right to obtain this information free of charge and within 1 month of us receiving your request.
However, as your data is processed in real time and not stored or processed after the application is submitted, we will only be able to confirm this, along with telling you that we hold no data about you.
Your right to rectification
Under the Regulations you have the right to have your data rectified if it is inaccurate or incomplete.
As we do not store any data we will not be holding inaccurate or incomplete data and therefore will have nothing to amend or modify.
Where we have disclosed your data on to third parties, when it is possible to do so, we will inform them of the rectification. We will also, where appropriate, advise you of the third parties that your data was passed to.
As we will not know the incorrect data that we passed to such third parties we will simply send across the information you have provided. If you think that this will be insufficient to allow them to locate you previous (inaccurate or incomplete) data, then it would be helpful to advise us of both the old and new data.
Your right to erasure
Under the Regulations, in some circumstances, you have the right to ask us to erase your data and to prevent us from processing it.
As we do not store your data we will have nothing to erase.
Where we have disclosed your data on to third parties, when it is possible to do so, we will inform them of your request to have your data erased.
Your right to restrict processing of your data
Under the regulations you have the right to ‘block’ the processing of your data.
All processing and storage of your data by us ceases within 1 or 2 minutes of you applying. As we have none of your data after that point we will not be able to process it anyway.
Where we have disclosed your Data on to third parties, when it is possible to do so, we will inform them of the restriction on processing your data.
Your right to data portability
Under the regulations you have the right to ask us to provide certain data you have provided to us in a structured, commonly used, machine readable form. In simple terms, this means a computer file containing your Data which another organisation can import directly into their computer systems. The aim of this right is to make it easier for you to switch providers without having to manually obtain and re-enter all your details.
As we do not store any of your data after the application is processed we will not have any data to forward to you, or another party, in a machine readable format.
Your right to object
Under the regulations, you have the right to object to us processing your data for the following purposes:
- Where we process your data for our own legitimate interests.
- Where we process your data for direct marketing purposes.
- Where we process your data for research purposes.
As we do carry out any of the above activities you will have no reason to exercise this right.
Your right to withdraw consent at any time
You have the right to withdraw your consent as a legal basis for processing your data at any time.
We do not use consent as the legal basis for our principle role of finding you a loan.
We do use your consent to pass your data to selected, and named, third parties for marketing purposes. We only do this once at the point you apply so, while you can withdraw your consent to this, other than at the initial application, we never use this consent again.
Your right to lodge a complaint with a supervisory authority
If you are unhappy with anything we have done, or not done, regarding your data and the Data Protection Regulations, you have the right to make a complaint to our supervisory authority. In the UK the supervisory authority is the Information Commissioner’s Office (ICO). They can be contacted by:
- Phone – 0303 123 1113
- Live Chat – Via https://ico.org.uk/concerns/
- Post – Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
As a responsible organisation, we would always rather work with you directly to resolve your complaint ourselves before you contact our supervisory authority. If you would be happy for us to do this, please contact us using one of the methods in the first section of this document. You can always refer the matter to the ICO at any point if you are unhappy with the way we are dealing with it.
Provision of your data
You are not legally or contractually required to provide us with any of your personal data. If you choose not to provide such data as requested in the application form we will not be able to provide the service of loan brokerage to you.
If you do provide the requested data to us, you will be required to ensure that it is accurate and complete, otherwise it may affect our ability to provide the service to you.
Automated Decision Making (ADM) and your right in relation to ADM and profiling
Under the regulations, in some circumstances you may have the right not to be subject to a decision which has been based on automated processing and produces a legal or similarly significant effect on you. Under these circumstances your rights include obtaining human intervention, expressing your point of view or obtaining an explanation of the decision and then challenging it.
While lenders may have processes to give an automated response, we do not use ADM or profiling in our processes.
The security of your data
While we are only custodians of your data for a short period we will make sure that for that period we take all reasonable steps to protect it.
We will collect the data on our secure website and ensure that when it is transmitted to lenders and other brokers that it is encrypted with a recognized encryption method such as https.
We cannot however be responsible for any data that you send outside this website such as emails or webmail. This is often not secure and can transit through several countries before it is delivered.
Please also be aware that when you are using public workstations (such as those in internet cafés or public libraries) these may not be fully secure.
Such data losses will be deemed outside our control and we will not be liable to you for these.
Last update 25/05/2018