Privacy Notice

Introduction

This privacy notice lets you know what happens to any personal data that you give to us, or any that we may collect from you or about you. It applies to all our products and services, and any instances where we collect your personal data.

About us

Landbay Partners Limited is a company registered in England and Wales (registration number 08668507), whose registered office is at 7th Floor, 60 Buckingham Palace Road, London, SW1W 0AH. Landbay Partners Limited is authorised and regulated by the Financial Conduct Authority with firm reference number: 661952.

For the purposes of the General Data Protection Regulation (‘GDPR’), Landbay Partners Limited (‘Landbay’) is the data controller under the Regulation, which means that we determine the purposes and means of processing personal data. We are registered with the Information Commissioner’s Office with registration number: ZA036027.

If you have any questions in relation to this privacy policy or how we collect, use or store your personal information, you can contact us by phone at: 020 3817 7700, by post at: Landbay Partners Ltd, 7th Floor, 60 Buckingham Palace Road, London, SW1W 0AH or by email at: dpo@landbay.co.uk

Future changes to this privacy notice

We may change this privacy notice occasionally in order to reflect changes in the law, as well as our privacy practices. While we encourage you to check this notice on our website regularly, we will notify you should any substantial change take place.

Data Protection Officer (DPO)

Our Data Protection Officer is Julian Cork. You can get in touch with Julian in the following ways:

Emaildpo@landbay.co.uk

Post ‐ 7th Floor, 60 Buckingham Palace Road, London, SW1W 0AH

Telephone ‐ 0203 817 7700

What personal information about you do we process?

Personal information that we will process in connection with our products and services includes:

• Personal contact details (e.g. title, full name, current address, email address and address history)

• Your date of birth and age

• Your nationality (for borrowers)

• Details of beneficiaries or anyone legally authorised to act on your behalf, where applicable

• Records of your contact with us (including telephone number, e‐mail address and IP address)

• Products and services that you hold with us, as well as products and services you have been interested in and consented to ongoing marketing communications

• Information about your employment status (for borrowers)

• Where required, information about your source of income and source of wealth (to comply with anti‐money laundering requirements)

• Payment related information, such as sort code and bank account number and debit card information (to comply with anti‐money laundering requirements)

• In relation to borrowers, personal information obtained from Credit Reference Agencies and Fraud Prevention Agencies including public (e.g. defaults, CCJs) and shared credit history, financial situation and financial history

• Fraud debt and theft information (e.g. details of money you owe, suspected instances of fraud or theft, and details of any devices used for fraud)

Where does your personal information come from?

We will collect personal information from the following sources:

• From you directly, and any information from family members, associates or beneficiaries of products and services

• Information generated about you when you use our products and services

• From a broker or other intermediary (for example, an Independent Financial Adviser) who we work with to provide products or services to you

• Business partners (for example, financial services institutions, insurers), account beneficiaries, or others who are a part of providing your products and services or operating our business

• From other sources such as Fraud Prevention Agencies, Credit Reference Agencies, other lenders, HMRC, DWP, publicly available directories and information (for example, telephone directory, social media, internet, news articles), debt recovery and/or tracing agents, other organisations to assist in prevention and detection of crime, police and law enforcement agencies

What do we use your personal data for?

• Assessing an application for a product or service, including considering whether or not to offer you the product or service, the price, the risk of doing so, availability of payment method and the terms

• Managing products and services relating to that the product or service, or application for one

• Updating your records and recovering debt (borrowers only)

• Managing any aspect of the product or service

• To make automated decisions on whether to offer you a product or service, or the price, risk or terms of it

• To perform and/or test the performance of, our products, services and internal processes

• To improve the operation of our business and that of our business partners

• To follow guidance and best practice under the change to rules of governmental and regulatory bodies

• For management and auditing of our business operations including accounting

• To carry out checks at Credit Reference and Fraud Prevention Agencies during the pre‐application and application stages, and periodically after that

• To monitor and to keep records of our communications with you and our staff (see below)

• To administer our good governance requirements such as internal reporting, compliance obligations or any administrative requirements

• For market research and analysis and developing statistics (for internal purposes only)

• For direct marketing communications and related profiling to help us to offer you relevant products and service, including deciding whether or not to offer you certain products and service. We’ll send marketing to you by, email, post, social media and digital channels (for example, using Facebook Custom Audiences and Google Custom Match). Offers may relate to any of our products and services

• To provide personalised content and services to you, such as tailoring our products and services, our digital customer experience and offerings, and deciding which offers or promotions to show you on our digital channels

• To develop new products and services and to review and improve current products and services

• To comply with legal and regulatory obligations, requirements and guidance

• To provide insight and analysis of our customers both for ourselves and for the benefit of business partners either as part of providing products or services, helping us improve products or services, or to assess or improve the operating of our businesses

• To share information, as needed, with business partners (for example, financial services institutions, including debt recovery agencies, loan processors and funding partners), account beneficiaries, service providers or as part of providing and administering our products and services or operating our business

• To facilitate the sale of one or more parts of our business

What are the legal grounds for our processing of your personal information, and when can we share it with others?

We rely on the following legal bases to use your personal data:

• Where it is needed to provide you with our products or services, including:

Assessing an application for a product or service you hold with us, including consider whether or not to offer you the product, the price, the payment methods available and the conditions to attach

Managing products and services you hold with us, or an application for one

Updating your records and to contact you about your account and doing this for recovering debt (where appropriate)

Sharing your personal information with business partners and services providers when you apply for a product to help manage your product

For borrowers, all stages and activities relevant to managing the product or service including enquiry, application, administration and management of accounts, illustrations, setting up/changing/removing guarantors

For some of our profiling and other automated decision making to decide whether to offer you a product and/or service, payment method and the price or terms of this (borrowers only)

• Where it is in our legitimate interests to do so, such as:

Updating your records and to contact you about your account and doing this for recovering debt (where appropriate)

To perform and/or test the performance of, our products, services and internal processes

To follow guidance and recommended best practice of government and regulatory bodies

For management and audit of our business operations including accounting

For borrowers, to carry out searches at Credit Reference Agencies pre‐application, at the application stage, and periodically after that

To carry out monitoring and to keep records of our communications with you and our staff (see below)

To administer our good governance requirements, such as internal reporting, compliance obligations or to meet other administrative requirements

For market research and analysis and developing statistics

For direct marketing communications and related profiling to help us to offer you relevant products and services, including deciding whether or not to offer you certain products and service. We will send marketing to you by SMS, email, phone, post and social media and digital channels (for example, using Facebook Custom Audiences and Google Custom Match)

Subject to the appropriate controls, to provide insight and analysis of our customers to business partners either as part of providing products or services, helping us improve products or services, or to assess or to improve the operating of our businesses

Where we need to share your personal information with people or organisations to run our business or comply with any legal and/or regulatory obligations

• To comply with our legal obligations

We are Authorised by the Financial Conduct Authority (FCA), and as such may be required to process data to comply with the FCA’s rules. This may mean that we are unable to erase your data in certain circumstances, if to do so would result in a breach of the FCA’s record keeping requirements.

• With your consent:

For some direct marketing communications

For some of our profiling and other automated decision making

• For a public interest, such as:

Processing of your special categories of personal data such as about your health, criminal records information (including alleged offences), or if you are a vulnerable customer

When do we share your personal information with other organisations?

We may share information with the following third parties for the purposes listed above:

• Business partners (for example, other financial services institutions and debt recovery specialists)

• Governmental and regulatory bodies such as The Financial Conduct Authority, HM Revenue & Customs, the Prudential Regulation Authority, the Financial Ombudsman Service, the Information Commissioner’s Office and the Financial Services Compensation Scheme

• Other organisations and business who provide services to us such as debt recovery agencies, back up and server hosting providers, IT software and maintenance providers, document storage providers and other suppliers

• Credit Reference and Fraud Prevention Agencies

How and when can you withdraw your consent?

Where we rely upon your consent to process your personal data, you can withdraw this at any time by contacting our Data Protection Officer (details above).

Is your personal information transferred outside the UK or the European Economic Area?

Landbay Partners Limited is based in the UK, but sometimes your personal information may be transferred outside the European Economic Area. If we do so, we will make sure that suitable safeguards are in place, for example by using approved contractual agreements, unless certain exceptions apply.

How do we share your information with credit reference agencies?

In relation to borrowers, so we can process your application, and for periodic monitoring purposes, we will perform credit and identity checks on you with one or more credit reference agencies.

As we provide financial services, we may also make periodic searches at credit reference agencies to help manage your account with us. To do this, we will supply your personal information to credit reference agencies and they will provide us with information about you. This will include information from your application and about your financial situation and financial history. Credit reference agencies will supply both public (e.g. electoral roll) and shared credit, financial and fraud prevention information.

We will use this information to:

• Assess your creditworthiness and whether you can afford to take the product

• Verify the accuracy of the data you have provided to us

• Prevent criminal activity, fraud and money laundering

• Manage your account(s)

• Assess payment methods available to you

• Recover debts (borrowers only)

• Make sure any offers provided to you are appropriate to your circumstances

We will continue to exchange information about you with credit reference agencies while you have a relationship with us. We will also notify the credit reference agencies about your settled accounts. If you borrow and don’t repay in full and on time, credit reference agencies will record the outstanding debt. This information may be given to other organisations by credit reference agencies.

The identities of the CRAs, their role as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail on our website.

When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders.

If you’re making a joint application or tell us that you have a spouse or financial associate, we’ll link your records together, so you should make sure you discuss this with them, and share with them this information, before lodging the application. CRAs will also link your records together and these links will remain on your and their files until you or your partner successfully files for a disassociation with the CRAs to break that link.

How do we share your information with Fraud Prevention Agencies?

There are more details about how credit reference and fraud agencies use your personal data here.

What should you do if your personal information changes?

You should tell us as soon as possible so that we can update our records. You can do so via the ‹contact us’ section of our website.

Do you have to provide your personal information to us?

You do not have to provide your personal information to us should you not wish to. However, we are unable to provide you with our products or services if you do not provide certain information to us. In cases where providing some personal information is optional, we will make this clear.

Do we do any monitoring involving processing of your personal information?

We may monitor where permitted by law and we’ll do this where the law requires it, or to comply with regulatory rules, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures and for quality control and staff training purposes. This information may be shared for the purposes described above.

What about other automated decision making?

We sometimes make decisions about you using only technology, where none of our employees or any other individuals have been involved. For instance, we may do this to decide: whether to offer you a product or service, to determine the risk of doing so, the price we will offer, whether to offer you credit, what terms and conditions to offer you, assess lending and other business risks, or to assess what payment methods we can offer you. We may also do this using data from other parts of Landbay, including product or services details.

We’ll do this where it is necessary for entering into or performing the relevant contract, is authorised by laws that apply to us, or is based on your explicit consent.

How long do we retain your personal information?

Unless we explain otherwise to you, we’ll hold your personal information based on the following criteria:

• For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations

• For as long as we provide goods and/or services to you and then for as long as someone could bring a claim against us; and/or

• Retention periods in line with legal and regulatory requirements or guidance, in particular in conjunction with FCA rules.

What are your rights under data protection legislation?

Here is a list of the rights that all individuals have under data protection laws. They don’t apply in all circumstances. If you wish to use any of them, we’ll explain at that time if they are engaged or not. The right of data portability is only relevant from May 2018.

• The right to be informed about the processing of your personal information

• The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed

• The right to object to processing of your personal information

• The right to restrict processing of your personal information

• The right to have your personal information erased (the ‘right to be forgotten’)

• The right to request access to your personal information and to obtain information about how we process it

• The right to move, copy or transfer your personal information (‘data portability‘)

• Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you

You have the right to complain to the Information Commissioner’s Office which enforces data protection laws: https://ico.org.uk. You can contact us using the details above.

Your right to object

You have the right to object to certain purposes for processing, in particular to data processed for direct marketing purposes and to data processed for certain reasons based on our legitimate interests. You can contact us by going to the Contact Us section of our website to exercise these rights.

What are your marketing preferences and what do they mean?

We may use your home address, phone numbers, email address, social media or digital channels (for example, Facebook, Google and message facilities in other platforms) to contact you according to your marketing preferences. You can withdraw your consent relating to marketing activities at any time by contacting us using the details above or by following the instructions in the communication.

Cookies

Landbay collects information, which may include personal data from your browser when you use our sites. More information about these practices can be included in our Cookie Policy.

How can you contact us?

If you have any questions about this privacy notice, or if you wish to exercise your rights or contact our DPO, you can contact us via the methods listed above in the ‘Data Protection Officer’ section.

Complaints

All individuals have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if they have concerns about how Landbay Partners Limited has handled their information. Any concerns can be reported via the ICO’s website https://ico.org.uk/concerns or over the telephone, by calling 0303 123 1113.