Neroli Mortgages & Finance - Privacy Policy

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.nerolimortgages.co.uk you are accepting and consenting to the practices described in this policy.

This privacy policy will applies to you if you provide your personal information to us, even if you decide not to go ahead with any product or service we offer.


Who are we:

Melfinco Limited t/a Neroli Mortgages & Finance is an independent mortgage broker and is a authorised and regulated by the Financial Conduct Authority, FRN: 759808. We are committed to protecting and respecting your privacy.
For the purpose of the General Data Protection Regulation, the data controller is Melfinco Limited, 62 Church Street, Westhoughton, BOLTON. BL5 3RS.

What data do we collect:

The information we collect from you depends on the product or service you apply for, or the service that we provide to you. We will only collect information that we actually need, or where we are required to collect the information to enable us to perform our legal, regulatory or contractual obligations necessary to provide you with the products or services, or where we have received your permission.

This will likely include the collection of:

• your personal details (e.g. name, date of birth) • address details • contact details (e.g. phone number, email) • special category data [see below] • financial information • employment information • information on how you use our website(s) and products and services

Special Category Data:

Data protection law defines some personal information as “special categories of data”. This includes information about physical or mental health, sexual life, religious beliefs, race or ethnic origin, political opinions, trade union membership or biometric data. This information may be necessary to collect when understanding the reason for your financial circumstances, or where it may help us to provide a better service to you. For example, a period of ill health could have caused you to fall behind with your regular payments to your creditors. When you share special category information, e.g. about your health or a characteristic of vulnerability we will always seek explicit consent from you to store and process such information. Where we need to collect and process this type of data about you, by providing this information to us you give your explicit consent for us and any other third party to process this special data as set out in this privacy policy, unless we have a legal obligation to process this type of data. Any personal information about you relating to criminal convictions or offences may only be used by us when authorised by law.
Information about other people: If you provide personal information about someone else, for example when a joint application is made, you must do so with the permission of the other person. If you enter into a service jointly with another person, your personal information and any information about the service provided to you will be shared with the other person. We will use the personal information about the other person in the ways as described in this privacy policy. How do we collect your data: Most of the data we collect will be provided by you:

• When you make an application or enquiry to us either by telephone, email, our website, by a third party or by any other means • By adding reviews or interacting with us using social media such as Twitter or Facebook etc • When we may need to obtain up to date information about you to meet our legal or regulatory obligations • Where you have given permission for your information to be provided to us

How we use your data: We will use your data so that we can:

• Process an application or enquiry you have made for one of our products or services

• Contact you about your application, for example by letter, telephone, email, text message or WhatsApp [If you do not want to be contacted in a particular way then you can request this at any time. If we are providing a service to you, we do need to be able to send you communications. This is often due to a legal or regulatory requirement.]

• Contact you with special offers on other products and services we think you might be interested in. We may do this by letter, telephone, email, text message or WhatsApp.

• To monitor the performance of our products and services to ensure consumer outcomes are being achieved

• Enter into or fulfil a contract we have with you

• Comply with a legal or regulatory obligation, for example, to adhere to anti-money laundering requirements

• Carry out a task which is in the public interest or protect your vital interests

• Carry out a task which is in our legitimate interest to do so and it is not against your rights

• Respond to an enquiry or complaint from you

Who we will share your data with:

• With a third party such as (but not limited to) a lender or insurer to allow them to process your application, your estate agent, sales agent, conveyancer/solicitor or other third party involved in your transaction.

• With a licensed Credit Reference Agency (CRA) who will retain of record of any searches carried out. [This information will be retained on your personal CRA file and may be used by other lenders in assessing applications from you and other members of your household and for fraud prevention].

• Our regulators, such as the Financial Conduct Authority, the Information Commissioner’s Office or any other regulatory body or authority that may request certain information as part of supervising us. We have a legal or regulatory obligation to provide this.

• Authorities such as the police, local authorities or the courts, where we are required to do so under a legal or regulatory obligation

• Law enforcement agencies and fraud prevention agencies who will use it to prevent fraud, money-laundering and terrorist financing and to verify your identity. If fraud is detected, you could be refused certain services, finance or employment. Further information is available by contacting us.

• IT Service Providers who provide IT platforms or other IT services

• Communication providers (e.g. telephone line providers, email and text service providers)

• With companies outside the European Economic Area (EEA), such as lenders and insurers. [We will only share your personal information outside the EEA, where we have your consent; to comply with a legal obligation; or where we work with a business partner to enable us to provide you with our services, and they process information outside of the EEA. If we do share your information outside of the EEA we will make sure that it is protected in the same way as if it was being used in the EEA to ensure appropriate safeguards are in place. This may include putting in place a contract with the business partner that means they must protect the personal data to the same standards as the EEA (this may include defined model clauses), or only share the data to a business partner in a non-EEA country where the privacy laws provide the same protection as within the EEA or where they are part of a Privacy Shield]. More information on this can be found on the European Commission Justice Website.

How we will store your data:

We will always ensure that your data is stored securely. We may store your data in the following locations:

• In a paper based file

• In the Cloud

• On our electronic devices

We take the protection of personal information very seriously and we will maintain appropriate measures to maintain the confidentiality, integrity and availability of the data you have provided.
Such measures include:
• Company security policies and standards
• Staff security awareness • Role based access controls to prevent unauthorised access to the information
• Encryption and anonymisation technology
• Anti-malware technologies
• Security monitoring
• Security testing
• Secure archiving and deletion
• Compliance with industry regulation and legislation

How long will we store your data:

If you continue to be our customer and we give you advice, we will keep a record of your personal information to ensure that we provide you with the best service possible and where we’re required to keep your data to meet our legal and regulatory obligations. This will normally be kept for at least 6 years, starting from the date when we are no longer providing you with a service.
If you do not go ahead with any product or service offered by us, your personal information will normally be deleted after 2 years unless we have another reason to keep your personal information, for example, if you have given your consent to receive marketing or promotional messages from us. After this time, we will delete the information or anonymise the data so that it cannot be linked back to you. We may record any telephone calls you make to us or we make to you or any other third party. This is for training, monitoring and quality purposes and to meet our legal and regulatory obligations. Some telephone calls may be observed by staff for training and development purposes. We may keep a copy of the telephone calls for up to 6 years from the date the telephone call was made.
Marketing: With the introduction of the Consumer Duty, it is likely that the level of our communications with you may increase. This will be necessary to support customers to understand the products and services offered and to provide support to customers throughout the relationship lifecycle.

We would like to send you information about our products and services that we think you might be interested in. We will ask you to sign our E-Marketing Consent form to allow us to do this and if you have given your consent you have the right to opt out at any time.

What your data protection rights are:

Access to your personal information: You have the right to request from us a copy of the personal information that we may hold about you. This is often called a “Data Subject Access Request”. You can request this information by contacting us as set out below. Before providing this information to you or to another person or company where you have requested this personal information to be sent to, we may ask for proof of identity or ask sufficient questions to enable us to locate the information and ensure that we’re only providing it were you have given your agreement. Right to have your personal information corrected: If the personal information we hold about you is incorrect you have the right to request that we correct this. Right to stop or limit the processing of the data we carry out:
You may request that your personal information is deleted or that we stop processing the information if we’re no longer entitled to process it. There may be occasions where we are unable to delete the data due to our legal or regulatory obligations. We will however discuss this with you if you request for your information to be deleted.

Right to object to processing:

You have the right to object to our processing of your personal data, under certain conditions. Right to data portability: In some cases you may be able to request for your information to be provided to you or to another company in a format that can be processed electronically by you or the other company. If you want to request this you will need to contact us. Other types of advertising When you visit our website or similar websites Google may use our advertisements promoting our products and services which may appear on other third party websites you visit across the internet for remarketing purposes, including cross-device remarketing. Google and other third parties will use cookies to tailor advertisements for website users based on their previous visit to our website. More information about cookies can be found below. We do not have any control over the advertisements you see on other third party websites however you
can request to opt out or customise these advertisements by using the Google Ads Preference Manager. How you can contact us: If you have any questions or queries about how we use your personal information you can contact us or our Data Protection Officer using the address or email below: Neroli Mortgages & Finance 62 Church Street
Westhoughton BOLTON BL5 3RS Email: patrick@nerolimortgages.co.uk

How you can contact the Information Commissioner’s Office:

If you are not happy with how we process your personal information you should contact us in the first instance. If you are not happy with how we have dealt with your enquiry you have the right to lodge a complaint with the Information Commissioner’s Office. You can find their details on their website at https://ico.org.uk.

Updates to this Privacy Policy:

We will aim to review our Privacy Policy regularly.