Neroli Mortgages & Finance - Privacy Policy
This policy
sets out the basis on which any personal
data we collect from you, or that you
provide to us, will be processed by us.
Please read the following carefully to
understand our views and practices
regarding your personal data and how we
will treat it. By visiting
www.nerolimortgages.co.uk you are
accepting and consenting to the
practices described in this policy.
This privacy policy will applies to you
if you provide your personal information
to us, even if you decide not to go
ahead with any product or service we
offer.
Who are we:
Melfinco Limited t/a Neroli Mortgages &
Finance is an independent mortgage
broker and is a authorised and regulated
by the Financial Conduct Authority, FRN:
759808. We are committed to protecting
and respecting your privacy.
For the purpose of the General Data
Protection Regulation, the data
controller is Melfinco Limited, 62
Church Street, Westhoughton, BOLTON. BL5
3RS.
What data do we collect:
The information we collect from you
depends on the product or service you
apply for, or the service that we
provide to you. We will only collect
information that we actually need, or
where we are required to collect the
information to enable us to perform our
legal, regulatory or contractual
obligations necessary to provide you
with the products or services, or where
we have received your permission.
This will likely include the collection
of:
• your personal details (e.g. name, date
of birth) • address details • contact
details (e.g. phone number, email) •
special category data [see below] •
financial information • employment
information • information on how you use
our website(s) and products and services
Special Category Data:
Data protection law defines some
personal information as “special
categories of data”. This includes
information about physical or mental
health, sexual life, religious beliefs,
race or ethnic origin, political
opinions, trade union membership or
biometric data. This information may be
necessary to collect when understanding
the reason for your financial
circumstances, or where it may help us
to provide a better service to you. For
example, a period of ill health could
have caused you to fall behind with your
regular payments to your creditors. When
you share special category information,
e.g. about your health or a
characteristic of vulnerability we will
always seek explicit consent from you to
store and process such information.
Where we need to collect and process
this type of data about you, by
providing this information to us you
give your explicit consent for us and
any other third party to process this
special data as set out in this privacy
policy, unless we have a legal
obligation to process this type of data.
Any personal information about you
relating to criminal convictions or
offences may only be used by us when
authorised by law.
Information about other people: If you
provide personal information about
someone else, for example when a joint
application is made, you must do so with
the permission of the other person. If
you enter into a service jointly with
another person, your personal
information and any information about
the service provided to you will be
shared with the other person. We will
use the personal information about the
other person in the ways as described in
this privacy policy. How do we collect
your data: Most of the data we collect
will be provided by you:
• When you make an application or
enquiry to us either by telephone,
email, our website, by a third party or
by any other means • By adding reviews
or interacting with us using social
media such as Twitter or Facebook etc •
When we may need to obtain up to date
information about you to meet our legal
or regulatory obligations • Where you
have given permission for your
information to be provided to us
How we use your data: We will use your
data so that we can:
• Process an application or enquiry you
have made for one of our products or
services
• Contact you about your application,
for example by letter, telephone, email,
text message or WhatsApp [If you do not
want to be contacted in a particular way
then you can request this at any time.
If we are providing a service to you, we
do need to be able to send you
communications. This is often due to a
legal or regulatory requirement.]
• Contact you with special offers on
other products and services we think you
might be interested in. We may do this
by letter, telephone, email, text
message or WhatsApp.
• To monitor the performance of our
products and services to ensure consumer
outcomes are being achieved
• Enter into or fulfil a contract we
have with you
• Comply with a legal or regulatory
obligation, for example, to adhere to
anti-money laundering requirements
• Carry out a task which is in the
public interest or protect your vital
interests
• Carry out a task which is in our
legitimate interest to do so and it is
not against your rights
• Respond to an enquiry or complaint
from you
Who we will share your data with:
• With a third party such as (but not
limited to) a lender or insurer to allow
them to process your application, your
estate agent, sales agent,
conveyancer/solicitor or other third
party involved in your transaction.
• With a licensed Credit Reference
Agency (CRA) who will retain of record
of any searches carried out. [This
information will be retained on your
personal CRA file and may be used by
other lenders in assessing applications
from you and other members of your
household and for fraud prevention].
• Our regulators, such as the Financial
Conduct Authority, the Information
Commissioner’s Office or any other
regulatory body or authority that may
request certain information as part of
supervising us. We have a legal or
regulatory obligation to provide this.
• Authorities such as the police, local
authorities or the courts, where we are
required to do so under a legal or
regulatory obligation
• Law enforcement agencies and fraud
prevention agencies who will use it to
prevent fraud, money-laundering and
terrorist financing and to verify your
identity. If fraud is detected, you
could be refused certain services,
finance or employment. Further
information is available by contacting
us.
• IT Service Providers who provide IT
platforms or other IT services
• Communication providers (e.g.
telephone line providers, email and text
service providers)
• With companies outside the European
Economic Area (EEA), such as lenders and
insurers. [We will only share your
personal information outside the EEA,
where we have your consent; to comply
with a legal obligation; or where we
work with a business partner to enable
us to provide you with our services, and
they process information outside of the
EEA. If we do share your information
outside of the EEA we will make sure
that it is protected in the same way as
if it was being used in the EEA to
ensure appropriate safeguards are in
place. This may include putting in place
a contract with the business partner
that means they must protect the
personal data to the same standards as
the EEA (this may include defined model
clauses), or only share the data to a
business partner in a non-EEA country
where the privacy laws provide the same
protection as within the EEA or where
they are part of a Privacy Shield]. More
information on this can be found on the
European Commission Justice Website.
How we will store your data:
We will always ensure that your data is
stored securely. We may store your data
in the following locations:
• In a paper based file
• In the Cloud
• On our electronic devices
We take the protection of personal
information very seriously and we will
maintain appropriate measures to
maintain the confidentiality, integrity
and availability of the data you have
provided.
Such measures include:
•
Company security policies and standards
• Staff security awareness • Role based
access controls to prevent unauthorised
access to the information
• Encryption
and anonymisation technology
•
Anti-malware technologies
• Security
monitoring
• Security testing
• Secure
archiving and deletion
• Compliance with
industry regulation and legislation
How long will we store your data:
If you continue to be our customer and
we give you advice, we will keep a
record of your personal information to
ensure that we provide you with the best
service possible and where we’re
required to keep your data to meet our
legal and regulatory obligations. This
will normally be kept for at least 6
years, starting from the date when we
are no longer providing you with a
service.
If you do not go ahead with any product
or service offered by us, your personal
information will normally be deleted
after 2 years unless we have another
reason to keep your personal
information, for example, if you have
given your consent to receive marketing
or promotional messages from us. After
this time, we will delete the
information or anonymise the data so
that it cannot be linked back to you. We
may record any telephone calls you make
to us or we make to you or any other
third party. This is for training,
monitoring and quality purposes and to
meet our legal and regulatory
obligations. Some telephone calls may be
observed by staff for training and
development purposes. We may keep a copy
of the telephone calls for up to 6 years
from the date the telephone call was
made.
Marketing: With the introduction of the
Consumer Duty, it is likely that the
level of our communications with you may
increase. This will be necessary to
support customers to understand the
products and services offered and to
provide support to customers throughout
the relationship lifecycle.
We would like to send you information
about our products and services that we
think you might be interested in. We
will ask you to sign our E-Marketing
Consent form to allow us to do this and
if you have given your consent you have
the right to opt out at any time.
What your data protection rights are:
Access to your personal information: You
have the right to request from us a copy
of the personal information that we may
hold about you. This is often called a
“Data Subject Access Request”. You can
request this information by contacting
us as set out below. Before providing
this information to you or to another
person or company where you have
requested this personal information to
be sent to, we may ask for proof of
identity or ask sufficient questions to
enable us to locate the information and
ensure that we’re only providing it were
you have given your agreement. Right to
have your personal information
corrected: If the personal information
we hold about you is incorrect you have
the right to request that we correct
this. Right to stop or limit the
processing of the data we carry out:
You may request that your personal
information is deleted or that we stop
processing the information if we’re no
longer entitled to process it. There may
be occasions where we are unable to
delete the data due to our legal or
regulatory obligations. We will however
discuss this with you if you request for
your information to be deleted.
Right to object to processing:
You have the right to object to our
processing of your personal data, under
certain conditions. Right to data
portability: In some cases you may be
able to request for your information to
be provided to you or to another company
in a format that can be processed
electronically by you or the other
company. If you want to request this you
will need to contact us. Other types of
advertising When you visit our website
or similar websites Google may use our
advertisements promoting our products
and services which may appear on other
third party websites you visit across
the internet for remarketing purposes,
including cross-device remarketing.
Google and other third parties will use
cookies to tailor advertisements for
website users based on their previous
visit to our website. More information
about cookies can be found below. We do
not have any control over the
advertisements you see on other third
party websites however you
can request to opt out or customise
these advertisements by using the Google
Ads Preference Manager. How you can
contact us: If you have any questions or
queries about how we use your personal
information you can contact us or our
Data Protection Officer using the
address or email below: Neroli Mortgages
& Finance 62 Church Street
Westhoughton BOLTON BL5 3RS Email:
patrick@nerolimortgages.co.uk
How you can contact the Information
Commissioner’s Office:
If you are not
happy with how we process your personal
information you should contact us in the
first instance. If you are not happy
with how we have dealt with your enquiry
you have the right to lodge a complaint
with the Information Commissioner’s
Office. You can find their details on
their website at https://ico.org.uk.
Updates to this Privacy Policy:
We will aim to review our Privacy Policy
regularly.