For the purposes of the Data Protection Act 2018 (DPA2018) and General Data Protection Regulation (GDPR) the Data Controller is Cash On Go Ltd. Cash On Go Ltd is a registered Data Controller under the terms of the DPA2018 and GDPR, details of Cash On Go Ltd’s notification to the regulator for data protection, may be found in the Information Commissioner’s Office Public Register of Data Controllers at www.ico.org.uk under registration number Z2642498.
To register with us you must be 18-years of age or older. Minors are strictly forbidden from using our service. Regarding this we do not collect any personal data about children.
Information we collect
Throughout our relationship with you, we may collect different types of information about you.
- This includes information collected directly from you through your online application and through on-line forms or entries on our lead providers’ websites (i.e. your name, address, phone numbers, email address, date of birth, employment, banking and financial details);
- information you provide when you contact our customer service or debt collection department;
- we will also record your telephone communications with us and any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance;
- When we are managing your account, we may be given sensitive information such as medical information.;
- We will also take a record of the debit card you provide us with to make your repayments;
- we will collect and process information about your transactions, including loan balances;
- we will also receive information about you from credit reference agencies and fraud prevention agencies. They supply to us both public and shared credit and fraud prevention information.
- we will also collect information about your computer including, your IP address, operating system and browser type. Information is also collected when you use our website and this may be used to identify you and validate your use of our website for fraud prevention purposes.
What the information will be used for
The provision of your personal data is part of a contractual requirement and we would be unable to provide you with our product or the related service unless you agree to us collecting and processing your personal data. The information we collect will be used to provide our services to you and to develop new and improved products and services. We also use your information for security, verifying your identity when we need to, to communicate with you and to comply with the law.
The information we collect about you will be recorded electronically and may be used for a number of purposes.
More specifically, we may use your information:
- in the normal course of our business such as verifying your identity and credit standing and to manage your account with us;
- to carry out our obligations arising from contracts entered into between you and us;
- to prevent and detect fraud, this may involve analysing recordings of your telephone calls with us;
- in order to process loan transactions and update your account records;
- to assess your credit history and confirm your employment details;
- to make lending decisions. Some of this decision making will be automated based on your previous lending history, account conduct and information received from credit reference agencies or through other means. The significance of automated decision making is us meeting our responsible lending and fraud prevention obligations;
- to contact third parties, such as your employer, who you have nominated to verify information about yourself;
- to identify you when you contact us or visit our website;
- to identify which of our products or our partners’ products, might interest you;
- to contact you in connection with your enquiry;
- to update our website to better meet our clients’ needs in the future;
- to ensure that content from our website is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- to evaluate the effectiveness of our marketing of our website;
- to carry out regulatory checks and meet our obligations to our regulators;
- to protect ourselves against harm to our rights and property interests;
- to prevent and detect fraud, money laundering and other crime (such as identity theft);
- to analyse, assess and improve our services to customers, and for training and quality purposes;
- to identify you, for example using caller line identification technology to check we are speaking to the correct person;
- to send you messages by post, telephone, text, and email. These messages may be:
- to help you manage your account;
- messages we are required to send to comply with our regulatory obligations, such as changes to this agreement, and to give you information you need to manage your payments;
- to keep you informed about the features and benefits of the products you hold with us;
- to tell you about products and services (including those of others) that may be of interest to you – these are marketing messages. You can ask us to stop or start sending you marketing messages at any time by writing or calling to us.
Who the information may be shared with
We’ll keep your information confidential but we may share it with others if we have a duty to disclose it, if it’s required for the management of your accounts or a law or regulation allows us to do so, or for other legitimate business purposes.
The possible recipients of your personal data as follows (list not exhaustive):
- Regulators (ICO, FCA or CMA) and governmental authorities, Dispute resolution bodies (i.e. the Financial Ombudsman Service etc.) or other authorities, including tax authorities;
- Credit Reference Agencies (CRA) and Fraud Prevention Agencies (FPA);
- Our service providers and their sub-contractors (i.e. calling services, payment processors etc.);
- Your authorised representatives (i.e. debt management agencies, lawyers, family members etc.);
- Debt recovery and litigation services;
- Our business partners (i.e. in case of the restructuring or sale of our business);
- Our marketing partners (i.e. affiliates, lead providers, brokers, other lenders etc.);
In more detail, your information may be disclosed to:
- anyone you have authorised to represent you;
- payment-processing service providers and others that help us process your payments;
- our service providers and agents (including their sub-contractors). This may include, for example, where we use a service provider to send you post or marketing material or to call you on your phone;
- we may sell or otherwise pass on your data to debt collection agencies or law firms to recover funds owed, including by starting litigation against you;
- if Cash On Go Ltd or substantially all of our assets are acquired by a third party, in which case personal data held by us will be one of the transferred assets;
- any third party after a restructure, sale or acquisition of Cash On Go Ltd. as long as that person uses your information for the same purposes as it was originally given to us or used by us (or both);
Credit reference and fraud prevention agencies
In order to process your application we will supply your personal information to credit reference agencies (CRAs) and they will give us information about you, such as about your financial history. We do this to assess creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity.
What we process and share
The personal data you have provided, we have collected from you, or we have received from third parties may include your:
- date of birth;
- residential address and address history
- contact details such as email address and telephone numbers
- financial information
- employment details
- identifiers assigned to your computer or other internet connected device including your Internet Protocol (IP) address.
When we and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in preventing fraud, money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested.
We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to 6 (six) years.
As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if:
- our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct; or is inconsistent with your previous submissions; or
- you appear to have deliberately hidden your true identity.
You have the right to request information about the reasoning behind any automated decisions taken about you, such as a computer-generated decision to grant or deny credit.
Consequences of processing
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services and financing you have requested, or to employ you, or we may stop providing existing services to you.
A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details above.
Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
Your personal data is protected by legal rights, which include your rights to:
- be informed of the important aspects about how we collect your data, how we use it and who we share it with.
- object to our processing of your personal data by not ticking direct marketing and sale boxes on the forms we use to collect your data.
- request that your personal data is erased. For example where you withdraw your consent to our processing. However, we usually retain personal data in accordance with applicable laws which may mean we cannot process your request.
- withdraw consent. For certain uses of your personal data, we will ask for your consent. Where we do this, you have the right to withdraw your consent to further use of your personal data (if we are relying on consent as our legal ground). You can manage your preferences any time on your Peachy account page or contacting us (see Contact Us section below).
- rectification your personal data. If any personal information we hold is inaccurate or incomplete you can update your contact details, personal details and payment details yourself in the ‘My account’ section of your online account.
- request access to personal data we hold about you.
- restrict processing of your personal data. In certain circumstances, you are entitled to ask us to stop using your personal data, for example where you think the personal data we hold about you may be inaccurate.
- data portability which means that you can ask us to transfer personal data you have already provided to us back to you or to a third party.
We will also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. Your data will also be linked to the data of your spouse, any joint applicants or other financial associates.
These records will be shared with other organisations and may be used and searched by us, and others to:
- make credit assessments;
- check that the details on applications for products and services are correct;
- check your identity to comply with regulations;
- consider applications for credit and credit related services, such as insurance, for you and any associated person;
- trace debtors;
- recover debts;
- prevent or detect money laundering; and
- manage your accounts.
You have a legal right to be provided with details of the credit reference agencies that we share your information with. If you require such details, please write to us at our address stated above.
The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at Credit Reference Agency Information Notice.
Where we are sharing information with organisations in another country, we’ll ensure they agree to apply equivalent levels of protection as we are required to provide for your information. If this is not possible – for example because we are required by law to disclose information – we’ll ensure the sharing of that information is lawful.
Use of your information for marketing purposes
We would like to use the information you provide to contact you via phone, text, email or home address you enter on your loan application to discuss other products and services that Peachy may provide for you and to inform you of our competitions, games, offers and news about us, but we will only do this where you have provided us your consent.
We also have a permission from the Financial Conduct Authority to act as a broker and if you would like us to do so then we can help you find another lender or service provider in case you do not meet our lending criteria. We may also pass your data to selected third parties who may also use it to contact you by post, telephone, email or text message in relation to offers they feel might interest you, whether or not we enter into an agreement with you. It is completely free for you but we may receive a commission from some of the service providers in such cases.
We will ask for your consent to such processing when we collect this information from you and you have the option to retrieve your consent at any time.
It is important to remember that if you go to or are directed to websites of our partner networks, advertisers and/or affiliates then these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
If You are a winner of some marketing campaign activates, we will use your full name in our social marketing communication channels, such as Facebook, Twitter, Google+ and Peachy.co.uk website.
Data retention, security and transfers
All information you provide to us is stored on our secure servers. We only keep your data for the time necessary to fulfil the purpose of collection or further processing. As discarding data too soon would be likely to disadvantage our business and inconvenience our customers, data is generally retained for six (6) years but may be retained longer where appropriate (for example, in relation to the requirements of the legislation).
The primary criteria used to determine how long information will be kept are:
- legislative and regulatory requirements and obligations;.
- compliance with restrictions and the DPA 2018 and GDPR.
No matter how long the data is kept for, it is always Our top priority to ensure that all information is always held safely and securely and in accordance with considering legislation and regulatory requirements. with the DPA2018 and GDPR. We use computer safeguards, physical access controls and encryption to make sure that your data is safe with us. In the unlikely event of a breach of security leading to the destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, we will make sure to notify you as well as taking any and all necessary steps to contain and remedy the situation. We require all parties to whom we may pass your information to treat it with the same degree of confidentiality.
We require all parties to whom we may pass your information to also treat your information with the highest degree of confidentiality and security.
Social Media Features
Our website includes Social Media Features such as the Facebook Pixel. These Features may:
- collect your IP address, which pages you are visiting on our site and
- may set a cookie to enable the Feature to function properly.
Right to complain
If you are unhappy about your personal data has been used please refer to our Complaints Policy. For data protection related issues you also have the right to complain to the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
If you have any questions or concerns about the use of your personal information, please contact our Data Protection Officer at Cash On Go Ltd, 76 King Street, M2 4NH, Manchester, United Kingdom or via email: [email protected] or call us on 0800 0124 743.