Privacy Notice


BACKGROUND

Lifeline Protect understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our students and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.


1 INFORMATION ABOUT US

Lifeline Protect is a limited company registered in England under company number 08719989. Our registered office is at 3 The Quadrant, Business Centre, Warwick Road, Coventry, CV1 2DY.. LifeLine Protect Limited is an appointed representative of Religare UK Limited which is authorised and regulated by the Financial Conduct Authority and is entered on the Financial Services Register under reference number 309439.LifeLine Protect Limited is entered in the Financial Services Register under reference number 607618

Email: info@lifelineprotect.co.uk

Telephone number: 02476016306


2. WHAT DOES THIS NOTICE COVER?

This Privacy Information explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.


3. WHAT IS PERSONAL DATA?

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’. Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

The personal data that we use is set out in Part 6.


4. WHAT ARE MY RIGHTS?

Your rights under the General Data Protection Regulation (GDPR) 2018

Under the General Data Protection Regulation 2018, you have various rights in relation to your information. Detailed below are your rights and a description of each one.

You have the right to:

Be informed – this means you have the right to be informed about the collection and use of your personally identifiable data – this is detailed above in more detail.

Have access to your information – you have the right to access your personally identifiable data and supplementary information. This will be provided free of charge. However, when a request is manifestly unfounded, excessive or repetitive we reserve the right to charge a fee. We may also charge a reasonable fee to comply with requests for further copies of the same information. You can request access to your information by emailing us at info@lifelineprotect.co.uk

Have personally identifiable information rectified – you have a right to have inaccurate personal data rectified, or completed if it is incomplete. We will inform you when any inaccurate information is corrected.

Erase your personally identifiable information – the right to erasure is also known as ‘the right to be forgotten’. You can make a request for erasure of information verbally or in writing. We will respond to your request within one month. The right is not absolute and only applies in certain circumstances. For example it does not apply when we have statutory or regulatory obligations to keep your data.

Restrict processing of personally identifiable data– you have the right to request the restriction or suppression of your personal data. This is not an absolute right and only applies in certain circumstances. When processing is restricted, we are permitted to store the data, but not use it.

Port your personally identifiable data – this right allows you to obtain and reuse your personally identifiable data for your own purposes across different services. It allows you to move, copy or transfer personally identifiable data easily from one IT environment to another in a safe and secure way, without hindrance to usability.

Object to the processing of your data – you have a right to object to the processing of your data for purposes of scientific or historical research and statistics, as well as for the purposes of direct marketing (including profiling).

Challenge any decision made by automated decision making – we will inform you when we are performing automated decisioning and when we do we will give you information about the processing activity. We will introduce simple ways for you to request human intervention or challenge a decision made by automated decision making.


5. INFORMATION SECURITY

We pride ourselves on treating your data with the utmost care and security. Our systems meet or exceed industry standards and we are constantly monitoring these to provide improvements where available.

We will never store passwords in plain text, nor will we allow anyone to access your data unless they have a justifiable reason to do so. All of our employees are background checked before they are granted access to your data.

Credit decisions, the prevention of fraud and money laundering

Your lender may use credit reference and fraud prevention agencies to help them make decisions. A short guide to what the lender does and how the lender, credit reference and fraud prevention agencies will use your information is detailed below. If you would like to read the full details of how your data may be used, please contact your lender.

A condensed guide to the use of your personally identifiable information by the lender and at credit reference and fraud prevention agencies

If you apply for a mortgage product through Lifeline Protect, we will provide the information we hold about you to your lender. The lender will use this information to help make its decision about whether or not to lend to you. This will involve checking the following records about you and others:

• Its own records;

• Those at credit reference agencies (CRAs); and

• Those at fraud prevention agencies (FPAs).

When CRAs receive a search request from the lender they will place a search footprint on your credit file that may be seen by other lenders. They supply to lenders both public (including the electoral register) and shared credit and fraud prevention information. Having multiple search footprints on your credit file may affect your ability to borrow in the future.

The lender will make checks such as assessing your application for credit and verifying the applicants’ identities to prevent and detect crime and money laundering. The lender may also make periodic searches at CRAs and FPAs to manage your account with them.

If you are making a joint application or tell us or the lender that you have a spouse or financial associate, the lender will link your records together, so you must be sure that you have your partner’s agreement to disclose their information. CRAs also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to break that link.

Information on applications will be sent to CRAs and will be recorded by them. Where you borrow from the lender, the lender will give details of your accounts and how you manage it/them to CRAs. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs and FPAs to perform similar checks and to trace your whereabouts and recover debts that you owe.

Records remain on file for 6 years after they are closed, whether settled by you or defaulted.

If you give false or inaccurate information and the lender suspects or identifies fraud, the lender will record this and may also pass this information to FPAs and other organisations involved in crime and fraud prevention.

If you have borrowed from the lender and do not make payments that you owe them, the lender will trace your whereabouts and recover debts.

The lender and other organisations may access and use the information recorded by fraud prevention agencies based in other countries.

Automated credit decisions

Your mortgage application may be assessed by the lender by the means of automated decision making and if it is declined we will endeavour to request from the lender the actual reason why the application has been declined. Once we know this reason we will contact you as soon as we are able to convey this to you.


6. WHAT PERSONAL DATA DO YOU COLLECT?

We collect the below information depending on the service we offer:

• Name, address and contact details;

• Employment details;

• Financial information such as banking details, salary, savings, and financial commitments; and

• Any other personally identifiable information necessary for the completion of a mortgage application.

• Identification and address verification;

• Payslips and contracts of employment;

• Self-assessment tax returns and tax year overviews;

• Bank statements;

• Your credit report.


7. HOW DO YOU USE MY PERSONAL DATA?

Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of your personal data, or because it is in our legitimate business interests to use it. Your personal data will be used for the following purposes:

• Operate and manage mortgage/Insurance application(s) you consent to us making on your behalf;

• Carry out market research, profiling and business and statistical analysis including the formation of a view on you as an individual in order to service you and others better;

• Test our systems and develop our products (or any other similar purpose);

• Comply with any regulatory obligation we are obliged to;


We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out.

8. HOW LONG WILL YOU KEEP MY PERSONAL DATA?


• All data pertaining to a completed mortgage application will be kept on our systems for 6 years after completion in line with our regulatory requirements;

• If you have not completed on a mortgage application yet we will keep your data on file for 2 years.

• All data (including special categories of date) relating to any Lifeline Protect Life Insurance products you take out; and

• We may also use your data for internal statistical analysis purposes, although we will anonymise this data.


9. HOW AND WHERE DO YOU STORE OR TRANSFER MY PERSONAL DATA?


We will only store or transfer your personal data in the UK. This means that it will be fully protected under the GDPR.


10. DO YOU SHARE MY PERSONAL DATA?


• Any regulatory/governmental body, ombudsmen or law enforcement agency who has jurisdiction;

• A mortgage lender; to allow us to make a mortgage application on your behalf;

• Any third parties that participate in your mortgage journey (e.g. solicitors, valuers and conveyancers);

• Life insurance Companies: to allow us to make an insurance application on your behalf.

We will ensure your data remains within the EEA and as a result is captured under the General Data Protection Regulation.

We do not share any information with out the consent of the Client.


11. HOW CAN I ACCESS MY PERSONAL DATA?


If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.

All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 12. To make this as easy as possible for you, a Subject Access Request Form is available for you to use. You do not have to use this form, but it is the easiest way to tell us everything we need to know to respond to your request as quickly as possible. There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will respond to your subject access request within 14 days and, in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.


12. HOW DO I CONTACT YOU?

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details

Email: info@lifelineprotect.co.uk

Telephone: 02476016306

Post: 3 The Quadrant, Business Centre, Warwick Road, Coventry, CV1 2DY..


12. CHANGES TO THIS PRIVACY NOTICE

We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection. Any changes will be made available on our website – lifelineprotect.co.uk