Last updated: 2 July 2018 – Version 080818
This privacy notice sets out our approach and demonstrates our commitment to your privacy. We may change the content or services found on our website at any time without notice, and consequently our privacy notice may change at any time in the future. Please therefore check this privacy notice regularly when you visit our website.
1.1 BankingRefunds.co.uk is a trading style of Investor Compensation (UK) Limited Company Number: 07769324, who are regulated by the claims management regulator in respect of regulated claims management activities. We are entered in the Information Commissioner’s register of fee payers (controllers) with registration number Z3141844.
1.2 We are committed to protecting your personal data and other information you provide to us via this website. Please read this privacy notice carefully as it contains important information about our use of that information. It explains what information we collect about you, and how we use it, including when we might disclose it to third parties and other information that data protection law requires us to provide.
1.3 Because of the financial nature of our business, our products and services are not designed to appeal to or to be sold to persons under the age of 18. Therefore, we do not knowingly attempt to solicit or receive any information from children. If you are under the age of 18, you must not use this website.
1.4 It is our obligation to inform you, as an individual, that you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, telephone: 0303 123 1113, should you wish to. More details on this can be found on their website at https://ico.org.uk/make-a-complaint/. If you wish to complain to us, you can direct your complaint to email@example.com.
1.5 The purpose of our processing is for the fulfilment of our claims management services.
1.6 The lawful bases we rely on for processing your personal data are “consent” and “contract” and “legitimate interests” (see section 1.11 for details). For clarification, Article 6 of the General Data Protection Regulation sets out all lawful bases, and a summary of the lawful bases are set out below.
6(a) Consent: you have given consent for us to process your personal data for one or more specific purposes.
6(b) Contract: the processing is necessary for performance of a contract you have with us, or because you have asked us to take specific steps before entering into a contract with you.
6(f) Legitimate interests: processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where those interests are overridden by your interests or fundamental rights and freedoms that require your personal data to be protected.
1.7 You can withdraw the consent you have provided at any time. If you wish to do this, please call us on 0844 88 00 648 or email us at firstname.lastname@example.org. It would be helpful if you put “Withdrawal of consent” in the subject line.
1.8 You have a right to object to our use of your personal data for our legitimate interests, including direct marketing. To exercise your right please call us on 0844 88 00 648 or email email@example.com. It would be helpful if you put “Right to object” in the subject line.
1.9 If you are a customer, we will need your personal details (name and contact details – address, contact number, email address), name history, date of birth and vendor information to provide our services. It is therefore a contract requirement that you provide these details. Without these details, we cannot provide our services.
1.10 We may make “automated decisions” about you: that is a significant decision made by software or an algorithm without human intervention. For example, based on a certain criteria (defined by humans) our system makes automatic decisions, such as when to send you an email or SMS or close your case. The logic in our systems is best understood as the milestones throughout the customer journey, for example your customer pack being returned or the complaint being sent to the vendor. We then set appropriately determined contact points to keep you updated or informed on any progress with your claim. The consequences of these automated decisions are limited as the triggers are removed where the customer journey finishes, i.e. when your case is closed, or is successful and you have settled your invoice.
1.11 We will keep your personal data in the UK. We also have a call centre in South Africa, from where your personal data in the UK may be accessed over a private network. South Africa’s data protection laws are not considered to give the same level of protection for personal data as those in Europe. We have carried out due diligence on this call centre and will ensure that your personal data are still protected to UK standards. We have also required all call centre agents to have specific certificated GDPR training.
1.12 We will collect some personal data from your bank rather than from you: your bank will identify specific accounts relating to you that include your account/policy number.
1.13 Some of our use of personal data is based on what is in our “legitimate interests” to do. Those interests are:
1.14 We will keep your personal data for up to 10 years after the end of the contract between us. After that we will review your personal data and delete it if there is no business need for us to keep it for a longer period, for example for the purpose of a legal claim or for tax reasons.
1.15 We do not have a data protection officer. Please contact our data protection manager (see section 8 (Contact us) below).
2.1 You need to register before you can use any of the services described on this website. We and any third parties who host or maintain this website may need to collect information about you and your computer to enable you to do so. The information will be collected when you register with the website or when you choose to use the services available via the website.
2.2 We may use the information collected to personalise your experience on the website, to help you to log-in in future, to continue to use the website, and to help us select services or materials for inclusion on the website which may be of interest to you. We may, from time to time, use your information to let you know about other products or services, which we consider may be of interest or benefit to you by telephone, email or text. We will only do this with your express consent.
2.3 The nature of our business is such that we may on occasion ask you to provide sensitive personal data (the technical term is “special categories” of personal data, that is, personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying an individual, data concerning health or data concerning an individual’s sex life or sexual orientation). Where we do so and you agree to that, you give your explicit consent to our use of such sensitive personal data for the purposes for which it was provided. We will take appropriate measures to protect such sensitive personal data at all times.
2.4 We or third parties hosting servers on our behalf may also monitor traffic patterns and usage of the website to help it to improve the website design and layout. We will not be able to identify you from that monitoring.
2.5 We may monitor or record phone calls with you in case we need to check we have carried out your instructions correctly, to resolve queries or issues, for regulatory purposes, to help improve our quality of service, and to help detect or prevent fraud or other crimes. Telephone conversations may also be monitored for staff training purposes.
3.1 We will disclose your personal data to third parties as described in this section 3.
Suppliers and Other Service Providers
3.2 From time to time we use third party suppliers and service providers to facilitate our services (e.g. for call centre and face to face services). Where any service provider collects information directly from you, you will be notified of their involvement, and all information disclosures you make will be strictly optional.
3.3 We may need to pass your information to third parties who help us to maintain, administer or develop the website or provide our services (such as our mailroom provider/scanner, and dialler provider) but, if so, that information is only given to those third parties for that limited purpose and subject to those third parties agreeing to keep the information secure.
3.4 In addition, we may provide aggregate statistics about our customers, sales, traffic patterns and related website information to reputable third-parties. Please see our cookies notice for further information.
3.5 We may disclose personal data to the extent permitted or required under any enactment, by rule of law, order of the Court, as requested by other government law enforcement authority, to take advice or enforce our legal rights, to operate our systems properly, or to protect ourselves or our users.
3.6 We may disclose personal data to any company or other entity to whom we transfer or subcontract any or all of our obligations or rights to you under an agreement.
3.7 We may disclose your personal data to a third party with your consent.
4.2 Read more about the individual cookies and similar technologies we use and how to recognise them by clicking here. To give or withdraw consent to cookies and similar technologies, please adjust your browser settings.
We may add to or change the terms of this privacy notice in our sole discretion, without prior notice to you. If we change this privacy notice, we will post the new privacy notice on the website, and it will become effective from the time of posting to the website. Please visit this privacy notice on a regular basis to make sure you have read the latest version and you understand how we use your personal data. Wherever possible, we will give you notice of any changes prior to their implementation.
You have rights to make a request to us:
These rights are more complicated than the simple summary above. To find out more about them, please visit the Information Commissioner’s website. To exercise your rights, please contact us or ask us for a form. Our contact details are section 8 below.
The right to access your personal data
You have a legal right to see a copy of the personal data we hold about you. This service is free of charge; however we can charge a ‘reasonable fee’ where a request is manifestly unfounded or excessive, particularly if it is repetitive. We can also charge a reasonable fee to comply with requests for further copies of the same information.
The right to rectification of your personal data
You also have the right to correct any errors in the information that we hold about you. Please let us know about changes to your details so that we can keep our records accurate and up to date.
This website contains links to other websites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage users to be aware when they leave the website and to read the privacy notices of each and every website that collects personal data. This privacy notice applies solely to information collected on this website.
If you have any questions about our privacy notice or the information we hold about you please contact our Data Protection Manager at the address or telephone number stated in our Footer on our Home page
Further information about data protection issues including the online register of fee payers (controllers) can be found on the Information Commissioner’s website.