information including the following:
- where we collect your personal information from;
- what personal information we collect;
- how we use your personal information;
- who your personal information is shared with; and
- the rights and choices you have when it comes to your personal information.
please stop using the Sites immediately.
The main reason we process your personal data is to provide you with the Services that you request from us (see section 5 below).
For certain purposes set out in section 6 below, we may share your personal information with members of our Group, our lenders, service providers and
regulatory or governmental bodies. We will only hold your personal information for as long as necessary to fulfil the purposes for which we hold
that personal information.
1. Who are we?
Phoenix Financial Consultants Limited ('Phoenix') (company number 07436334) is an FCA authorised credit broker operating in the UK.
We take your privacy very seriously. Phoenix is the data controller in relation to the processing of the personal information that you
provide to us when you use our Services.
If you have any queries relating to our use of your personal information, if you want to contact our data protection officer or
if you have any other related data protection questions, please contact our Compliance Team at email@example.com or
write to our Data Controller at our registered address: Phoenix Financial Consultants Limited, Suite 2.8 Monument House, 215 Marsh Road, Pinner, England, HA5 5NE.
2. What is Personal Data?
Personal Data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as 'any information relating to
an identifiable person who can be directly or indirectly identified in particular by reference to an identifier'.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as
your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
3. How do we collect personal information?
3.1. From you - Most of the personal information we collect will be direct from you when you use our Services. We will collect this information from you through the Phoenix website, mobile applications or other similar devices, channels or applications operated by us (known as the “Sites”).
3.2. From our lenders – If you obtain a loan from one of our lenders who offer products via our Site then they may send us information they hold relating to the product(s) you have purchased. This allows us to understand the suitability of products purchased and improve our Services.
4. What personal information do we collect?
4.1. The personal information we may collect when you use the Services includes your name, address, email address, telephone number, date of birth,
income, expenditure, age and details about your home together with details of your financial information, for example, bank account or payment details.
We use this data, to obtain quotes for loans.
In the course of providing the Services to you, we may also store information about how you use our Sites, for example, the pages viewed,
the website from which you came to visit our Sites, changes you make to information you supply to us, details of the quotes you request and your transactions.
4.2 In addition, as part of our Consumer Duty under the Financial Conduct Authority’s (FCA) vulnerable customer requirements, during the course of broker activities, we may also need to process "special category" data concerning your health/wellbeing.
This data is processed under the condition of Article 9(2)(g) of the the UK GDPR & paragraph 19 of Schedule 1 of the DPA 2018.
4.3 We do not knowingly collect or store any personal information about children under the age of 16. If you are aged under 16 please get your parent or guardian's permission before you provide any personal information to us.
4.5. We may monitor or record your calls, emails, sms or other communications but we will do so in accordance with data protection legislation and other applicable law. Monitoring or recording will always be for business purposes, such as for quality control and training (e.g. where you call our customer services help line), to prevent unauthorised use of our telecommunication systems and Sites, to ensure effective systems operation, to meet any legal obligation and/or to prevent or detect crime.
Note that it is your responsibility to check and ensure that all information, content, material or data you provide on the Sites is correct, complete, accurate and not misleading and that you disclose all relevant facts.
5. How do we use your personal information?
We may use your personal information:
5.1 to enable you to access and use the Services including:
5.1.1. verifying your identity, managing, running and administering your account or application;
5.1.2. passing it to our lenders. Some of the data you supply us with will be sent to our panel of lenders to determine if credit can be granted to you. In addition, the lender will conduct a ‘soft search’ of your credit file. This search will not impact your credit score and will not be visible to other lenders. Once a loan is offered by the lender, a further "Hard Search" may be made by the lender which will be visible to other lenders. When our lenders use your personal information to provide a quote they will act as data controllers of your personal information.
5.1.3 to make it easier for you to use the Sites we will store the personal information you provide and may use it to pre-populate fields on the Sites when making return visits;
5.2. to comply with our duties & obligations as an FCA authorised credit broker.
5.3. to communicate with you, including some or all of the following:
5.3.1. sending you information about products and services which we think may be of interest to you – We will only send you this information if you give us your consent for us to do so. We will contact you (depending on your contact preferences) via email, post, telephone, sms, or by other electronic means such as via social and digital media this may include new product launches, newsletters and opportunities to participate in market research;
5.3.2. sending you a confirmation e-mail of your quote - when you obtain a quote with us, you will automatically be sent confirmation of your quote by email or SMS so that you have a record of it and can easily retrieve your quote in the future;
5.3.3. sending you renewal quotes where applicable. Based on information you previously provided to us (if you have previously obtained a quote) -
when our systems indicate that your renewal is due (based on the dates you entered for your most recent quote) we may resubmit your quote details to give you an
idea of what your quotes could be for your next renewal. In order to provide this service to you, we may also send that information to our lenders so that they can
calculate their quotes. When they do this, our lenders may carry out ‘soft’ credit checks on you with credit reference agencies (see 6.2 below);
6. Who is your personal information shared with (including credit reference agencies)?
6.1 Who do we share your personal information with?
When you use any of our Services, we may disclose your personal information to the following parties:
6.1.1. other members of the Phoenix Group in accordance with section 5;
6.1.2. data validation companies e.g. address lookup providers in accordance with section 5.1.1 and 5.2;
6.1.3. our lenders - in order to display loan quotes on the Sites we will send your personal information to our panel of lenders. We need to send them your personal information so that they can generate a quote for us to display on the Sites. When these companies use your personal information in this way, they will be acting as data controllers of your personal information which means that they are in charge of how they handle your data and we are not responsible for this;
6.1.4. Where permitted or required by law or regulation, we may also disclose information about you (including electronic identifiers such as IP addresses) and/or access your account in order to comply with legal or regulatory requirements for example:
- if required to do so by any court, the Financial Conduct Authority, the Competition and Markets Authority or any other applicable regulatory, compliance, Governmental or law enforcement agency;
- If necessary in connection with legal proceedings or potential legal proceedings;
- if we reasonably believe false or inaccurate information has been provided and fraud is suspected, details may be passed to fraud prevention agencies to prevent fraud and money laundering.
6.2. Credit Reference Agencies
When you use the Services a ‘Soft’ credit and/or identity check may be carried out against your credit report by us or our lenders.
‘Soft’ credit checks are carried out by credit reference agencies in order to (i) assess your financial profile; (ii) verify your identity; and/or (iii) to help prevent fraud.
The credit reference agencies may keep a record of the search and you may see this recorded against your credit file but these ‘soft’ credit checks have no impact on your credit rating.
‘Soft’ credit checks are visible on your credit report but do not show up in the same way as a 'hard' check.
A lender may make a subsequent 'hard' check when you enter into a formal loan agreement with them.
Where a credit check is required by our lenders some or all of the following UK credit reference agencies are used:
- Callcredit Limited (trading as TransUnion formerly Callcredit) (“Callcredit”) and
- Experian Ltd ("Experian")
- Equifax Ltd (“Equifax”)
6.3. Who might our lenders share your personal information with?
In order to provide you with a quote, our lenders may exchange information about you with other companies and/or carry out checks with various databases. Our lenders act as data controllers in respect of this use of personal information and we are not responsible for it. We have set out below some of the common ways they will share your information:
6.3.1. Some of our lenders will use your personal information to assess your circumstances before providing a quote to you;
6.3.2. Some lenders may carry out checks with fraud prevention and credit reference agencies. If lenders do these checks, they will be quotation searches only and do not show up on your credit report in the same way that a ‘hard’ check does, but will be visible to other organisations. Both public data (e.g. the electoral roll) and private data (e.g. your personal credit history) may be checked in this way;
6.3.3. Some lenders may carry out checks against data they already hold on you, (or is held by the company whose brand they administer the product for, or members of their group of companies) such as data from existing products, account data, data from previous product transactions, accounts you may hold with them or loyalty scheme data to share with insurers in order to determine your premium;
7. Legal grounds for processing your personal information?
7.1. Performance of a contract - In order to provide you with the Services and manage your account we will: (i) send data to our lenders to get you a quote; (ii) process any transaction between you and a third party; and (iii) manage, run and administer your account. When we do this we are processing your personal information because it is necessary to perform the contract that we have in place with you to provide you with our Services.
7.2. Consent – We will only send you certain marketing e-mails if you have confirmed that you are happy to receive this material. Where we have asked for your consent, we will only collect and process your personal information if you have given your consent for us to do so.
7.3. Legitimate Interests – We may use and process some of your personal information where we have sensible and legitimate business grounds for doing so. Under European privacy laws there is a concept of “legitimate interests” as a justification for processing your personal information. Our legitimate interests for processing your personal information are:
7.3.1. to communicate with you about the Services. We need to keep you informed about your use of the Services for example sending you a confirmation e-mail of your quote. This won’t include marketing communications unless you have given us your consent to receive these;
7.3.2. to personalise and improve our Services for example, we may use your personal information to personalise aspects of our service. We constantly aim to improve our Services to you and using your personal information in this way helps us to do this; and
7.3.3. for market research and analysis. This helps us to regularly review and improve the products and services we or our lenders provide. Where possible data that we use/provide in this way will be in an anonymised format.
You have the right to object to our use of your personal information for these legitimate interests. If you raise an objection we will stop processing your personal information unless very exceptional circumstances apply, in which case we will let you know why we are continuing to process your personal information. Please contact our Data Request Team at firstname.lastname@example.org if you wish to exercise this right.
The information collected by cookies enables us to maintain your browsing session data whilst you navigate around the site, and to understand the use of our site, including the number of visitors we have,
the pages viewed per session, time exposed to particular pages etc. This in turn helps us to provide you with a better experience,
since we can evaluate the level of interest in the content of our website and tailor it accordingly.
Most browsers automatically accept cookies. You can set your browser options so that you will not receive cookies and you can
also delete existing cookies from your browser. However, you may find that some parts of the site will not function properly if you disable cookies.
9. How secure is our site and what steps do we take to keep you safe?
Your personal information’s security is very important to us. This is why, where it’s appropriate, our Sites use HTTPS to help keep information about you secure. However, no data transmission over the internet can be guaranteed to be totally secure.
You may complete a registration process when you sign up to use parts of the Sites. This may include the creation of a username, password and/or other identification information. Any such details should be kept confidential by you and should not be disclosed to or shared with anyone. Where you do disclose any of these details, you are solely responsible for all activities undertaken on the Sites where they are used. To protect your account, we ask you to choose a strong password to access your information on our Sites. A strong password should be lengthy and include a mixture of letters and numbers. Your password can only be reset with access to the email address registered in our system.
It might sometimes be necessary for us or our suppliers to transfer your personal information outside of the European Economic Area (EEA) to locations that may not provide the same level of protection as UK data protection laws. However, we will only transfer your personal information out of the EEA if we have put in place appropriate safeguards and protections as stated under UK law for example by the use of a data-transfer agreement incorporating certain standard model protection clauses which have been approved by the European Commission, or if we send to the US pursuant to the Privacy Shield.
10. How can you amend your preferences?
Any electronic marketing communications we send you will include clear and concise instructions to follow should you wish to unsubscribe at any time. You may also amend your marketing preferences by accessing your personal details via your account or by emailing us at email@example.com.
Should you no longer wish to be contacted by us, you can notify us at any time by contacting our Customer Services team on 01923 333256 (within the UK) or +44 1923 333256 (outside the UK) - lines are open Monday to Friday 9.00 to 5.30 or by sending an e-mail to firstname.lastname@example.org.
11. Your personal information rights and how to contact us
You have certain rights under the Data Protection Legislation in relation to the personal information that we hold on you including:
11.1. Right to access: the right to a copy of the personal information we hold about you. We’ll ask you to describe the information you require, as well as letting us know about any other e-mail addresses you’ve used on our Sites, to enable us to trace your personal information. Depending on the nature of your request, we may also ask you for your full name, your date of birth and your full address and documents to allow us to verify your identity. Requests for copies of your personal information will be actioned within one month, unless your request is complicated or if you have made a large number of requests. In these circumstances it may take us longer to deal with your request, in which case we will let you know if we need longer than one month to respond;
11.2. Right to correct: the right to have your personal information rectified if it is inaccurate or incomplete. Requests for us to correct your personal information will be actioned within one month, unless your request is complicated or if you have made a large number of requests. In these circumstances it may take us longer to dealt with your request, in which case we will let you know if we need longer than one month to respond. If we believe that your personal information is accurate, we will let you know that that we will not be amending your personal information and why;
11.3. Right to erasure and to restrict our use of your information: the right to request that we delete or remove your personal information from our systems. Data protection laws give exceptions to this right which, if applicable, we will explain in our response to you;
11.4. Right to restrict our use of your information: In some circumstances you can ‘block’ us from using your personal information or limit the way in which we can use it;
11.5. Right to data portability: the right to request that we move, copy or transfer your personal information;
11.6. Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests or where we use your personal information to carry out profiling to inform our market research and customer demographics. If you raise an objection we will stop processing your personal information unless very exceptional circumstances apply, in which case we will let you know why we’re continuing to process your personal information.
If you are not satisfied with the way any complaint you make in relation to your personal information is handled by us then you may be able to refer your complaint to the relevant data protection regulator, which in the UK is the Information Commissioner’s Office.
12. How long do we keep your personal information?
Generally, you can expect us to keep your personal information while you use the Sites or if you have an active account with us. Where you have applied for or purchased products or services via the Sites we will need to keep your personal information for longer for accounting purposes - up to six (6) years following the date on which it is provided to us.
If, having registered for any of our Services, you do not use them for a reasonable time (which may vary depending on the Service(s) you’ve registered for) we may contact you to ensure you’re still happy to receive communications from us.
If one of our lenders processes your data in order to provide you with a quote they will be acting as data controller but they should only hold that data for so long as is reasonable in relation to providing you with that quote.
Even if you delete or ask us to delete your personal information it may persist on backup or archival media for legal, tax or regulatory purposes.
Please note that this policy will be reviewed and may change from time to time. The revised policy will be posted to this page so that you are always aware of the information we collect, how we use it and under what circumstances we disclose it.
If you feel we have breached your privacy, want us to update your marketing preferences or amend your information, please contact us either:
by post: The Data Controller, Phoenix Financial Consultants Limited, Suite 2.8 Monument House, 215 Marsh Road, Pinner, England, HA5 5NE. or
- by phone: 01923 333 256