This policy was last updated on 1st August 2022.
Welcome to the Infinian Products and Services privacy policy.
Infinian Data Solutions Limited respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.
This privacy policy is provided in a layered format so you can click through to the specific areas set out below. Please also use the Glossary to understand the meaning of some of the terms used in this privacy policy.
1. IMPORTANT INFORMATION AND WHO WE ARE
2. THE DATA WE COLLECT ABOUT YOU
3. HOW IS YOUR PERSONAL DATA COLLECTED?
4. HOW WE USE YOUR PERSONAL DATA
5. DISCLOSURES OF YOUR PERSONAL DATA
1. IMPORTANT INFORMATION AND WHO WE ARE
Who are Infinian?
Infinian Data Solutions Limited provides highly insightful data with a focus on the financial services sector, gaming sector, fintech companies and some of the largest global data businesses and credit bureaux.
Typically, our customers use the products and services that Infinian can provide so they can verify the information that you give to them about yourself. The Products and Services do this by matching third party reference data (which we receive from data suppliers) against the data you give about yourself to our customers.
Purpose of this privacy policy
Infinian Data Solutions Limited is the controller and responsible for your personal data (collectively referred to as "Infinian", "we", "us" or "our" in this privacy policy).
Infinian take the protection and security of your personal data very seriously. This privacy notice sets out the personal information we collect and process about you through our products and services, the purposes of the processing and how you can exercise your privacy rights.
You may be reading this privacy policy because of a hyperlink provided by one of our third-party data suppliers, customers or you may have another reason to seek more information on processing in relation to our products and services.
Where we collect personal information from you directly, for example, through our website or because you have applied for a job with us, please see our Website Privacy Notice
Our customers and data suppliers will have a lawful reason for processing your data and will have a separate relationship with you. They are separately required to provide you with information (for example through their own privacy notice) about how they collect and process your data.
We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the DPO OR compliance department using the details set out below.
Contact details
If you have any questions about this privacy policy or our privacy practices, then please send an email to our Compliance Team at: [email protected], or our Data Protection Officer at [email protected]
Alternatively, you can write to our Compliance Manager or Data Protection Officer at the following address:
Infinian Data Services Limited
Glasshouse
Alderley Park
Nether Alderley
Cheshire
SK10 4ZE
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Changes to the privacy policy
We keep our privacy policy under regular review. The latest date that the privacy policy as updated can be found above.
2. THE DATA WE COLLECT ABOUT YOU
The type of personal information we collect about you includes, but is not limited to, your: name, current and previous addresses, residential status, date of birth, email address, telephone numbers (home, mobile, work), number of dependants, employment status, income and expenditure details, bank account and sort code, CRA data, IP address, device type and loan outcome data.
We do not collect any personal information from children, or about children, nor do we collect sensitive or special category data
3. HOW IS YOUR PERSONAL DATA COLLECTED
As explained above under "Important Information and Who we Are", we receive personal data about you from our Customers (see Third Parties listed below) and Data Suppliers (See Glossary).
4. HOW WE USE YOUR PERSONAL DATA
We will collect personal information where the processing is in our or our customer’s legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. These include legitimate business interests which provide a societal benefit, such as preventing fraud, protecting vulnerable customers, crime prevention and detection.
We may share your personal data with the parties set out below for the purposes set out in the table:
|
Purpose |
Examples (non exhaustive) |
Lawful Basis |
|
Tracing, verification and validation of identity |
1) The tracing of individuals for the purpose of debt collection, national security, crime prevention and detection, fraud prevention and anti-money laundering processes and asset reunification. 2) Checking of identities. 3) Age verification and authentication services. 4) Individual reference or lookup services. 5) Know your customer due diligence services |
Legitimate interest of:
|
|
Credit and risk management |
To assist a Bank or other financial institution you have a relationship with in enhancing and validating the data and information they hold about you. For example, to detect fraud and/or confirm the accuracy of your data or to provide propensity to pay and credit risk reporting.
|
Legitimate interest of:
|
|
Affordability |
To assist a company you have a relationship with and/or other financial institutions with reporting services that may assist them with ascertaining affordability risk including financial vulnerability. To assist companies in discharging their legal and regulatory obligations around affordability. |
Legitimate Interest of: 1. developing ours and the third parties’ business; 2. the third party being able to make informed credit decisions in respect of a customer’s affordability criteria and discharge their regulatory obligations in respect of the same. |
|
Data enhancement |
To assist a company you have a relationship with to reconnect with you by updating and improving the accuracy of existing information. |
Legitimate interest of:
|
|
Analysis in order to develop products and services |
To carry out research such as analysis of market trends and customer demographics, profiling and to customise and develop the product/service which the customer may offer to you or other individuals in the future. For example, providers of insurance products and services to assess insurance risk, pricing, underwriting, fraud assessment and identity verification. This may include the anonymisation of your personal information for such analysis. |
Legitimate interest of:
|
|
Identification of Vulnerability |
To assist companies in discharging their legal and regulatory obligations around both general and financial vulnerability, obligations can vary dependant on sector. Examples include: assisting gaming companies in complying with responsible gaming legislation to identify customers who may fall into the definition of a vulnerable customer and financial institutions in respect of the FCA definition of a vulnerable person. |
Legitimate interest of:
|
The Third Parties who may use your personal data for all or some of the above purposes are listed below:
TransUnion (formerly Call Credit) - TransUnion will use your personal information for analysing and modelling your personal Information (such as predicting information about you), to help you to be traced if important information or assets should be returned to you. They may also use your data in a similar manner to aid debt recovery. The data may also be used to prevent fraud by helping to identify you (for instance when applying for new products). TransUnion may also provide the data (including the modelled data) to other organisations to aid the assessment and pricing of credit, insurance and similar financial products for you, in particular when very little other data is available. In addition, the data may be used for the prevention or detection of crime, the apprehension or prosecution of offenders, or the assessment or collection of a tax or duty or an imposition of a similar nature.
If you do not wish for your data to be used this way by TransUnion then please contact us. For details of the TransUnion privacy policy, click here.
We may also use the data for our own purposes as outlined below
|
What we use your personal information for |
Further detail |
Lawful basis we rely upon |
|
To improve our business and develop and improve the ways we serve our customers. |
Extract certain information for the purpose of generating statistics for our own internal purposes (including credit and/or behaviour scoring, and market product analysis). Develop and manage products and services.
|
|
5. DISCLOSURES OF YOUR PERSONAL DATA
We also may share your personal data with the parties set out below for the purposes set out in the table ‘Purposes for which we will use your personal data’ above.
Your personal information is stored on our secure servers in the UK. We do not transfer your personal data outside the UK.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
The amount of time we hold your information depends on the reason it was provided. Your data will not be kept indefinitely and will only be kept for as long as is required for legitimate business reasons (for example to provide you with our Services or for the other reasons we explained above) and in order for us to comply with our legal and regulatory obligations.
The personal information we receive when you make an application (whether on our website or which comes to us via one of the websites of our affiliates) is kept for a minimum of six years, which will commence at the end of the relationship. We are required to do so to ensure that if any disputes or complaints are raised, we have your information to enable us to address the complaints or disputes.
To request details relating to your personal data retention, please use the contact details here.
You have the following rights regarding the processing of your personal data, given to you through legislation:
The right to be informed
You have a right to be informed about how your personal data is processed in a concise, transparent, intelligible and easily accessible manner, written in clear and plain language, that is free of charge. This is the purpose of this Privacy Policy.
The right of access
You have the right to obtain confirmation that your data is being processed and to have access to that personal data. You can request this using the contact details here .
The right to rectification
You have the right to have your personal data rectified if it is incorrect or incomplete and we must notify any third parties that we have shared your data to do the same. You can request this using the contact details here .
The right to erasure
You have a “right to be forgotten”, or to have your personal data erased and to prevent processing. The right is not absolute and in certain circumstances this may not be possible (for example where we have to keep your personal data for legal or regulatory reasons). We must notify any third parties that have been shared your data of your request. You can request this using the contact details here.
The right to restrict processing
You have the right to ‘block’ or suppress the processing of your personal data. This does not stop the storing of your personal data, as it may be required to restrict processing in the future. We must notify any third parties that have shared your data of your request. You can request this using the contact details here .
The right to data portability
You have the right to obtain and reuse your personal data for your own purposes across different services in a safe and secure way, without hindrance to usability. You can request this using the contact details here .
The right to object
You have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics. You can request this using contact details here .
Rights in relation to automated decision making and profiling
You have a right to object to automated decision making, to express your point of view, ask for human intervention, and to be provided with an explanation of the decision with your option to challenge it. You can request this using the contact details here .
The right to withdraw consent
If you have given us explicit consent to process your personal data you have a right to withdraw that consent at any time, including but not limited to the removal of consent to be contacted for marketing purposes. You can request this using the contact details here .
The right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with us directly and / or with a supervisory authority. In the UK the relevant authority is the Information Commissioner’s Office (ICO). You can find their contact details here .
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
LAWFUL BASIS
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.
Data Suppliers means our group companies, namely Monevo Limited, Loan Marketing Limited T/A Credit Engine, Credit Intelligence Limited T/A Credito and other third party data suppliers from the consumer credit sector including digital marketing companies serving this sector.
External Third Parties