This policy should be read carefully along with our Terms & Conditions; by accessing our website you confirm that you have read, understood and agreed to them. By using and browsing our website, you consent to cookies (where appropriate) being used in accordance with our Cookies Policy. If you do not consent, you must disable cookies or stop using our website.
How we collect your information
The personal information taken such as name, address, date of birth, email address, country of birth, passport details, driving licence details and other identifying information is obtained when you open an account for the supply of services, transact either in branch or online or if you are being employed by any of the NoteMachine Group of companies.
How we use your information
All employees of the Company are subject to the pre-employment checks such as references and may be subject to credit scoring, SIA licence and DBS checks. These checks are conducted due to the nature of risk associated with the type of business that we operate and that we operate within a highly regulated industry.
Registration and administration
We use your information to enable you to register your interest with us and, once your registration is complete, for the administration of your account, to contact you, to update our records about you, and to respond to and process your queries and requests. All personal information is checked against an independent system that reviews the electoral register and other databases to validate your identity. All data that we collect is held on servers located within the EEA and are kept secure and personal and sensitive data is only accessed by authorised personnel.
Group Privacy Notice
Data Protection Notice Page 2 of 6 1 June 2018 vs 1.2
Our products and services
NoteMachine Group use your personal information so that we can provide you with products and services which you use, may be relevant, similar products or services which we think may be of interest to you and to meet our contractual obligations to you. This may include information concerning promotions or offers which could benefit you. We also use your information to notify you about changes or developments relating to our products and services that you use.
We might contact you by mail, telephone, email, or text unless you have asked us not to. If you are a registered customer, we may also display personalised advertising to you when you use our online account service and mobile app. You can change your preferences at any time by calling us, writing to us, contacting your local branch or by updating them online. If you do opt out, you may still see some generic, non-personalised advertising when you are using our online services.
We will not provide information about you to companies outside our Group to use for their own marketing purposes unless you have given us your consent to do so.
We record and may monitor and use transcripts of our telephone calls with you in case we need to check we have carried out your instructions correctly, to resolve queries or issues, for regulatory purposes, to help improve the quality of our service and to help to detect or prevent fraud or other crimes. Conversations may also be monitored for staff training purposes.
We may share your information with other members of the NoteMachine group of companies where we need to do so to provide you with any of the products or services you have requested or where you have asked us to do so.
We may share your information with anyone (for example, an agent) who you have told us or who we are otherwise aware is acting on your behalf, or who introduces you to us, or who you have asked us to contact.
Group Privacy Notice
Data Protection Notice Page 3 of 6 1 June 2018 vs 1.2
Prevention and detection of crime
NoteMachine Group and our products and services are subject to the Money Laundering Regulations 2007 and regulation by HM Revenue and Customs. Some of our products and services are also subject to regulation by the Financial Conduct Authority ("FCA"). We may be required by the Money Laundering Regulations 2007, by HM Revenue & Customs, by the FCA or other regulatory bodies, by the Police or other law enforcement agencies (for example, in connection with criminal prosecutions, money laundering or fraud investigations), by order of a court or otherwise by law to use your information in the detection, prevention or prosecution of crime, tax evasion, fraud or audit purposes.
Credit controls or debt collection agencies
We may share your information with credit control or debt collection agencies, for example, if you owe us money and we engage their services to recover it from you.
On a business sale or purchase
If we decide we want to sell our business or receive an offer to buy our business we may have to share your information with a prospective purchaser and their legal, financial or other advisers. In these circumstances, we will take appropriate steps to ensure that your information is properly protected.
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless explicitly requested by you. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. You may sometimes ask us about, or we may sometimes ask you if you are interested in, products or services which we are unable to provide but which someone else we know (“NoteMachine Group contact”) may be able to provide (for example, travel or financial services). We will never pass your information to a NoteMachine Group contact unless you have asked us to do so. Please note that we are not responsible for and cannot be liable to you for any products or services of any NoteMachine Group contact or any acts or omissions of any NoteMachine Group contact.
Your information will be passed to third parties for the purpose of validating identity and for the completion of credit references and DBS checks for employees of NoteMachine Group of companies.
Data Protection Act and your details
We are required to handle information which we hold about you that is capable of identifying you (either alone or with any other information we may hold about you) in accordance with the Data Protection Act 2018 (“the Act”), which regulates the use of “personal data” in the United Kingdom.
Group Privacy Notice
Data Protection Notice Page 4 of 6 1 June 2018 vs 1.2
You have the right under the Act to ask us in writing (Subject Access Request) for details concerning the "personal data" we hold about you, including a description of that data, the purposes for which it is being used and to whom that data has been or may be disclosed. We may charge you an administration fee for providing additional copies of information and depending on the volume requested.
The personal and sensitive information that we hold about should be accurate and kept up to date. Please keep us informed of any changes to your information and please be assured that you can delete or correct any information either by visiting your account online, email or writing to the Data Protection Officer (details can be found in the ‘How to Contact Us’ section of this policy).
NoteMachine Group will retain your details for as long as they are needed for the relevant purposes listed under the ‘How we use your data’ and the ‘Data Sharing’ section of this notice. The Company may also retain certain records for other legitimate reasons (including after your relationship with the Company has ended), for example to resolve any potential disputes, cross-check against future applications and to comply with other reporting, legislative and retention obligations.When your personal information is no longer needed as defined by our Retention Policy it will be permanently deleted from our databases.
Information Sharing Outside of the UK
The nature of our products and services means that we may need to share your information with people or businesses based in countries outside of the United Kingdom. All countries in the European Economic Area (EEA), which includes the UK, have similar standards of legal protection for your personal information. We may run your accounts and provide other services from centres outside the EEA (such as the USA and India) that do not have a similar standard of data protection laws to the UK. If so, we will require your personal information to be protected to at least UK standards. We may process payments through other financial institutions such as banks and the worldwide payments system operated by the SWIFT organisation if, for example, you make a CHAPS payment or a foreign payment. Those external organisations may process and store your personal information abroad and may have to disclose it to foreign authorities to help them in their fight against crime and terrorism. The countries to which we may need to send your information would normally be obvious to you. For example, if you have instructed us in connection with a purchase of a property in France then we will usually be dealing with people or businesses based in France (which may include banks, lawyers and estate agents) that are connected with the purchase in order to fulfil our contractual obligations to you. In many instances we will be dealing with people or businesses which you have asked us to deal with or who you already know or who already know you.
If these are based outside the EEA, your personal information may not be protected to standards similar to those in the UK.
Group Privacy Notice
Data Protection Notice Page 5 of 6 1 June 2018 vs 1.2
We use industry-standard products to protect your personal data held on our servers and ensure that any third parties, with whom we share your information, has the same level of protection.
Children’s Online Privacy Protection Act Compliance
We are in compliance with the requirements of COPPA (Children’s Online Privacy Protection Act) and we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.
Automated decision making
Whilst we currently use some automated systems that are designed to assist us in identifying individuals for employment and transacting purposes we ensure that any automated decision is always reviewed by the business and arbitrated with human intervention.
In general, you can visit NoteMachine Group websites without identifying who you are or revealing any information about yourself. However, cookies are used to store small amounts of information on your computer, which allows certain information from your web browser to be collected. Cookies are widely used on the internet and do not identify the individual using the computer, just the computer being used. Cookies and other similar technology make it easier for you to log on to and use our websites during future visits.
Changes to our policy
This policy replaces all previous versions and is correct as of November 2017. We reserve the right to change the policy at any time. You should check our website periodically for any changes which may affect you.
Your right to lodge a complaint with us and the supervisory body
If you are unhappy with any response to a Subject Access Request or to how you believe your data is being handled by the Company after we have tried to resolve your concerns
Group Privacy Notice
Data Protection Notice Page 6 of 6 1 June 2018 vs 1.2
then you have the right to take your complaint to the relevant supervisory body. You can find out more about the Act and your rights by visiting the website of the Information Commissioner at https://ico.org.uk. The Information Commissioner's Office can also be contacted by telephone on 0303 123 1113.
How to contact us
© 2017 NoteMachine Group | Registered in England & Wales
Registered Office: Russell House, Elvicta Business Park, Crickhowell, Powys, NP8 1DF
NoteMachine – Registered No: 01359357 Eurochange – Registered No: 2519424
This policy was approved by the Board of Directors and is issued on a version controlled basis under the signature of the Chief Executive Officer (CEO).