5 Using personal information of Clients
Where a Client or an Organisation furnishes information to us or is engaged in our service:
5.1 Data protection, privacy and security are important to us, and we shall only use any personal information, howsoever, providing to us for specified purposes and shall not keep such personal information longer than is necessary to fulfil these purposes. The following are examples of such purposes. We have also indicated below which GDPR justification applies, however it will depend on the circumstances of each case. At the time of collecting we will provide further information, and you may always ask for further information from us.
5.1.1 To help us to identify the Client. This will normally be necessary for the performance our contract.
5.1.2 To help us to identify accounts, services and/or products which the Client Organisation or Client may avail of from us or selected partners from time to time. We may do this by automatic means using a scoring system, which uses the personal information that has been provided and/or any information we hold about a Client Organisation or Client and personal information from third party agencies (including credit reference agencies). We will only use your information for this purpose if you agree to it.
5.1.3 To help us to administer and to contact the Client and Client Organisation about improved administration of any accounts, services and products we have provided before, do provide now or will or may provide in the future. This will often be necessary, but sometimes the improvements will not be necessary in which case we will ask whether you agree.
5.1.4 To allow us to carry out marketing analysis and customer profiling (including with transactional information), conduct research, including creating statistical and testing information. This will sometimes require that you consent, but will sometimes be exempt as market research.
5.1.5 To help to prevent and detect fraud or loss. This will only be done in certain circumstances when we consider it necessary or the law requires it.
5.1.6 To allow us to contact the Client and Client Organisation by written electronic means (such as email, text or multimedia messages) about products and services offered by us where:
18.104.22.168 these products are similar to those you have already purchased from us,
22.214.171.124 you were given the opportunity to opt out of being contacted by us at the time your personal information was originally collected by us and at the time of our subsequent communications with you, and
126.96.36.199 you have not opted out of us contacting you.
188.8.131.52 To allow us to contact you in any way (including mail, email, telephone, visit, text or multimedia messages) about products and services offered by us and selected partners where you have expressly consented to us doing so.
184.108.40.206 We may monitor and record communications with you (including records of services rendered, phone conversations and emails) for quality assurance and compliance.
220.127.116.11 Before doing that, we will always tell you of our intentions and of the specific purpose in making the recording. Sometimes such recordings will be necessary to comply with the law. Alternatively, sometimes the recording will be necessary for our legitimate interest, but in that case we will only record the call if our interest outweighs yours. This will depend on all the circumstances, in particular the importance of the information and whether we can obtain the information another way that’s less intrusive.
18.104.22.168 If we think the recording would be useful for us but that it is not necessary we will ask whether you consent to the recording, and will provide an option for you to tell us that you consent. In those situations, if you don’t consent, the call will either automatically end or will not be recorded.
22.214.171.124 When it is required by law, we will check your details with fraud prevention agencies. If you provide false or inaccurate information and we suspect fraud, we intend to record this.
5.2 We will not disclose personal information relating to a Client to any third party except in accordance with this Notice, and in particular in these circumstances:
5.2.1 They will be processing the data on our behalf as a data processor (where we will be the data controller). In that situation, we will always have a contract with the data processor as set out in the GDPR. This contract provides significant restrictions as to how the data processor operates so that you can be confident the data of the Client is protected to the same degree as provided in this Notice.
5.2.2 Sometimes it might be necessary to share data with another data controller. Before doing that we will always tell the Client. Note that if we receive information about the Client from a third party, then as soon as reasonably practicable afterwards we will let you know; that’s required by the GDPR.
5.2.3 Alternatively, sometimes we might consider it to be in the interest of the Client to send information to a third party. If that’s the case, we will always ask for the Consent of the Client before sending.
5.3 Where the Client give us personal information on behalf of someone else (to include a family member), the Client confirms that the Client has provided them with the information set out in this Notice and that the Client have not objected to such use of their personal information.
5.4 In connection with any transaction which we enter into with the Client Organisation:
5.4.1 If you provide false or inaccurate information to us and we suspect fraud, we will record this and may share it with other people and organisations. We, and other credit and insurance organisations, may also use technology to detect and prevent fraud.
5.4.2 We may need to transmit the payment and delivery information provided by you during the order process for the purpose of obtaining authorisation from your bank.
5.5 We may allow other people and organisations to use personal information we hold about the Client in the following circumstances:
5.5.1 If we, or substantially all of our assets, are acquired or are in the process of being acquired by a third party, in which case personal information held by us, about our customers, will be one of the transferred assets.
5.5.2 If we have been legitimately asked to provide information for legal or regulatory purposes or as part of legal proceedings or prospective legal proceedings.
5.5.3 We may employ companies and individuals to perform functions on our behalf and we may disclose your personal information to these parties for the purposes set out above, for example, for fulfilling orders, delivering packages, sending postal mail and email, removing repetitive information from customer lists, analysing data, providing marketing assistance, providing search results and links (including paid listings and links), processing credit and debit card payments and providing customer service. Those parties will be bound by strict contractual provisions with us and will only have access to personal information needed to perform their functions, and they may not use it for any other purpose. Further, they must process the personal information in accordance with this Notice and as permitted by the GDPR. From time to time, these other people and organisations to whom we may pass your personal information may be outside the European Economic Area. We will take all steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this Notice and the GDPR.