Privacy Policy

Privacy Notice – Woods Whur 2014 Ltd

1. Background

This privacy notice lets you know what happens to any personal data that you give to us, or any that we may collect from or about you. It applies to all services and instances where we collect your personal data.

This privacy notice applies to personal information processed by or on behalf of Woods Whur 2014 Limited.

2. Changes to this Privacy Notice

We may change this privacy notice from time to time by updating this page in order to reflect changes in the law and/or our privacy practices. We encourage you to check this privacy notice for any changes whenever you visit our website www.woodswhur.co.uk.

3. Woods Whur 2014 Ltd and our Data Protection Officer

We are Woods Whur 2014 Limited, St James House, 28 Park Place, Leeds, LS1 2SP. We are a data controller of your personal data.

We have a dedicated data protection officer (“DPO”). You can contact the DPO using the details below or by writing to the above address, marking your communication for the attention of the DPO.

4. What kinds of personal information about you do we process?

Personal information that we will process in connection with all of our services, if relevant, includes:

  • Personal and contact details, such as title, full name, contact details and contact details history;
  • Your date of birth, gender and/or age;
  • Your nationality;
  • Records of your contact with us, if you get in touch with us online using our online services or via telephone;
    Payment information;
  • Marketing to you and analysing data, including history of those communications, whether you open them or click on links, information about services we think you may be interested in and analysing data to help target offers to you that we think are of interest or are relevant to you;
  • Information we obtained from third parties, including but not limited to courts, local authorities, police, government departments, agencies and your employer;
  • Personal information which we obtain from Credit Reference Agencies and Fraud Prevention Agencies, including public (for example, defaults, CCJs) and shared credit history, financial situation and financial history;
  • Information, including details of money you owe;
  • Criminal records information, including alleged offences;
  • Information about your employment status, if relevant to the service we provide;
  • Information about your property occupier status, such as whether you are a tenant, live with parents or are an owner occupier of a property;
  • Your residency and/or citizenship status, if relevant, such as your nationality, your length of residency in the UK and/or whether you have the permanent right to reside in the UK;
  • Your marital status, family, lifestyle or social circumstances, if relevant to the service we provide; and
  • Tax information, if relevant to the service we provide.

5. What are the sources of your personal information?

We will collect personal information from the following general sources:

  • From you directly;
  • Information generated about you when you use our services;
  • Business partners (for example, financial services institutions, insurers) or others who are a part of providing our services; and
  • From other sources such as Fraud Prevention Agencies (“FPAs”), Credit Reference Agencies (“CRAs”), other lenders, HMRC, DWP, publically available directories and information (for example, telephone directory, social media, internet and news articles), debt recovery and/or tracing agents, other organisations to assist in the prevention and detection of crime, police and other law enforcement agencies.

6. What do we use your personal data for?

We use your personal data, for the following purposes:

  • The provision of legal services;
  • Updating your records, tracing your whereabouts and recovering any debt;
  • Managing any aspect of the services we provide;
  • To improve the operation of our business;
  • For management and auditing of our business operations, including accounting;
  • To carry out checks at CRAs and FPAs;
  • To monitor and to keep records of our communications with you and our staff;
  • For direct marketing communications and related to profiling to help us offer you relevant services, including deciding whether or not to offer you certain products and services. We’ll send marketing to you by email, phone, post and social media;
  • To develop new services and to review and improve current services;
  • To comply with legal and regulatory obligations, requirements and guidance;
  • To provide insight and analysis of our services to clients for ourselves to help in providing our services, helping us improve our services, or to assess or improve the operating of our business; and
  • To share information, as needed, with business partners (for example, financial services institutions and insurers) as part of providing and administering our services or operating our business.

7. What are the legal grounds for our processing of your personal information (including when we share it with others)?

We rely on the following legal bases to use your personal data.

7.1 Where it is needed to provide you with our services:

  • Managing, and any activities relevant to managing, the services we provide;
  • Updating your records; and
  • Sharing your personal information with third parties as part of the requirements of your instructions to progress a particular matter.

7.2 Where it is in our legitimate interests to do so, such as:

  • Managing your matter(s), updating your records;
  • To follow guidance and recommended best practice of government and regulatory bodies;
  • For management and audit of our business operations, including accounting;
  • To carry out searches at CRAs;
  • To carry out monitoring and to keep records of our communications with you and our staff;
  • To administer our good governance requirements;
  • For direct marketing communications and related profiling to help us to offer you relevant services; and
  • Where we need to share your personal information with people or organisations in order to run our business or comply with any legal and/or regulatory obligations.

7.3 To comply with our legal obligations:

  • Legal obligations under regulatory bodies; and
  • Legal obligations under common law and/or legislation.

7.4 With your explicit or implied consent:

  • For some direct marketing communications; and
  • In some instances of our processing of special categories of personal data and criminal records information.

7.5 For a public interest, such as:

  • Processing of your special categories of personal data such as about your criminal records information (including alleged offences).

7.6 Performance of a contract:

  • Performing the contract for our services; and
  • Performing a contract on your behalf as your agent.

8. When do we share your personal information with other organisations?

For the purposes listed above, we may share information with the following third parties:

  • Business partners (for example, financial service institutions and insurers);
  • Governmental and regulatory bodies such as HMRC, Solicitors Regulatory Authority and the Information Commissioner’s Office;
  • Other organisations and businesses who provide services to us such as debt recovery agencies, backup and server hosting providers, IT software and maintenance providers, document storage providers and suppliers of other back office functions; and
  • CRAs and FPAs.

9. How and when can you withdraw your consent?

When we are relying upon your consent to process personal data, you can withdraw this at any time by contacting us at the address detailed at paragraph 18 below.

10. Is your personal information transferred outside the UK or the EEA?

We are based in the UK which is where we conduct most of our business. It will be rare for your personal information to be transferred outside the UK or even the EEA. If a situation arises when your personal information needs to be transferred outside the EEA, we will notify you before your personal information is sent.

11. How do we share your information with CRAs?

We sometimes perform credit and identity checks on you with one or more CRAs. To do this we will supply your personal information to CRAs and they will give us information about you.

We will use your information to:

  • Verify the accuracy of the data you have provided to us, if necessary;
  • Prevent criminal activity, fraud and money laundering;
  • Manage your relationship with us; and
  • Trace and recover debts.

We may continue to exchange information about you with CRAs while you have a relationship with us. This information may be given to other organisations by CRAs.

When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by others.

12. What should you do if your personal information changes?

You should inform us as soon as possible, so that we can update our records. We will then update your records.

13. Do you have to provide your personal information to us?

We are unable to provide you with our services if you do not provide certain information to us. In cases where providing some personal information is optional, we will make this clear to you.

14. Do we do any monitoring which involves processing of your personal information?

In this section monitoring means any: listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, emails, text messages, social media messages, in person (face to face) meetings and any other communications.

We may monitor where it is permitted by law, where we are required to by law, where we are required to comply with regulatory rules, to prevent or detect crime, where it is in the interests of protecting the security of our communications systems and procedures or for quality control and staff training purposes. This information may be shared for the purposes described above.

15. For how long is your personal information retained by us?

Unless we explain otherwise to you, we will hold your personal information based on the following criteria:

  • For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations;
  • For as long as you or we provide services to you and then for as long as someone could bring a claim against us; and/or
  • Retention periods in line with legal and regulatory requirements or guidance.

16. What are your rights under data protection laws?

Here is a list of the rights that all individuals have under data protection laws. They do not apply in all circumstances. If you wish to use any of them, we will explain at that time if they are engaged or not. Yours rights are:

  • The right to be informed about the processing of your personal information;
  • The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed;
  • The right to object to processing of your personal information;
  • The right to restrict processing of your personal information;
  • The right to have your personal information erased (the “right to be forgotten”);
  • The right to request access to your personal information and to obtain information about how we process it;
  • The right to move, copy or transfer your personal information (“data portability”); and
  • Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you.

You have the right to complain to us directly using the contact details below or alternatively, to the Information Commissioner’s Office https://ico.org.uk, which is the organisation that enforces data protection laws in the UK.

17. What are your marketing preferences and what do they mean?

We may use your home address, phone numbers, email address and social media or digital channels (for example, Facebook, Google and message facilities in other platforms) to contact you according to your marketing preferences. You can stop our marketing at any time by contacting us using the details below or by following the instructions in the communication.

18. How do we use Sensitive Personal Information?

“Special categories” of personally sensitive personal information require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We may process special categories of personal information in the following circumstances:

  • In limited circumstances, with your explicit written consent;
  • Where we need to carry out our obligation and duties as an employer;
  • Where it is need in the public interest, such as for equal opportunities monitoring; and
  • Where it is needed to assess your working capacity on health grounds, subject to appropriate confidentiality safeguards.

Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.

19. Contact us

If you have any questions about this privacy notice, or if you wish to exercise your rights or contact the DPO, you can contact us by writing to Woods Whur 2014 Limited, St James House, 28 Park Place, Leeds, LS1 2SP, marking it for the attention of the DPO.