Data protection legislation (which includes the General Data Protection Regulation or GDPR) places obligations on us (Glo) in relation to the way that we handle your personal information. We must process your information fairly and lawfully. This also means you are entitled to know how we intend to use your information. You can then decide whether or not you want to give it to us so that we can provide the product you require. All our employees are responsible for maintaining customer confidentiality. We provide training to all our colleagues to remind them about their obligations. In addition our polices and procedures are regularly audited and reviewed.
Your information will be held by Glo which is a trading name of Provident Personal Credit Limited. Provident Personal Credit is part of the Provident Financial Group, which includes other lending companies such as Vanquis Bank Ltd and Moneybarn Ltd. More information on the Provident Financial Group can be found at www.providentfinancial.com
Glo has a Data Protection Officer to ensure that your personal data is being treated fairly and lawfully and protected at all times. If you need to contact the DPO please email email@example.com, write to The Rights Request Team, 1 Godwin Street, Bradford West Yorkshire BD1 2SU, or call 0800 6944962
We only collect the data we need to provide you with the product or service you require and to administer your account(s) with us. In most cases this will mean that we are processing personal data such as:
Your personal information will be held securely on Provident systems so that we and any other companies in our Group that you have dealings with either now or in the future can manage your relationship with us. This will include information you provide when you apply to us and any additional information provided by you or others in various ways, including but not limited to;
As a business we use data we obtain from you and data we collect about you to perform a number of activities. Under data protection legislation we are only permitted to use your personal information when we have a legal basis that permits us to do so. We set out below an overview of the purposes for which we use your personal information and, in each case, the legal basis that permits us to use that information.
The Provident Group companies as outlined above will share your information amongst each other for the following administrative activities where we have a legitimate business need;
We will undertake this processing under a legitimate business interest. If you were introduced to us by a broker we will give them your contact details and sufficient information to help them with their accounting and administration. Brokers and Introducers sometimes use your information that you provided to them initially to contact you about products and services unless you have asked them directly not to do so.
We will undertake this processing under a legitimate business interest. Glo may in the future wish to sell, transfer or merge part or all of its business assets or to acquire a business. If so, we sometimes disclose your personal information to a potential buyer, merger partner or seller so long as they agree to keep it confidential and to use it only to consider the potential transaction.
We will undertake this processing under a legitimate business interest. We may monitor or record phone calls with you in case we need to check we have carried out your instructions properly, to resolve queries or issues, for regulatory purposes, to help improve our quality or service and to help prevent or detect fraud or other crimes. Conversations may also be recorded for staff training purposes.
We will undertake this processing under a legitimate business interest. Making sure we deliver excellent customer service is important to us and to do this various methods of communication may be used when sending you information about your account. Sometimes this may be by SMS, Email or push notification in your app or log in area. For example this may include sending you reminders or receipts for payments or other information in relation to the administration/servicing of your loan. We will always ensure that we are not putting your data at risk. If you have requested that we email you information relating to your account we will ensure that we have explained the risks of sending an insecure email and that you are happy to accept that risk.
We will undertake this processing under a legitimate business interest. As part of our ongoing commitment to understanding our customers better, we sometimes research comments and opinions made public on social media sites. We sometimes also match information on these sites with the data we hold to undertake behavioural analysis and assist with credit decisioning. The information we collect may also assist use with looking at targeted advertising using Social media.
We will undertake this processing under a legitimate business interest. If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention Agencies. Law enforcement agencies may access and use this information. We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:
We will treat your information as private and confidential, but may share it with other Group companies and only disclose it outside the Group if we are legally obliged to do so or required to do so to satisfy a court order. Examples of this are:
We will undertake this processing to satisfy a legal obligation. Sometimes we will ask you to provide physical forms of identity when you take a product with us. Alternatively we may use information from the CRAs. This type of search is not seen or used by other lenders to assess your ability to obtain credit.
There are a number of activities that we will perform to either use your data to assess you for the product you have requested, to enable us to provide that product and to continue to administer it in line with the credit agreement you sign up to. Some examples of the contractual processing we undertake are;
We will undertake this processing under a contractual requirement. When you apply for credit we use credit scoring. This is or can be an automated system that helps us to understand behaviour and its impact on an individual's likelihood to pay their loan/credit commitments. Credit scoring will take account of information you provide on your application, information already held in the Provident Group about you, data from Credit reference agencies, data obtained from social media sites. Our credit scoring processes are regularly reviewed to ensure they remain fair, effective and unbiased. If you submit an application and it is declined through this automated process, you can contact us to have the decision reviewed. If you need to contact us please email firstname.lastname@example.org, write to Rights Request Team, 1 Godwin Street, Bradford West Yorkshire BD1 2SU, or call 0330 303 7070 0330 303 7070 or 0800 694 7070 and we will review your request and come back to you within 21 days.
We will undertake this processing under a contractual requirement. Your application will be registered on your credit report under the name Provident Personal Credit Limited and we are currently working with Experian, Call Credit and Equifax. If you would like more information on these Credit Reference Agencies (CRA), please visit www.experian.co.uk/crain, www.equifax.co.uk/crain or www.callcredit.co.uk/crain. We will undertake a search with at least two of these agencies when you apply for credit and this will review your records as well as anyone financially associated with you. A footprint will not be left on your credit file, unless you continue to complete a full application. Once you take a product with us, we will report regularly to the CRAs on your payment history. If you fall behind on your payments and satisfactory proposals are not received within 28 days of a formal demand being issued, then a notice may be recorded at the CRAs which could impact your ability to obtain further credit. The information we and other organisations provide to the CRAs may be used by us and them to;
There will be circumstances where we will only process your data if we have your consent to do so. For example, if you provide us with data that is classed as a special category of data such as health information, we will only process this with your permission (unless we feel the processing is necessary to protect your vital interests). You have a right at any time to ask us to stop the processing of that specific data.
Data Protection Legislation defines certain information as special categories (racial or ethnic origin, political opinions, religious beliefs, trade union membership, physical or mental health, sexual life, biometric and genetic data). As part of your ongoing relationship with us we may be provided with such information. We will always ask your explicit consent to process this information (unless we feel the processing is necessary to protect your vital interests). We may share it with other parts of the Provident Group and our subcontractors to keep your records up to date.
Important please read:
You have a number of rights in relation to your personal data. For example you can ask for a copy of your personal data through a Subject Access Request, you can ask for your information to be corrected if it is inaccurate, you can ask for the processing of your data to be restricted whilst we may be resolving an issue, you can ask for your data to be deleted, and you have the right to data portability. See below for further details. If you wish to exercise one of your rights please email email@example.com, write to Rights Request Team, 1 Godwin Street, Bradford West Yorkshire BD1 2SU, or call 0330 303 7070 0330 303 7070 or 0800 694 7070 and we will review your request and come back to you within 30 days.
You have a right to object to any processing activity where the business states it has a legitimate business need to use your data in the way described. If you need to contact us please email firstname.lastname@example.org, write to Rights Request Team, 1 Godwin Street, Bradford West Yorkshire BD1 2SU, or call 0330 303 7070 0330 303 7070 or 0800 694 7070 and we will review your request and come back to you within 30 days.
Data Protection legislation contains a right to data portability that may give you a right in some data processing contexts, to receive your personal data in a portable format when it is processed on certain grounds, such as consent. If you wish for this limited data to be "ported" to another organisation direct, please contact us at email@example.com, write to Rights Request Team, 1 Godwin Street, Bradford West Yorkshire BD1 2SU, or call 0330 303 7070 0330 303 7070 or 0800 694 7070 and we will review your request and come back to you within 30 days.
You have a right of access to a copy of the personal data we hold about you. Please email firstname.lastname@example.org , write to the Rights Request Team, Provident Personal Credit Limited, No 1 Godwin Street, Bradford, BD1 2SU, or call 0800 6944962 0800 6944962 providing as much information as possible to enable us to locate your information. Once we have everything we need to locate your information we will supply this to you within 30 days of this date.
We hope that we provide you with the service you expect in relation to how we manage your personal data . Please contact us if there is anything you are concerned about and we will endeavour to address this. If you are still not satisfied then you have the right to contact the Information Commissioner on 0303 123 1113 0303 123 1113
We use a number of third party companies to help us to manage your account and to deliver the service you expect. Examples of where we may employ the services of a third party are;
We sometimes use third parties based outside the European Economic Area. For example some of our IT administrative activities are supported by third parties based in India and Israel. We will always ensure they will protect your information to EU standards. If we do transfer information outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. We’ll use one of these safeguards:
As a regulated business we are often required to hold personal data for set periods of time. There may also be certain legal requirements to hold onto data. We have a legitimate business need to keep data for a certain period of time. We operate to an approved set of retention schedules which identify the type of data held and for how long. Some of the key retention periods are;