Who are we?
We are My Debt Plan Limited (referred to as “we”, “us” and “our” within this policy), a company registered in England and Wales registered number 10992838 registered office Blenheim Court, Carrs Road, Cheadle, SK8 2JY. Our ICO registration number is ZB284067 and can be checked at https://ico.org.uk/ESDWebPages/Entry/ZB284067
If you have any questions about our data protection and privacy policies and procedures, we can be contacted by writing to the registered office detailed above, by email to [email protected] or by telephone on 0161 359 4535.
We reserve the right the change, amend or modify this policy as we see fit. Once amended the most current version shall be displayed on our website.
What personal information will we collect and how?
We will only collect information from you that we need in order to provide the service for which you are applying. This includes sufficient information to enable us to perform our legal, regulatory or contractual obligations as required to provide that service.
This will likely include the collection of:
- Personal information in order to identify you such as name, address, date of birth and contact details
- Financial and employment details, including Credit Reference Agency data
- Sensitive personal information (sometimes known as special category data), for example health information. We will only collect this data where necessary and with your specific consent
- Behavioural or technical information such as details of how you browse our website and the types of technology you use to access our website. This information is collected using cookies, for more details on these see below.
We collect information when you use our website, when you speak to us over the phone and when you correspond with us via email or post. Occasionally we may also collect information about you from third parties or publicly available sources.
When you contact us by telephone your call may be recorded for training and monitoring purposes.
How we use your information, the grounds for doing so and why
How we may use your information
What lawful basis we have to use the information
Why we use the information in this way
We may gather your information and process it using approved partners and third parties prior to you deciding whether to engage our services for the solutions we offer.
This is only done with your consent or in order to comply with legal obligations associated with the advice being provided. Where we process special category data we shall only do this with your specific consent.
This is done in order to provide you with advice and appropriate information about the solutions available to you.
We may share information about you with third-party data providers in order to obtain more information in return, for example by utilising open banking or credit reference agency systems.
This is only done with your consent or in order to comply with legal obligations associated with the service being provided.
We have an interest in making our service as user friendly and the least time consuming to you as possible.
If you opt in to receive marketing communications from us we may process your information for the purpose of providing such marketing communications to you.
We will only process your personal information for the purposes of providing marketing communications to you with your consent.
All of our marketing communications are carefully drafted to always be relevant and useful to the intended audience.
If you decide to proceed with a solution we will continue to process your data and may share it with approved partners, third party service providers and other parties (see below). Some of this processing activity may be located outside of the European Economic Area (EEA)
This would be done with your consent under the terms and conditions sent to you for your agreement prior to the engagement. Certain data may require to be processed and shared in order to comply with legal obligations associated with the solution being provided
Without processing your information in this way we would not be able to provide our service to you
We may supply your information to a partner that can provide you with a solution we do not offer
This would only be done with your consent
If you decide to proceed with a solution we cannot offer then by providing your data to a partner that can assist with this it means that you do not have to repeat the full process of providing your information again
We may process and share your personal information with regulatory authorities
This processing of your personal information is necessary so that we can comply with our legal obligations.
This is done in order to comply with our legal/regulatory obligations, for example to adhere to anti-money laundering legislation. We are regulated by the Insolvency Practitioners’ Association and must also meet the rules and requirements that they have in place.
Who do we share your information with?
We may share your information with:
- Your creditors and their representatives
- Other companies within our group
- Third-party service providers, for example
- IT software service providers
- Payment Service companies
- Communication providers
- Claims management companies/Solicitors
- Back office support providers
- Our regulators/professional bodies, including the Insolvency Service and the Insolvency Practitioners’ Association
- Our bond providers/insurers
- Law enforcement and/or fraud prevention agencies
- Any party we may merge with, sell all or part of our business to or a party we may acquire.
- Approved partners that offer alternative solutions
We have strict contractual terms governing how third parties handle your data and what it may be used for. It should only be used for necessary and legitimate purposes, as set out in the table above. We will only provide them with the information they need to perform their specific services.
All third parties are contractually required to keep your personal data secure and confidential and only process it in accordance with the legal obligations set out in the UKs General Data Protection Regulation and the Data Protection Act 2018. This also applies to any third party service providers that may be located outside of the European Economic Area.
What communication you might receive from us
You may receive 2 types of communication from us if you have given your consent:
- Marketing communications offering products or services we feel you may be interested in. You can easily let us know if you wish to opt out from marketing communications at any time by using the contact details above.
- Service communications or communications we are obliged by our regulator to send you from time to time.
How long we hold your information for
If you choose not to proceed with our service after the initial advice has been provided your personal information will normally be deleted after 12 months, unless we have another reason to keep your personal information (for example you have consented to receive marketing information from us).
If you enter into a solution with us we your data will be stored for 6 years following the date on which you last used our services. This is required in order to comply with our legal and regulatory obligations. After this time your data will be deleted.
It is extremely important to us that your information is secure, as such we have in place security measures to protect personal information being accidentally deleted, lost, or accessed by any unauthorised persons.
- You have a right of access, meaning you have a right to know whether we hold your information, if we are processing that information as well as a right to request copies of any information we hold on you and details of any third parties we may have shared it with.
- You have a right of rectification, meaning if you feel we hold any information about you which us incomplete or inaccurate you can request that we rectify this.
- You have a right of erasure, meaning that you can ask us to erase your information. This is also known as the ‘right to be forgotten’. Upon receipt of such a request we shall remove any information about you save for where this is required to comply with a legal/regulatory obligation or to establish/defend a legal claim. In which case you have the right to restriction of processing meaning you can require us to restrict processing where we shall put your information beyond normal use restricting it to the purposes for which it was retained.
- You have a right to data portability, meaning where we process your information with your consent or because it was necessary to provide our service to you then you may request us to move, copy or transfer such information to you or another third party of your choosing in a structured and commonly used machine-readable format.
- You have a right to object, meaning you can object to our processing of your information where we are processing it on legitimate grounds. We will stop processing this information save for where this is required to comply with a legal/regulatory obligation or to establish/defend a legal claim.
- You have a right to withdraw consent, meaning that even where we process your information with your consent you can withdraw this consent at any time. This may mean we are unable to offer our service to you, where this is the case we shall notify you of that.
When you use our website we may store some information on your computer un the form of a commonly used file called a ‘cookie’. These cookies are used to improve the online experience of most websites, including our own.
Some websites set cookies directly (first-party cookies) and some make use of services which set their own cookies (known as third-party cookies). We may make use of these types of cookies for purposes including personalisation of the website for returning customers.
Most internet browsers allow you to erase cookies from your computer, block cookies or give you a warning before a cookie is stored on your device. For further information consult the user guide for your particular browser.