Purpose of use and consent
Data collection and storage
Every time the Creditfix website is viewed and used, the following server data, in particular, are saved automatically and kept for 30 days (the list is not exhaustive): IP address; webpage visited; access timestamp; resource requested; files downloaded; The volume of data transmitted; duration of data transmission; country from which the page was accessed; search terms used; name and version of the browser software used. These technical data are used to optimise the website and provide information on how it is used and how visitors inform themselves about Creditfix. The data recorded are collected on an anonymised basis and as a rule, do not allow the individual user to be identified. To this extent, no personal data are processed. If you provide specific information about yourself on a registration page or sign up for a notification service, these personal data are collected directly from the user. This covers all handling of personal data, regardless of the means and procedures used, and in particular the collection, use, storage, application, modification, disclosure, archiving, erasure or destruction of personal data. This is not an exhaustive description. The following personal data can be collected on the basis of the information entered by users on the website: organisation; last name; first name; address; landline and mobile phone number; email address. Personal data from email enquiries will be used only to answer the enquiry in question. Information material, notifications or brochures will be sent to you after you have supplied the required information. The data will be used by the Creditfix only in connection with processing your enquiry. You can object to the sending of information at any time. The relevant personal data will be erased once the regular mailing ends.
Creditfix takes appropriate technical and organisational security precautions (e.g. SSL encryption of Creditfix websites) to protect your personal data from unauthorised access and processing as well as from misuse. When selecting and instructing external service providers, Creditfix makes sure that the recipients of personal data comply with the relevant data protection requirements by taking appropriate technical and organisational measures. Despite regular checks, however, complete protection from all the risks inherent in the internet as a universally accessible medium is not possible.
Protection of minors
People under 18 years of age should not transmit any personal data to Creditfix without the consent of their parents or legal guardians. Creditfix does not request personal data from children or young people. Such data are not knowingly collected and are not passed on to third parties.
Links to websites of other providers
The Creditfix website may contain links to websites of other providers not covered by this data protection policy. Creditfix has no influence on these providers' compliance with the relevant data protection rules. In this respect, the data protection policies of the respective websites must be observed.
Cookies and other technologies when using the Creditfix website
Duration of storage of personal data
The Creditfix stores personal data for as long as necessary to fulfil contractual as well as national and international legal obligations, to pursue business interests, or for the purposes for which processing is used. Personal data may be retained for as long as claims can be asserted against the Creditfix or insofar as the Creditfix is otherwise legally obliged to do so or justified business interests require it. As soon as stored personal data is no longer required, it is erased as far as possible or anonymised.
No automated decision-making
In some cases the Creditfix processes your personal data on an automated basis with the aim of evaluating certain personal aspects, but it does not use automated evaluation tools (profiling).
Rights of data subjects
Data subjects may request information free of charge on whether their personal data are being processed by the Creditfix. In principle, data subjects have the right to object to data processing, the right to have their personal data corrected or erased, the right to restrict data processing and the right to data transferability (so-called data portability). In cases where the Creditfix processes personal data on the basis of consent, this consent can be revoked at any time; however, this has no effect on data processing already carried out. Incorrect data can be corrected upon request. These rights may be restricted by legal or regulatory provisions (e.g. the Creditfix's reporting, archiving or retention obligations).
Changes and amendments
As new technologies are implemented and services are improved for you, changes to this data protection policy may become necessary. The Creditfix may at any time and without prior notice modify this data protection policy and any content on the Creditfix website. The Creditfix therefore recommends that you reread this policy from time to time.
We use social media sites that are accessible to the general public to advertise our services, publish news and promotional updates, and offer updates. If you leave a comment on our Facebook page, for example, we may gather personal data from these social networking sites. You should be aware of the following before sending any information to us through these platforms: - You must not post any personal or special category information on our pages that are accessible to the public, such as your account information. The social media web pages are publicly accessible. In order to identify you and fulfil any requests you make, we can send you a private message asking for your account information; and Any personal information you submit through a social networking platform will be handled in line with that platform's own privacy policies. On each social media platform, the privacy regulations are viewable.
We take the security of your personal information very seriously, and we will continue to take the necessary precautions to preserve its integrity, confidentiality, and accessibility. These steps consist of:
- Security standards and procedures for the company
- security testing and monitoring;
- adherence to industry regulations and laws;
- staff security awareness;
- role-based and access control systems to prevent unauthorised access to the information;
- encryption and anonymization technology;
- security testing and monitoring;
How to reach us regarding our services and how we could contact you
We may contact you by letter, telephone, email, text, push notifications, social media, or by any other electronic means to ensure that you are kept fully informed about the services we provide to you. We may also send you communications through any online customer platforms. You can tell us at any moment that you do not wish to be contacted in a certain method, but if you are using our services, we must be able to communicate with you. Frequently, a legal or regulatory obligation is the cause of this. To make sure that we use your most recent contact information, it is crucial that you keep us informed if your contact information changes.
To access your private data
You have the right to seek a copy of the personal data we may have on file for you from us. It is frequently referred to as a "Data Subject Access Request." You can send an email or a written letter requesting this information. We may request identification or ask sufficient questions to allow us to locate the information and make sure that we're only sending it where you have given your consent before sending this information to you or to another person or business to whom you have requested that this personal information be sent.
Right to request a correction of your personal information
You have the right to ask us to amend any inaccurate personal information we may have on you.
Right to revoke consent to or restrict how we use your data
If we no longer have the right to process your personal information, you have the right to request that it be deleted or that we cease processing it. Due to our commitments under the law or regulations, there may be times when we are unable to erase the data. If you want us to erase your information, we will talk to you about it.
You might be able to ask for your information to be given to you or another business in specific circumstances so that it can be handled electronically by either of you or the other business. You must get in touch with us if you wish to request this.
Debt Management Plans
If you enter into a Debt Management Plan (DMP) with us, it will be provided by Creditfix. In order to provide your Debt Management Plan service we will need to use your personal information as follows:
Contact details such as your full name, current address and any relevant previous addresses, numbers and email address are required so we can set up and negotiate your plan between you and your creditors. We also need these details so we can stay in touch with you throughout your plan and keep you updated on its progress and contact you when necessary.
We may record calls for monitoring, training and quality assurance purposes and to meet our legal and regulatory obligations.
You may communicate with us via our online chat system. We may keep a record of your chat history with us which can help us manage your plan.
We may keep a record of any email correspondence to help us manage your plan.
In order to administer your plan, we will require the following personal information: your DOB, gender, previous names, living arrangements, employment details, marital status, and details of any dependants. We require this information so that we can administer your plan and consider your circumstances and any changes that might take place throughout your plan.
We will use your personal information to authenticate your identity in order to comply with anti-money laundering legislation.
n order to administer your plan, we will require the following financial information: Bank / building society information, details of your creditors/collection agencies including account numbers, reference numbers, statements, balances and payment information and also details of any assets you may have. We require this information so that we can administer your plan, collect payments and negotiate/administer payments to creditors throughout your plan.
Income and expenses
We will need details of your personal financial status including all sources of household income and expenses. This information allows us to determine what you can afford to pay into your Debt Management Plan and to ensure that we set the correct level of payments for both you and your creditors.
Special Category data
In some situations we may need to collect special category information; however, we will not do this without first obtaining your consent at the time. We will only need this information, where it is necessary and in relation to the running of your plan.
Creditor reference agency data
We may ask for consent to perform a credit check on your behalf which will supply us with information on your financial situation and creditor information. If at any time you have any changes in circumstances to the information we hold on you during the term of your arrangement, you must inform us immediately.
Sharing of data in a Debt Management Plan
We will need you to share some of your information with external parties who are involved in your debt management plan. These are: Your creditors and their representatives This includes creditors, their agents, debt collectors, bailiffs and any solicitors who are involved in your Debt Management Plan. This is necessary to allow us to provide the service and also ensure that we comply with regulatory obligations.
We may from time to time need to instruct solicitors to assist with the administration of your plan or to assist us with legal, regulatory and contractual obligations.
Other external parties
We may also share your personal information where we have your consent to do so, or where we are required to do so under a legal or regulatory obligation, for example where we are required to do so by a court order, the police, local authorities or the courts. We might share some of your information with the emergency services if you are in any immediate danger.
How long do we hold data
If you do not proceed with a Debt Management Plan your personal information will normally be deleted after 12 months unless otherwise agreed with you. You have a right to view, amend or request deletion of the information that we hold on you sooner if you wish. You can request this in writing via email or by post. If you enter into a Debt Management Plan, we will keep your information on file to ensure that we provide you with our service and that we comply with our legal and regulatory obligations. Your information will be stored for 6 years from the date of completion of your Debt Management Plan or from the date when you no longer require the use of our service. We cannot delete this data sooner if you request us to do so, because we are required to keep it by law. We will delete your data after this 6-year period. After the 6-year time period, we will delete the information or keep data in an anonymous format so that it cannot be connected back to you.
Further information and contact
The Creditfix is responsible for processing your personal data as described in this data protection policy. If you have any questions about the processing of your data, you can contact the Creditfix at the following address: email@example.com