Effective: 07 January 2019
PayPlan Bespoke Solutions Limited is an Insolvency Practice who provide Individual Voluntary Arrangements (IVAs) to consumers and we’re committed to protecting your privacy.
We want to make it easy for you to find out how we use your information.
We’ve tried our best to explain things in a simple and clear way and welcome your questions and comments on this policy.
We know that there’s a lot of information here, but we want you to be fully informed about your rights, and how PayPlan Bespoke Solutions Limited uses your data.
The following data privacy notice explains the circumstances in which PayPlan Bespoke Solutions Limited will collect personal data from you, why it is being collected, how we will use it and to whom we might disclose it to if necessary.
PayPlan Bespoke Solutions Limited will collect information that is needed to set up your Individual Voluntary Arrangement (IVA).
PayPlan Bespoke Solutions Limited is part of the Totemic (2014) Holdings Limited group of companies.
The Data Controller
PayPlan Bespoke Solutions Limited is committed to complying with the UK’s Data Protection law and the EU General Data Protection Regulation (GDPR) for the protection of personal data, as well as the principles of data security in the configuration of our services.
If you have any questions about this privacy notice or how we use your personal data, please contact:
Group Data Protection Officer – Dale Stringer
Totemic (2014) Holdings Ltd
PO Box 9562
Lincolnshire. NG31 0EA
Phone: 0208 626 9456
What data is being collected and processed?
In order to enter into an agreement with PayPlan Bespoke Solutions Limited we will collect, store and use elements of your personal data. We are obliged to process personal data to comply with the law and have a legal duty to do so as set out in the insolvency Act 1986 (as amended), the Insolvency (Northern Ireland) Order 1989 (as amended) and the Insolvency Rules 2016 (as amended).
In addition, the processing of this personal data is a contractual requirement and is necessary by PayPlan Bespoke Solutions Limited in order to administer your IVA and to provide the products and services you have requested from us.
When you approach PayPlan Bespoke Solutions Limited, we may recommend possible solutions through other providers (either within the Totemic Group of companies or through an external source).
To help with setting up your IVA, PayPlan Bespoke Solutions Limited will usually need you to disclose to us certain information, including the following:
- title, first name, last name
- full address, including postcode
- date of birth
- email address
- landline telephone number and mobile number
- employment details
- VAT and National Insurance number, if needed
- tax returns/company accounts, if needed
- monthly income, expenditure and creditor details
- bank account details
- partners details and those living with you
- details of assets – such as property, cars, caravans, investments etc.
- passport/driving licence to verify your identity
- legal notices – such as County Court Judgments
- mental and physical health information where it may impact your arrangement
- access to your credit score/account
- information about your personal circumstances
Any personal data we collect from you will be stored and transferred in line with the requirements of the General Data Protection Regulation (GDPR).
Cookies are small files which are stored on your device when browsing websites. When you visit our website temporary data about your visit is stored. This information helps us to better understand how our site is used, including the number of visitors we have, the pages viewed per session and the time spent on pages. This in turn helps us to provide you with a better experience, since we can evaluate the level of interest in the content of our website and tailor it accordingly.
The following data is collected and stored by PayPlan Bespoke Solutions Limited until deletion:
- IP address of the accessing computer/device
- date, time and duration of your visit
- name and URL of the accessed pages
- identification data of the browser and operating system used
- website from which the data was accessed
- name of your internet service provider
The nature and content of the information collected via cookies differs, as does the period for which this information is retained. In line with our data protection obligations, we will ensure that this retention period is not excessive, and that the data is only retained for as long as is necessary for the purpose for which it was collected.
PayPlan Bespoke Solutions Limited uses different types of cookies to help improve your online experience, these include:
- Website usability and functionality: cookies allow you to move around the different pages of the websites without retyping in any previously typed information. They also help us to guarantee your security or predict how our website will perform during your visit.
- Website analytics:allow us to note which pages of the websites you visit and how you browse. This allows us to know how many people visit our website and see which pages are visited, as well as log any page errors you experience. These cookies do not collect any personal information that could identify any individual visitor to our websites.
- Website analytics: are linked to third parties such as Twitter, Facebook and Google, and when a link is clicked, they may later be used by those organisations to pass information about your browsing to other marketing agencies. As a result, these agencies may place adverts that you may be of interest to you when you visit other websites.
Should you also wish to opt out of Google Analytics tracking across all websites please visit http://tools.google.com/dlpage/gaoptout
Marketing and other communications
If you have chosen to opt-in to our direct marketing communications, we will use your information to tell you about products and services available from us which may be of interest to you. We may also use your information to tell you about products and services which we can introduce from selected businesses.
To help us understand if our emails are relevant, we often receive a confirmation when you open an email from PayPlan Bespoke Solutions Limited if your computer supports such capabilities, where you have explicitly opted in to this service.
You have a right to opt-out of our direct marketing communications at any time (provided they are not specific to the functioning of any plan with us). You can opt-out simply by emailing firstname.lastname@example.org
Links to websites of other providers third parties
Please note that this data privacy notice only applies to PayPlan Bespoke Solutions Limited and we are not responsible for, and have no control over, information that is submitted to or collected by third parties, such as those where our website may provide links and banner advertisements to third party sites. Since we do not control those websites, you are responsible for reviewing and abiding by the privacy policies of these third party sites to ensure they comply with the applicable data protection regulations.
How long will the data be stored for?
Where possible, PayPlan Bespoke Solutions Limited will take steps to erase any personal data that is no longer necessary for the purposes for which it is collected or otherwise processed, or if you have withdrawn consent for its processing and retention.
As a general rule, if you enter into or took steps to enter into a contract, including receiving debt advice, PayPlan Bespoke Solutions Limited will store the data for period of six years after the end of your IVA for compliance with our general legal obligations.
We may keep your data for more than six years if we cannot delete it for legal, technical or regulatory reasons.
Note: The following will not apply where we have a legal duty to process and retain information:
Under the GDPR, you have the right to request the deletion or removal of personal data to prevent further processing. This right to erasure is also known as ‘the right to be forgotten’. Specific circumstances in which you can request the deletion or removal of personal data includes:
- where the personal data is no longer necessary for the purposes for which it is collected or otherwise processed
- where you withdraw consent
- when you object to the processing and there is no overriding legitimate interest for continuing the processing
- where the personal data was unlawfully processed (i.e. otherwise in breach of the GDPR)
- where the personal data has to be erased in order to comply with a legal obligation
- in case a deletion is not possible due to legal, statutory or contractual retention periods, or if it requires disproportionate efforts or prejudices your legitimate interests, the data will be anonymised instead of deleted.
Sharing of data with other data controllers
At PayPlan Bespoke Solutions Limited we take your privacy seriously and the information we hold about you is confidential. We will only disclose it outside PayPlan Bespoke Solutions Limited when:
- you have given us your consent to do so
- it is necessary for the performance of an agreement of which you will be made aware
- in order to obtain professional advice (e.g. legal advice)
- we or others need to investigate or prevent crime (e.g. to fraud prevention agencies)
- the law permits or requires it
- regulatory or governmental body requests or requires it, even without your consent, or
- there is a duty to the public to reveal the information
In order to administer your IVA, we may need to share some of your personal information with other data controllers. This is necessary for the purposes of delivering specific services to you. Other data controllers which we may share this information with may include:
- Credit Reference Agencies
- Other Debt Solution Providers
- Your Creditors or their Agents
- Agents or Advisers
- Specialist PPI Claims Management Companies
- The Insolvency Service and other Government Agencies
- Insurers and other financial institutions
Your IVA proposal will include further information on organisations that your data may be shared with.
Who we share your information with and why:
We sometimes share the information that you or our systems give us with third party companies and individuals. This helps us to provide you with a better service in all.
The third parties that we share your information with includes:
a cloud-based help desk solution we use to give you access to Live Chat and be able to talk to our specialist debt advisers real time and during office hours
a cloud-based call intelligence platform that allows us to understand the times of day that we have the most calls, so that we can and make it easier for you to get the advice when you want it
a web analytics service offered by Google which tracks and reports website traffic
collects information about how you use our website, what you look at and what information you are searching for, so that we can make it easier for you to find the information you are looking for on our website
Social media and review sites
Facebook, Twitter, Linked In, YouTube, Trust Pilot allow you to give us feedback so that we can improve out service. If you follow us or share posts we can share information with you that you might find useful
allows us to send, receive and track the emails we send to you
allows us to send the emails we send to you
helps us to grab your attention by using pop-ups boxes on our website and this allows us to improve your online experience
a survey tool we use to ask you questions and learn about how we could improve our service to you
allows us to understand how our website is performing and how you use it, so that we can make improvements to the user experience
Visual Website Optimiser
a website research and testing platform that allows us to improve our online experience for you by learning how you use our website
the system we use hold place content for our website and you are able to posts comments on some of the information
A cloud contact centre which allows us to receive, make and record telephone calls for training and monitoring purposes
an online information gathering system which is provided by Paylink Solutions Limited
We may also share data with security consultants to help us get better at identifying spam. Some information we get may be collected by third party providers on our behalf
We will also monitor, and store any telephone, email, written or other electronic communications with you for training and legal purposes so that we can check any instructions given to us and to improve the quality of our customer service.
Credit reference agencies
To be able to offer you a debt solution we need to know who you owe money to.
To help us capture this information correctly and quickly, we ask your permission to use a credit reference agency to source this information. This information is provided by Experian. This is an optional service
Completing a credit reference check with PayPlan Bespoke Solutions Limited will not affect your credit rating and it is known as a soft search which means that you’ll see the search if you check your file, but your creditors won’t.
We will also seek to perform an electronic identity check, again with your explicit consent to do so. This information/service is also provided by Experian.
Information held about you by the credit reference agency may be linked to records relating to other people that you have a financial association.
You have a legal right to know the details of credit reference and fraud prevention agencies we use and to whom we pass information about you. To obtain this information, please contact our Data Protection Officer.
If you give us false or inaccurate information and fraud (in any form) is identified, details may be passed to the fraud prevention agencies and/or Law enforcement agencies. We and other organisations may also share, access and use this information to prevent fraud and money laundering.
We only share information if we believe that disclosure is reasonably necessary to comply with a law, regulation or legal request; to protect the safety, rights, or property of the public; or to detect, prevent, or otherwise address fraud, security or technical issues.
Protecting your privacy
In order to protect the personal data collected from you by PayPlan Bespoke Solutions Limited against accidental or deliberate manipulation, loss, destruction or the access of unauthorised persons, technical and organisational security measures are constantly improved as part of our technological development. In addition, our employees, subcontractors and other support staff are obligated to observe confidentiality and data privacy.
Wherever possible, we have tried to create a secure and reliable website for our users. However, you recognise that your use of the Internet and our website is entirely at your own risk and we have no responsibility or liability for the security of personal information transmitted via the Internet.
All passwords and usernames allocated to you must be kept secret and must not be disclosed to anyone without our prior written authorisation. You must not use any false identity in email or other network communications and you must not attempt or participate in the unauthorised entry or viewing of another user’s account or into another system.
You must not use the services and/or network systems or any part thereof for fraudulent activities, or to breach another organisation’s security (cross-network hacking). This is an illegal act and prosecution under criminal law may result. You must not use any computers, computer equipment, network resources or any services provided by us for any illegal purpose, or for accessing, receiving or transmitting any material deemed illegal, indecent, offensive or otherwise unacceptable under UK law.
We will monitor network traffic from time to time for the purposes of backup and problem solving and in order to ensure that you are not misusing any of the services provided to you.
If at any time we become aware that your data has been compromised, or that a breach of our systems and controls has occurred, which has an impact on the security of your data, we will notify the Information Commissioner’s Office, and you, without undue delay.
Subject Access Requests
You have the right to request access to a copy of the personal information that we hold about you. This is also known as a ‘Subject Access Request’. This information is provided to you free of charge however, we can refuse to respond or charge a ‘reasonable fee’ when a request is manifestly unfounded, excessive or repetitive.
If you would like a copy of the information we hold on you, or believe that we are holding information about you which is incorrect or incomplete, please write to:
PayPlan Bespoke Solutions Limited
We will response to your request without delay and at the latest, within one month of receipt of your request.
Rectifying or updating personal data
If you believe the personal data we hold about you is inaccurate or incomplete, you have the right to rectification. You can let us know about any changes to. Where possible, we will also inform any third parties to whom we have disclosed the personal data in question to so they can rectify their records.
If you have a PayPlan Plus account, you may be able to amend certain information through your online portal.
We will typically respond to your request within one month, although this can be extended by two months if your request for rectification is complex.
Right to complain
If you have a complaint about any aspect of data protection or if you feel your privacy has been breached by us, we would like to hear from you. To help us investigate and resolve your concerns as quickly as possible, please contact:
Group Data Protection Officer – Dale Stringer
Totemic (2014) Holdings Ltd
PO Box 9562
Lincolnshire. NG31 0EA
Phone: 0208 626 9456
If you are unhappy with the final response you have received from PayPlan Bespoke Solutions Limited you have the right to complain to the supervisory authority, the Information Commissioner’s Office (ICO) within three months of your last meaningful contact with us. You can call the ICO on 0303 123 1113 or visit https://ico.org.uk .
Due to the further development of our website, government regulations or the implementations of new technologies, this policy will be reviewed, and may change, from time to time. PayPlan Bespoke Solutions Limited reserves the right to change this data protection information at any time with effect for the future.
The revised policy will be posted to this page so that you are always aware of the information we collect, how we use it and under what circumstances we disclose it. We therefore recommend you read the current data protection information again from time to time.
Last updated: 07 January 2019