Privacy policy

Changing your Marketing Preferences

You can change your marketing preferences at anytime. 

Email Marketing

You can change your marketing preferences for email marketing at any time by:

  • Clicking unsubscribe in the body of the email sent to you.

  • Going online to My Account; or

  • Ringing the call centre on 0345 071 9018.

Please allow 48 hours for your changes to be processed.

Telemarketing

You can change your marketing preferences for telemarketing at any time by:

  • Going online to My Account; or

  • Ringing the call centre on 0345 071 9018.

Please allow 48 hours for your changes to be processed.

Direct postal marketing

You can change your marketing preferences for direct postal marketing at any time by:

  • Going online to My Account; or

  • Ringing the call centre on 0345 071 9018.

Please allow 48 hours for your changes to be processed. You may still receive direct postal marketing materials which have already been processed before we received your request for up to 2 months.

Social Media Marketing

You can exercise your right to object to social media marketing at any time by:

  • Going online to My Account; or

  • Ringing the call centre on 0345 071 9018.

Please allow 48 hours for your changes to be processed. 

Back to top

Data sharing

It is necessary for us to transfer personal data to other organisations, to operate our business, meet legal obligations, provide our services and to offer benefit to our customers. 

When we do this, we only transfer the data that we need to, and we make sure that the personal data is protected throughout this process.

Sometimes, we are required to share personal data with third parties including government agencies, service providers, and external auditors. We will share your personal data with third parties when it is:

• required by law.
• requested by a regulator.
• necessary to operate our business.
• necessary to manage its contractual relationship with you.
• in the public interest to do so.
• necessary for the performance of our services. 
• necessary for fraud detection, crime prevention or investigating errors or issues; or
• a court orders us to do so.

The third parties identified below include service providers, contractors, agents, and government bodies.

Back to top

Third party categories

We may share your personal data with other third parties, like if we are selling or reorganising our business. We might also share your data to protect our business, our customers, or other people's rights, property, or safety.

We will only transfer your personal data to third parties who adhere to appropriate data security standards and controls. This may include transferring your personal data to third parties who become either joint controllers of the data, or independent data controllers. This will include organisations within the following categories:

• Legal services
• Regulators and other governmental agencies or law enforcement agencies
• External auditors
• Credit reference agencies

If a third-party contact you on our behalf, they can only do so to provide the services you asked for and not to advertise their own products or services. If you have any concerns about the third-party companies we work with, or you would like more information, please contact our Data Protection and Privacy Office at [email protected] .

Third Party Partners

Companies within the JD Williams & Company Ltd corporate group
Purpose: Credit assessment purposes, for fraud prevention purposes or for the provision of other products and services.

Credit reference agencies and fraud prevention agencies 
Purpose: Check your identity, credit assessment, and prevent fraud.

Operational service providers 
Purpose: To operate or support business operations and core infrastructure, such as IT services and courier delivery services.

External auditors 
Purpose: Variety of audit checks to assure compliance with policies, processes and any legal or regulatory requirements.

Insurance and legal services 
Purpose: To provide insurance policy covers, handle claims under the policies, and to provide independent legal advice.

Regulatory bodies and government agencies 
Purpose: To meet legal and regulatory requirements.

Law enforcement agencies 
Purpose: To prevent, detect and aid the investigation of crime.


Credit Reference Agencies
We will request information about you from Credit Reference Agencies ("CRAs") and we will also share your personal data with CRAs. The CRAs we use are Experian, TransUnion, and Equifax. For more information about how CRAs use your personal data, please refer to the Credit Reference Agency Information Notice ("CRAIN") at: 

  • www.experian.co.uk/crain

  • www.callcredit.co.uk/crain

  • www.equifax.co.uk/crain

These companies receive and share personal and financial data on you from other companies that you are connected with financially as well as providing us with verification of your name, address, date of birth and gender details from the Electoral Register to prevent fraudulent applications. The CRAs record details of all credit searches and tell us the risk associated with providing credit and if there is any suspected fraudulent activity associated with you.

We will also share your personal data with CRAs and other companies for fraud prevention purposes and will continue to exchange information about you whilst you have a relationship with us. We will also inform CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs. When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders. 

We may make periodic searches of the records we hold about you and those held by CRAs and fraud prevention agencies and may also request additional information from you to help manage your account with us and, to take decisions about credit, including whether to make credit available or to extend existing credit arrangements. These searches and any additional information you provide to us will not be available to other lenders for credit assessment purposes.

We, CRAs and fraud prevention agencies may also use credit records for statistical analysis about credit, insurance, and fraud. This is not personal data but is aggregated for the purpose of trend analysis, managing debt and fraud prevention.

You have the right to access your personal records held by CRAs by contacting Experian, TransUnion, and Equifax directly.

Back to top

International transfers

We do everything we can to keep your data safe and protected. If we have to transfer your data to another country, we make sure the country can keep your data safe, or we put specific measures in place to protect it ourselves. We also take extra steps to protect your data if we need to send it to countries outside of the UK or the European Economic Area, where the laws may be different.

If you want to know why we might need to send your data to places outside of the UK or the European Economic Area, please get in touch with our Data Protection and Privacy Office at [email protected]. They can also give you more information about how we transfer data.

Back to top

Your Rights

You have several rights under data protection and privacy laws. We explain more about your rights below. If you ever wish to exercise your rights, please contact our Data Protection and Privacy Office at [email protected] .

Likewise, if you are dissatisfied with the information provided, you can complain to the Data Protection Officer at the same address.