Paladin Commercial Credit Management LTD (“Paladin”) takes the use of personal data and privacy very seriously and is committed to ensuring that your data is used fairly and lawfully.
BASIS FOR USING YOUR PERSONAL DATA
Depending on the nature of our instruction, Paladin acts as both a Data Processor and a Data Controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Where we act strictly on the direct, unaltered instructions of an account owner or original creditor, we operate as a Data Processor. However, where we independently undertake data verification, data enrichment, tracing activity, or determine the necessary legal and operational methods of debt recovery, Paladin acts as a Data Controller in its own right.
We process your personal data based on our legitimate business interests, and the legitimate commercial interests of our clients, to recover outstanding contractually binding financial obligations. This privacy policy explains how Paladin will use, store, and share your personal data.
HOW WE OBTAIN PERSONAL DATA
Paladin receives personal data about you from its clients when they instruct us to act on their behalf. We may also obtain information from credit reference agencies and licensed tracing providers. In addition, we may collect information from you or from your appointed representative through the use of our website and from communications between us, such as within telephone calls, letters, or emails.
CATEGORIES OF PERSONAL DATA
The personal data that we collect and receive from our clients, third parties, yourself, and your personal representatives may include any or all of the following: your name, address, date of birth, relevant account reference numbers, e-mail address, phone numbers, debt information, payment history, payment details, credit reference information, your employment status, vehicle registration, NI number, and any other details relating to your account.
Each time you visit our website, we may automatically collect information and personal data about your computer for system administration, including where available your IP address, operating system, and browser type. We may use a third-party service to help us analyse how users use the site (including behaviour patterns and the tracking of visits across multiple devices), to establish more about our website users, and to assist us in developing our website and the services we offer.
HOW WE USE YOUR PERSONAL DATA
Our use of your personal data is for the legitimate interests of our business, and all data Paladin receives is processed in accordance with this privacy policy. We will not share your information with other companies for sales or marketing purposes.
We may process any personal data obtained in accordance with this policy in the following ways:
For debt collection purposes and to help us deal with your account in a manner that is most appropriate to your individual circumstances.
To allow you to make a payment using our website.
To locate you and to check, verify, or update your contact details.
To update our client with personal data we have obtained about you.
For administration purposes, including that which supports our website.
To improve our website and its content.
To allow you to use any interactive features of our service.
To prevent money laundering and fraud.
DISCLOSURE OF YOUR PERSONAL DATA TO THIRD PARTIES
We may share your personal data with our suppliers who provide goods and services to us to enable them to provide these to us. These suppliers are our data processors and may only use your personal data in the way we specify. Your personal information will not be shared with non-connected third parties (e.g., marketing or advertising companies).
We may share your personal data with third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use or to protect the rights, property, or safety of Paladin, our clients, our employees, agents, and subcontractors or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
Our website contains links to the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or your use of those websites.
SENSITIVE PERSONAL DATA
The UK GDPR defines certain personal data as ‘special category’ or ‘sensitive’ data, such as personal data regarding your ethnic origin, physical, or mental health. We will not actively ask you to disclose any sensitive data, but you may voluntarily give such personal data to us to assist with the appropriate management of your account. Any use of or sharing of your sensitive personal data will be on the basis of your explicit consent, or if we are required or permitted to do so under applicable UK data protection legislation.
HOW WE STORE AND SECURE DATA
Your personal information is retained by us in accordance with applicable UK laws and regulations. Our data retention periods vary due to the nature and context of the information we hold, and are calculated based on the following factors:
Potential claims, active disputes, or litigation.
Guidance from official bodies, such as the Information Commissioner’s Office (ICO).
How long we need to keep the data to fulfil the original purpose for which it was collected.
The nature and sensitivity of the personal data.
Legal and regulatory obligations to which we are subject.
We will not retain your information for longer than is reasonably necessary for the purposes outlined in this Policy. Standard credit management and debt recovery files are retained for a period of six years following the formal closure, total settlement, or final legal resolution of the account, unless ongoing statutory obligations or active litigation compel us to retain records for longer periods.
WHERE WE PROCESS YOUR PERSONAL DATA
The personal data we collect is processed and stored securely within the United Kingdom. No personal data is transferred or stored outside of the United Kingdom or the European Economic Area (EEA) unless explicitly authorised, necessary for the establishment or defense of legal claims, and protected by appropriate statutory safeguards.
COOKIES
This website uses cookies, which are small text files placed on your device to help the website provide a better user experience. Cookies are used to retain user preferences, store information for items like secure login sessions, and provide anonymous tracking data to third-party applications like Google Analytics.
Cookies will usually make your browsing experience better; however, you may prefer to disable them. The most effective way to do this is to disable cookies in your browser. The Help section of your browser should offer assistance, or you can visit external cookie guidance websites for further information.
RECORDED TELEPHONE CALLS
For your assurance, compliance, and monitoring purposes, all telephone calls between Paladin and its customers are recorded for training and quality purposes. You may opt out of this recording at the commencement of any call.
CHANGES TO THIS POLICY
We may revise these terms of use at any time by amending this page. Please check this page on our website from time to time to take notice of any changes we make, as they are binding on you.
ACCESS TO PERSONAL DATA
You have the right to access personal data held about you by making what is called a Subject Access Request (SAR). If you would like more information about this process or would like to contact us about any aspect of this privacy policy, please contact our Compliance Officer:
Address: The Compliance Officer, Paladin Commercial, Prestwick House, Second Floor, 20 Station Approach, Carpenders Park, Watford, Herts, WD19 7DT
Email: compliance@paladincommercial.co.uk
ICO Registration: Paladin Commercial is registered with the Information Commissioner’s Office, Registration Reference: Z8147314.
