This document outlines Cabot Financial (Ireland) Ltd approach to Data Privacy and how we fulfill our obligations under the General Data Protection Regulation 2018 also known as GDPR. We take our obligations very seriously when dealing with your personal data. We have outlined throughout this Data Privacy Notice the way in which we carry out our obligations
Our Privacy Promise to you:
- We promise to be fair and transparent at all times
- We treat the security of our customers` data very seriously
- We believe in integrity and we respect your privacy
What does this mean for you?
Our Data Privacy Notice provides you with information about how we use your personal data which we are required to give you by law. Each section sets out how we collect, process and retain your personal data whilst providing you with a service. Please use the following list to choose which sections of our Data Privacy Notice you want to read:
- Our identity as a joint data controller and our contact details
- The types of personal data which we will collect and how we will collect the data.
- The legal basis for which, and the purposes for which, we are processing your personal data
- How long we will retain your personal data
- Who we will share your personal data with
- Transferring your personal data outside of the European Economic Area (EEA)
- Credit Reference Agencies
- The grounds for which we will share your information for the prevention of crime or harm
- How you can manage your own personal data
- How to make a complaint
Cabot Financial Ireland as part of the Cabot Credit Management Group has appointed Ian Rea as our Data Protection Officer. You can contact our Data Protection Officer using the details below.
Data Protection Team,
Block D Cookstown Court,
1. Who are the Cabot Credit Management Group/Cabot Financial Ireland?
Cabot Credit Management Group is the data controller of your personal data. We are a market leader in the UK and one of the largest Credit Management Service providers in Europe. Cabot Credit Management Group is authorised and regulated by the UK Financial Conduct Authority (FCA). Cabot Financial (Ireland) Ltd is a joint data controller of your personal data. Cabot Financial (Ireland) Ltd is authorised and regulated by the Central Bank of Ireland (CBI).
For the purpose of this Data Privacy Notice, where we make reference to Cabot Credit Management Group or CCM Group, we are referring to the Cabot Credit Management Group of companies which includes its subsidiaries, holding companies and any associated or affiliated companies. When we become the data controller of your personal data, you will be informed about which company within the CCM Group you hold a relationship with.
2. What types of personal data do we collect and how do we collect it?
Types of personal data we collect
The types of personal data that we collect are outlined below:
- Contact Information/Identity Information: Name, Date of Birth and contact details
- Financial details/Circumstances: Income details, Financial needs, Employment status
- Information provided by authorised Third Parties: We will only use this information in the ways described within this Data Privacy Notice
- Special Categories of Personal Data: Some categories of personal data are more sensitive than others. These are known as special categories of personal data which include:
- Racial, Ethnic origin
- Biometric data
- Ethnic origin
- Religious beliefs
- Data concerning heath, sexual orientation
If you ever disclose this type of personal data to us we will only keep this on record if it is necessary for the services we are providing. Where we do need to keep this data on record, we will always request your explicit consent to do so. We will only store this data for as long as it is relevant. You have the right to withdraw your consent and, if you do, we will delete any special category data personal to you from our records.
If you disclose special category personal data to us without us having the opportunity to obtain explicit consent, for example, if you send a letter to us detailing your medical situation, you will have given your consent for us to process that data.
Where we consider it necessary to record the special category personal data you give to us, we will securely record this information and tell you in writing how we will use it and how you can withdraw your consent.
How do we collect your personal data?
We collect your information in the following ways:
- We obtain data from the previous (or current) owner of your account
- We keep records of correspondence between us, including letters, emails and SMS texts
- We record phone calls between you and our employees for training and monitoring purposes and to improve and enhance the service we offer you
- When you use our website and online payment app
- We operate CCTV at our business premises so if you were to visit one of our offices your image will be captured on CCTV
- We access third party data sources and combine and process data from those sources with your personal data. Examples of third-party data sources include the Land Registry, registers of court judgments, bankruptcies and telephone number verification databases.
- Third parties that we appoint may collect personal data from you and remit it on to us
3. How we use your personal data
We use your personal data:
- To help us provide a service on your account
- To manage our operations whilst continuously improving our service to you
- To manage security, risk and crime prevention
- To meet our regulatory requirements
- To undertake statistical analysis for business improvement
In order to process your personal data, we need to have a justified legal basis, this means, processing your personal data must be necessary for one or more of the following reasons:
- To comply with our legal obligations
- Where we have a legitimate interest for processing your data
- To perform a contract that you are party to
- When you give us your consent
- To protect your vital interests
The table below sets out the lawful bases that we rely on to process your personal data.
|Business Process||Our lawful basis for processing||How do we use your data?|
||As a business, our core operation is the recovery of an outstanding balance. As part of this recovery process, we would need to perform trace and debt recovery activities; validate your identity, contact you by writing/email/SMS and telephone, agree payment arrangements, process payments and where appropriate take enforcement action.|
||As a business, we manage and administer loans on behalf of unregulated firms in line with the Consumer Protection (Regulation of Credit Servicing Firms) Act 2015. The servicing will include interactions with consumers in respect of their loan(s) including but not limited to:
|Management of your account||
||As a business, we have an obligation to manage your account. Where your account is a consumer credit agreement, we have a legal obligation to provide you with all statutory communications. We have a legitimate interest in understanding your ability to repay any outstanding balance(s), as well as understanding how best to communicate with you. In order for us to do this at times we will use methods of scoring and/or statistical analysis.|
|Training, monitoring and improving our service||
||To ensure we provide the best service we can, we use recordings of telephone calls, which will contain personal data belonging to our customers, to train our employees. We monitor your website usage, collecting information to improve our service, business efficiencies and, statistical and analytical activities.|
|Complying with Legal and
||At times we share data with other third parties where we have a legal or regulatory requirement to do so, for example the Central Bank of Ireland (CBI). If you are unsatisfied and have made a complaint to relevant regulator e.g. The Financial Services and Pensions Ombudsman Bureau of Ireland, we will then share your personal data with them to enable them to review your complaint properly|
4. How long we keep your personal data
The period in which we retain your personal data is based on a number of different factors such as regulatory rules and the type of account you may hold. An example of this is the relevant laws and regulations (Consumer Protection Code 2012) which are set by authorities such as the Central Bank of Ireland. Once your personal has reached our retention period we will purge this data to meet our obligations under the General Data Protection Regulation.
5. Who we share your personal data with
At times we will need to share your personal data with other companies:
- Other companies within the CCM Group. We can instruct another company within the CCM Group to act on our behalf or perform administrative duties
- Debt Collection Agencies or solicitor firms where they are acting on our behalf to help Cabot Financial (Ireland) Ltd. recover a debt
- Your original creditor
- Suppliers and service providers – for example companies that provide us with an IT, infrastructure or mailing service
- Any person or company that you instruct us to liaise with – for example, a friend, family member, representative or a Debt Management Company
Whenever we engage with a third party we ensure that the third party has sufficient levels of safeguards and controls in place before sharing your personal data with them.
6. Transferring your personal data outside of the European Economic Area (EEA)
We may transfer your personal data to organisations that operate outside of the European Economic Area enabling us to work with suppliers who help us to manage your account.
Where we do transfer your personal data outside of the EEA, we will ensure that your data is protected and any suppliers are part of the privacy shield, and/or that the appropriate contractual requirements are in place.
7. Credit Reference Agencies Notice Explained
We are required by law to share details of your account (including your personal data) with the Central Credit Register (CCR) on a monthly basis to promote responsible lending.
The type of information that may be exchanged is outlined below:
- Full Name
- Full address
- Date of Birth
- Current position of any accounts you have open with us
The CCR may share the data that we provide to them with other lenders, who can request your credit report in the following circumstances:
- Where you apply for a new loan
- Where you apply to restructure an existing loan
- Where you may have arrears on an existing loan
- If you breach the terms and conditions of a credit card or an overdraft facility.
You can also request your personal credit report from the CCR. You can find out more about the CCR on the websites below:
8. Sharing information to prevent crime or harm
Cabot Financial (Ireland) Ltd has robust systems, checks and controls in place to protect our Customers and their personal data from being compromised and/or used in a fraudulent manner. In line with regulations applicable here in Ireland, Cabot Financial (Ireland) Ltd has a duty of care when carrying out on-going monitoring and servicing of all our Customers’ accounts. The Company has legal obligations that require us to obtain certain personal details to identify a customer from the outset of a business relationship, right through to the cessation of that same relationship.
If you provide us with false, misleading or inaccurate information or, if we suspect there may be fraud and/or another financial crime taking place, we will be left with no other choice but to obtain publicly available information on you, such as media reports or regulator publications, which may contain personal details about you regarding criminal convictions or financial sanctions. If fraud or any other financial crime is suspected, or has been identified by Cabot Financial (Ireland) Ltd, we are also obliged to pass your personal data to fraud prevention agencies or other authorities in the state working towards the prevention and/or detection of financial crime in Ireland. The Company, under law, has legal obligations to pass this data to fraud prevention agencies. This will be our legal basis for sharing your personal data in this way.
The agencies we may need to share your personal data with are:
- An Garda Siochana
- The Revenue Commissioners
- The Anti-Money Laundering Compliance Unit, Dept. Justice and Equality
- Any other Fraud Prevention Agencies within the state
If Cabot Financial (Ireland) Ltd has reason to believe that you are serving a prison sentence, we are then obliged by law to obtain publicly available information regarding your prison term. This may contain personal data such as the name of the prison you are in and the length of your sentence. The data will be used solely to update the information we hold about you and to manage your account in the most appropriate way possible relative to your circumstances.
If we have reason to believe that you are in any immediate danger, we will pass your personal data, including any details we have about your physical or mental health, to An Garda Siochana and any other emergency services that we see fit, in order to protect your vital interests.
9. How can you manage your data?
Managing your account
You can access and manage your personal data held by us by simply contacting us in writing or by Telephone call.
Cabot Financial Ireland,
PO Box 11151,
Object to processing
You have the right to object to us processing your data if the processing itself is an unwarranted interference with your interests or rights. You can find out more about how and why we process your personal data in section 3 ‘How we use your personal data?’
If you believe we are processing your personal data unlawfully or if you believe that we no longer need your personal data, you have the right to request that we restrict the processing of your personal data.
Right to be forgotten
Under data protection legislation you have the right to request that we delete your personal data if you believe we no longer have a lawful basis to process it. If you feel that we should not be processing your personal data you can submit a request to us in writing or alternatively you can submit your request by email.
Right to rectification
Upon obtaining personal data we conduct checks to validate that it is accurate and up to date. We are reliant on you and other third parties to provide us with the correct information at all times. If you believe that any of the personal data we hold for you is incorrect, it is important that you make us aware of this as soon as it is possible, for example if you have a new phone number or you have moved address you will need to update us with your new contact details.
If you have any further questions regarding any of the above information please feel free to contact our dedicated Data Protection Team by emailing them on: [email protected]
Your right to portability
You have the right to request that we transfer personal data you have provided to us either to yourself or to another data controller. You can exercise the right to data portability by contacting us on the below details:
Accessing your data
You have the right to view all personal data we hold about you, relevant to your account. As a joint data controller, we will also ensure that we provide any additional personal data that any of our data processors may hold about you.
We take the security and protection of your personal data very seriously, so we reserve the right to request proof of your identity before supplying you with any personal data.
Once we have validated your identity, we will respond to your request within one calendar month. We typically will send your personal data in the medium as requested by you, However, if you wish to receive it in a different format for example, as a printed document then please do let us know.
In order to make this request please contact us on the below details:
Cabot Financial Ireland,
PO Box 11151,
Our website operates and collects cookies. A cookie is a small file that is placed on your computer’s hard disk which may be placed for several reasons, for example:
- Google analytics, such as analysing the traffic to the website and to speed up access to the website.
- Targeted communications that help us to guide you back to specific pages within our website, or reach you via third party websites
We will always ask you on the homepage whether you want us to place a cookie on your computer. The vast majority of web browsers accept cookies; however, you can manually change your browser settings so that cookies are not accepted. In doing so you may lose some of the functionalities of our website. For more information about cookies and how to disable them please go to: www.aboutcookies.org
We can confirm that any cookies placed by us shall not store or collect any personally identifiable information.
11. How to complain
If you would like to make a complaint or have a query about how we use your personal data, you can contact us on the below details:
Data Protection Team,
Cabot Financial Ireland,
PO Box 11151,
If you are unsatisfied about how we have handled your complaint, you have the right to escalate your compliant to the Data Protection Commission. You can contact the Data Protection Commissioner at:
Data Protection Commission,
21 Fitzwilliam Square South,
00 353 (0)761 104 800
00 353 (0)57 868 4800
Applicable from the 25/05/2018
Cabot Financial (Ireland) Ltd is regulated by the Central Bank of Ireland