Our Privacy Promise
Your trust is very important to us, so we’re committed to keeping your data safe and secure.
To keep your data safe and private;
Not to sell your data;
To give you ways to manage your marketing choices at any time.
Halo treats your privacy very seriously and is committed to protecting and respecting your information.
Who we are
We are Halo Corporate Finance Limited and Halo Finance LLP (collectively ‘Halo’). You can find more about us at www.hcfl.co.uk
For the purpose of the European Data Protection regulations (the ‘GDPR’) and the Data Protection Act 2018 (‘the Act’) (both of which Halo will fully comply with) the Data Controller is Halo Corporate Finance Limited, Unit 5, Newhouse Business Centre, Faygate, Horsham, West Sussex, RH12 4RU.
If you have any questions, or want more details about how we use your personal data, you can ask us by emailing email@example.com or call us on 0345 450 1966 (+441293854510 from outside the UK).
In providing you access to financial products and services, we may be required to process your personal data. This Privacy Notice sets out the ways in which Halo are committed to protecting and respecting your personal data, including what we do with your information and who it will be shared with. It will tell you about your privacy rights and how the law protects you.
This Privacy Notice may change at any time in the future – we will keep it up-to-date on our website www.hcfl.co.uk for you to access at any time.
What information will we collect about you?
When you engage with us (either directly or via a third-party), we may receive personal information about you which may include your name, address, date of birth, bank details, details about your employment, and other categories of as information outlined in the table below. This can be collected directly from you or through an agent such as an introducer, independent financial advisor, or solicitor, and may be in writing, on our website, over the telephone, by e-mail, or by some other means.
Categories of data we may collect:
Identification: Your Name and Date of Birth;
Financial: Your financial position, status and history;
Contact: Where you live, your telephone number, email address, and other ways to contact you;
Transactional: Details about payments to us;
Contractual: Details about the products or services we provide to you;
Behavioural: Details about how you use our products and services;
Communications: What we learn about you from letters, emails and conversations between us;
Open Data & Public Records: Details about you that are in public records, such as the Electoral Register, and information that is openly available on the internet;
Documentary Data: Details about you that are stored in documents in different formats, or copies of them. This could include things like your passport, driving licence, or birth certificate.
We will not collect or process ‘Sensitive Personal Data’ without having both a legal basis to do so and your explicit consent.
You must not send us personal data about someone else without first getting his or her consent for it to be used and disclosed in the ways set out in this Privacy Notice. If you do send such personal data, we will assume he or she has consented, although we reserve the right to ask for confirmation from them. Where you do give us data about someone else, or someone else discloses a connection with you, that data may be taken into account with your other personal data.
How the law protects you
As well as our Privacy Notice, your privacy is protected by law. This section explains how that works.
Data Protection law says that we are allowed to use personal information only if we have a valid basis on which to do so. The law says we must have one or more of these valid reasons:
- To fulfil a contract we have with you, or
- When it is our legal obligation, or
- When it is in our legitimate interest, or
- When you consent to it.
A legitimate interest is when we have a business or commercial reason to use your information, provided that it does not interfere with your fundamental rights and freedoms. If we rely on our legitimate interests, we will tell you what that is.
Here is a list of all the ways that we may use your personal information, and which of the reasons we rely on to do so. This is also where we tell you what our legitimate interests are:
Who we share your personal data with
We will never sell or lease your personal information to any third party.
We may transfer, disclose or distribute your personal information in the following circumstances:
- Where we have your permission;
- Where we are required to do so by law;
- Where there are legitimate interests for processing – i.e. where it is needed by our agents, advisors or others involved in running accounts and services for you or in undertaking activities linked to the operation of such services or accounts on our behalf; or
- Where the transfer or disclosure would otherwise be in compliance with legal requirements we are subject to including, but not limited to, statute or regulation.
Halo may share your personal data with these organisations:
Lenders: Financial Institutions such as banks, peer-to-peer lenders, private investors, alternative finance providers to whom we may apply for finance on your or your business’ behalf.
Credit Reference Agencies*: To assess you or your business is eligible for credit, to check you or your business is able to afford to make repayments, to make sure what you’ve told us is correct, to help detect and prevent financial crime, to trace and recover debts.
Fraud Prevention Agencies: To detect fraud and money-laundering risks. Agents / Advisors To assist in setting up and maintaining your account, and to assist our communication with you.
* When we ask CRAs about you or your business, they will note it on your credit file. This is called a credit search. Other lenders may see this, and we may see credit searches from other lenders. We will also search other partners or directors that you are in business with. You should tell them about this before you apply for a product or service. It is important that they know your records will be linked together, and that credit searches may be made on them.
You can find out more about the CRAs on their websites, in the Credit Reference Agency Information Notice.
Here are links to each of the three main Credit Reference Agencies:
→ Callcredit http://www.callcredit.co.uk/crain
→ Equifax http://www.equifax.co.uk/crain
→ Experian http://www.experian.co.uk/crain
We may also share your personal information if the make-up of Halo changes in the future:
- We may choose to sell, transfer, or merge parts of our business, or our assets. Or we may seek to acquire other businesses or merge with them. • During any such process, we may share your data with other parties. We’ll only do this if they agree to keep your data safe and private.
- If the change to our Group happens, then other parties may use your data in the same way as set out in this notice.
Where we store your personal data
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice. We will only send your data outside of the European Economic Area (‘EEA’) to:
- Follow your instructions.
- Comply with a legal duty.
- Work with our agents and advisors who we use to run your accounts and services.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the processing of your payment details and the provision of support services. We may transfer your personal data to recipients located in countries outside of the EEA which may not have data privacy laws equivalent to those in the EEA. In those instances, we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy notice and applicable data privacy laws.
How long we keep your personal data
We will keep your personal data for as long as you are a customer of Halo. After you stop being a customer, we may keep your data for longer than 7 years for one of these reasons:
→ To respond to any questions or complaints.
→ To show that we treated you fairly.
→ To maintain records according to rules that apply to us (e.g. 2007 Anti-Money Laundering regulations).
We may also keep your personal data for longer than 7 years if we cannot delete it for legal, regulatory or technical reasons. If we do, we will make sure that your privacy is protected and only use it for those purposes. We may also keep it for research or statistical purposes unless you object.
We or our lenders may use a system to decide whether to lend money to you or your business, when you apply for credit – this is called credit scoring. It uses past data to assess how you’re likely to act while paying back any money you borrow. This includes data about similar accounts you may have had before.
Credit scoring uses data from three sources:
- Your application
- Credit reference agencies
- Data we may already hold.
It gives an overall assessment based on this information. Banks and other lenders use this to help make responsible lending decisions that are fair and informed. Credit scoring methods are tested regularly to make sure they are fair and unbiased.
As a person you have rights over automated decisions. You can ask that we or our lenders do not make our decision based on the automated score alone. You can object to an automated decision and ask that a person reviews it. If you want to know more about these rights, please contact us.
How to get a copy of your personal data
You can access your personal information we hold by writing to us at this address: DSAR Unit, Halo Corporate Finance Ltd, Unit 5, Newhouse Business Centre, Faygate, Horsham, West Sussex, RH12 4RU
You have the right to access your personal data from us in a format that can be easily re-used and therefore passed on in this format to other organisations. Please indicate you would like your personal data in this format when writing to us.
Letting us know if your personal data is incorrect
You have the right to question any information we have about you that you think is wrong or incomplete. Please contact us if you want to do this. If you do, we will take reasonable steps to check its accuracy and correct it.
What if you want us to stop using your personal data?
You have the right to object to our use of your personal data, or to ask us to delete, remove, or stop using your personal data if there is no need for us to keep it. This is known as the ‘right to object’ and ‘right to erasure’, or the ‘right to be forgotten’.
There may be legal or other official reasons why we need to keep or use your data but please tell us if you think that we should not be using it.
We may sometimes be able to restrict the use of your data. This means that it can only be used for certain things, such as legal claims or to exercise legal rights. In this situation, we would not use or share your information in other ways while it is restricted. You can ask us to restrict the use of your personal data if:
- It is not accurate;
- It has been used unlawfully but you don’t want us to delete it;
- It not relevant any more, but you want us to keep it for use in legal claims;
- You have already asked us to stop using your data but you are waiting for us to tell you if we are allowed to keep on using it; or
- If you want to object to how we use your data, or ask us to delete it or restrict how we use it or, please contact us.
How to complain
Please let us know if you are unhappy with how we have used your personal data. You also have the right to complain to the Information Commissioner’s Office. Find out on their website how to report a concern – https://ico.org.uk/concerns/ .