Toot Loans Privacy Policy

We collect Personal Data from you:

1. When you take a service or product from us.
2. When you contact us, or if you have replied to a communication from us.
3. A third party who sells your data.

This includes:

1. contact details;
2. date of birth;
3. address details;
4. employment details;
5. email details;
6. IP addresses;
7. bank details;
8. Any sensitive information you share with us.

In order for us to process your data we have to have a lawful basis to do so. We are relying on the following basis to do so:

1. Consent: you have given clear consent for us to process your personal data for a specific purpose.
2. Contract: the processing is necessary to enter into the loan agreement with you, or because you have asked us to take specific steps before entering into a contract.
3. Legal obligation: the processing is necessary for us to comply with the law (not including contractual obligations).
4. Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests.

We have identified these on a lawful basis to assess whether we can, pass your details on to a third party who may assist you with obtaining a loan if we cannot help you or if we wish to continue to market to you with other specific products set out below after our contractual relationship has ended.

We use your information so that:

1. We can identify you when you contact us.
2. We can identify accounts, services and products you may have from us.
3. We can offer you other products.
4. We can ensure we do not pass your details to the same third-party twice in a short period and so third parties can avoid unnecessary credit searches.
5. We can improve your account administration.
6. We undertake marketing analysis, credit strategy and customer profiling.
7. We can continue to market to you with relevant offers;
8. To prevent and detect consumer vulnerability;
9. To manage your account as and when needed; and
10. To help us prevent and detect fraud and loss.

Yes we do record calls. Calls and Emails are retained for a period of time and then destroyed in accordance with our Data Retention Policy.

1. all our staff;
2. third parties including police. government or regulatory agencies should they request it;
3. if any officials request it for legal proceedings;
4. if our company and all of its assets are bought by a third party your personal data will also be transferred to this third party;
5. credit information service providers
6. open banking information service providers
7. if we need to pass on personal data to others who offer administration services, marketing information and customer services; and
8. Debt collectors or law firms if you fall behind with payments to us.

As a lender we will pass data to:

1. Credit report information service providers
2. Open banking information service providers
3. Debt Collectors
4. Law Firms
5. Fraud Prevention Agencies

For a detailed list of these third parties you can write to us at Brighter Lending Limited t/as Toot Loans of Suite 3.1, 12 Tithebarn Street, Liverpool, L2 2DT

We use your inforamtion so that:

1. We can identify you when you contact us.
2. We can identify accounts, services and products you may have from us.
3. We can offer you other products.
4. We can ensure we do not pass your details to the same third-party twice in a short period and so third parties can avoid unnecessary credit searches.
5. We can improve your account administration.
6. We undertake marketing analysis, credit strategy and customer profiling.
7. We can continue to market to you with relevant offers;
8. To prevent and detect consumer vulnerability;
9. To manage your account as and when needed; and To help us prevent and detect fraud and loss.

Automated Decision Making and Profiling

Prior to any loan being agreed with you we will use your personal data to make automated decisions. This is done in order to determine whether we wish to enter into a contract with you and to determine your creditworthiness in the quickest, fairest and most legally compliant way using credit scoring and past payment history to predict future performance. We will also monitor your account using automated means for fraud detection and crime prevention purposes. The automated decision may result in us declining your loan application.

We regularly test our credit scoring model to ensure it is working appropriately and accurately. If you are dissatisfied with the result of this automated processing you have the right to seek an explanation and request a person review the decision.

Sharing your data with Credit Reference and Fraud Prevention Agencies

In order to process your application, we will perform credit and identity checks on you with one or more credit reference and fraud prevention agencies (“CR/FPAs”). To do this, we will supply your personal information to CR/FPAs and they will give us information about you. This will include information from your application and about your financial situation and financial history. CR/FPAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.

We will use this information to:

• Assess your creditworthiness and whether you can afford to take the product
• Verify the accuracy of the data you have provided to us
• Prevent criminal activity, fraud and money laundering
• Manage your account(s)
• Trace and recover debts
• Ensure any offers provided to you are appropriate to your circumstances

We will continue to exchange information about you with CR/FPAs while you have a relationship with us. We will also inform the CR/FPAs about your settled accounts. If you borrow and do not repay in full and on time, CRA/FPs will record the outstanding debt.

When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders. If we notify them of criminal activity on your account they will keep a record of this which may result in other organisations refusing to provide you with services or employment.

The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail at www.equifax.co.uk/crain

No

We carry out comprehensive due-diligence on each party that we work with to ensure your personal data is secure and that the communication you receive is relevant to your needs. Communication from the third party may be by email, SMS or telephone.

We will not disclose your Personal Data to any third party except in accordance with this Privacy Policy.

We invest heavily in data security so you should be assured that your data is safe.

If you consented to receiving marketing communication from us, there will be an opt-out on every correspondence you received. You can also change your mind at any time by emailing us at customerservices@tootloans.co.uk

Please email us at customerservices@tootloans.co.uk

We have a very strict policy on protecting your Personal Data:

1. We make sure we do thorough checks on everyone we work with.
2. We use encrypted software.
3. We continually test our systems to see whether it can be penetrated by malicious software and outside third parties looking to steal data. Our regulators expect us to do this to ensure our systems are secure.
4. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personally identifiable customer information.

Yes

Cookies cannot be used to identify you personally and are used to improve services for you, for example through:

1. letting you navigate between pages efficiently;
2. enabling a service to recognise your computer so you don’t have to give the same information during one task;
3. recognising that you have already given a username and password so you don’t need to enter it for every web page requested;
4. measuring how many people are using services, so they can be made easier to use and that there is enough capacity to ensure that they are fast.

See allaboutcookies.org or www.youronlinechoices.eu to learn more about cookies.

We use Google Analytics cookies to collect information about how visitors use our website and to help us ensure it is tailored to our customers’ needs and interests. These cookies only collect information in an anonymous form, including the number of website visitors and the pages visited. No personal information is collected or stored by Nouveau Finance. To opt out of being tracked by Google Analytics across all websites visit: http://tools.google.com/dlpage/gaoptout

Yes, we purchase data in a number of ways but always perform full due diligence on our partners to ensure that they Treat Consumers Fairly before we purchase.

We do limited profiling so that we can match your specific needs to the loan product you require. Our panel of lenders may carry out their own profiling. To find out what information we hold on you, you can write to us at customerservices@tootloans.co.uk

18

Yes, we can update our privacy policy without letting you know. We will review this at a minimum annually.

We store your data for up to six years after the last interaction.

You have the following rights for your data:

• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights in relation to automated decision making and profiling.

For further information in relation your rights visit www.ico.org.uk

No