Lucas Credit Services Limited is committed to the protection of your privacy. In accordance with the General Data Protection Regulation 2016/679(GDPR), we are registered as a “Data Controller” on the public register of data controllers maintained by the Information Commissioner. Our data protection registration number is Z2577941.
Basis for using your personal data
Lucas Credit Services does not rely on consent as the legal basis for processing your data.
There are two legal bases relied on by Lucas Credit Services Limited when processing personal data: -
1. Legitimate interest - where we process your personal data to further the legitimate business interests of Lucas Credit Services.
2. Contract - where we need your personal data to enter into a contract with you.
How do we collect information?
We may receive personal data about you from third parties such as our clients who refer accounts to us for collection or credit reference agencies. We are given information about individuals by our commercial clients in order to provide them with debt collection services. This information will usually include name and contact details including address, email address and telephone number. We will also be given details of the debt owed, including the amount, the date it was due, any interest accumulated and any previous communication with the individual relating to the debt.
You may share personal data about yourself with us when you communicate with us to deal with accounts where we act as agents for our clients
We will only collect personal information about you through our web site if you choose to provide this to us, for example by registering your account and completing any forms on our web site or making a payment using the on-line payment page. Web browser connections to our web server are encrypted using TLS 1.2 and any customer data stored on our web server is encrypted at rest using AES-256. We do not capture or store credit or debit card information; all card transactions are securely processed at our third party payment processor Global Payments whose privacy statement is available at: www.globalpaymentsinc.com/en-gb/privacy-statement.
All web site servers automatically collect certain information about the volume and properties of internet traffic visiting the site, such as the type of browser and operating system you are using, the I.P. address and the domain name of your internet service provider etc. We do not automatically collect personal information from you through our web site and we cannot identify you from this information.
Cookies enable us to understand how our visitors use the web site, such as the number of return visitors we have, the pages viewed per session and the time exposed to particular pages etc. For this purpose we use Google Analytics.
Cookies used on this web site
Session Cookie. Web pages have no memories. A user going from page to page will be treated by the website as a completely new visitor. Session cookies enable the website you are visiting to keep track of your movement from page to page so you don't get asked for the same information you've already given to the site. Cookies allow you to proceed through many pages of a site quickly and easily without having to authenticate or reprocess each new area you visit.
The session cookie is stored in temporary memory and is not retained after the browser is closed. Session cookies do not collect information from the user's computer. They store information in the form of a session identification that does not personally identify the user.
Using browser settings to manage cookies
Most web browsers automatically accept cookies but if you prefer, you can set your browser to disable cookies or inform you when they are set. However some features provided by this web site may not function correctly if cookies are not enabled. To find out how to control or delete cookies in the web browser you are using visit www.aboutcookies.org
How do we process your information?
We process information about individuals whose accounts we are dealing with on behalf of our clients (“customers”). Data is referred to us by our clients under the terms of any agreement or contract between our client and their customers. We also process information from credit reference agencies, individuals who contact us by telephone, email or letter, and from other public data sources.
We also process data relating to email open rates, including the time and date of an email sent by Lucas Credit Services being opened by the individual to whom it was sent. This is in order to measure our success in contacting individuals and to maintain our standard of service to our clients.
Telephone conversations are recorded in order to offer you additional security, resolve complaints, to carry out staff training and to improve our quality and service standards.
What do we use your information for?
We use the information you provide for the following purposes: -
- for debt collection purposes and other business and client communication purposes;
- to trace customers;
- to prevent money laundering and/or fraud;
- to help us take decisions about you and your account;
- to fulfil our obligations to our clients, for example provide details of your payment history, account usage, changes of name and address etc.
- to administer our web site and monitor its usage to ensure an appropriate visitor experience.
Some of these purposes are a statutory requirement on us, for example information to prevent money laundering.
Sensitive Personal Data
Data Protection Regulations define certain personal data as ‘sensitive’ including personal data regarding your physical and mental health. If you have a physical or mental health condition that affects your ability to deal with your day-to-day affairs including financial matters, we may wish to ask you for some details to better understand your circumstances and, with your consent, note this information so that we may deal with your account appropriately. Any sensitive personal data you choose to provide voluntarily will only be used for the purpose of appropriately dealing with your account with us. If you voluntarily provide such sensitive personal data to us in writing this will indicate your consent to the processing of your personal data for this purpose. It may be appropriate for us to share your sensitive personal data with our client in order that they may also understand your circumstances and deal with your account appropriately. Sharing of sensitive personal data will be on the basis of your consent or if we are required or permitted to do so under the Data Protection Regulations.How long will we keep your data for?
We will not keep your data for any longer than is necessary for the purposes listed above.Do we disclose any information to outside parties?
We do not sell or trade your personally identifiable information. However, We may pass your details on to third parties who act for us or to those who are contracted to provide us with services, such as administration and technical support for the purposes set out in this policy, or if we are under a duty to disclose or share your personal data in order to comply with any legal obligation.
Occasionally, at our discretion, we may include links to third-party resources on our web site. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
We will not transfer your information to third parties outside the European Economic Area unless: -
- you have given explicit consent;
- they have implemented sufficient safeguards to be compliant with the GDPR; or
- we have implemented sufficient safeguards to protect the data when outside the EEA.
How do we protect your information?
We have implemented security policies, rules and technical measures to protect the personal data that we have under our control from unauthorised access, improper use and disclosure, unauthorised destruction or accidental loss. Any payment transactions will be encrypted using SSL technology.
We endeavour to protect your personal data but unfortunately, the transmission of information via the internet is not completely secure and we cannot guarantee the security of your data transmitted to us via our web site or email. Any transmission is at your own risk.
Email messages sent via the internet cannot be guaranteed to be completely secure as they are subject to possible interception, loss or possible alteration. There is no guarantee that we will receive any email sent to us.
Your right to access your informationThe GDPR gives you the right to request a copy of the personal information that we hold about you. Requests for repeat copies of information may be subject to a reasonable fee, and we reserve the right to refuse a request where it is manifestly unfounded or excessive. We may be unable to give you the data you request if it also contains personal data about a third party. We will respond to any request within one month. Please write to the address below if you wish to request information we hold about you.
The Data Protection Officer Lucas Credit Services Limited 2A, 606 Business Park Staithgate Lane Bradford BD6 1YA
Other rightsRight to rectification
You have the right to request that we rectify any personal data about you held by us which is inaccurate or incomplete.
Where this is the case and we have passed on the data to a third party, we will contact them to request that they also correct the data.
We will respond to any request for rectification within one month.Right to erasure
You have the right to request the deletion or removal or personal data held about you where there is no reason for us to continue to hold it, or where you have withdrawn your consent.
We reserve the right to refuse a request for erasure where we are processing it to comply with a legal obligation, or for the establishment, exercise or defence of legal claims.Right to restrict processing
You can request that we block or suppress out processing of your personal data. In this event, we will store your data but not do anything else with it, and we will retain enough information so that our employees are aware of the restriction.Right to data portability
You have the right to obtain and reuse the data we collect about you for your own purposes.
If the data reveals personal data about a third party, we reserve the right to refuse the request.
We will respond to any request for portable data within one month.Right to object
You can object to any direct marketing which we do. If you do object, we will stop processing your personal data.Right to object to automated decision-making
Some decisions made within Lucas Credit Services may made by automated decision-making. Where a decision is made about you using software or automated process, you can;
- Ask for the reasoning behind the decision;
- Ask that such a decision be reconsidered by a human; or
- Prevent your personal data being used for automated decisions
If you are unhappy with how your personal data has been processed, you have the right to lodge a complaint with the Information Commissioner at any time. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
If you remain dissatisfied then you have the right to apply directly to the Information Commissioner for a decision. The Information Commissioner can be contacted at: -
The Information Commissioner, Wycliffe House, Water Lane, Wilmslow Cheshire SK9 5AF
Telephone: Switchboard: 01625 545 700
Data Protection Help Line: 01625 545 745
Notification Line: 01625 545 740