1. What do you do with my personal data?
We use your data to provide you great services. That includes doing things like:
• Improving our products and services for you and other clients to ensure everyone gets the best experience, performing market research to understand our members views and personalising our experiences to make our service more intuitive & competitive;
• Providing you with the products and services you have selected, keeping you up-to-date and informed and responding to your enquiries such as notifying you when you are approaching the end of your contract, highlighting promotions and competitions we think you will be interested in;
• Legal, regulatory or business reasons such as assisting with crime and fraud prevention, assessing credit risk when provisioning loans and ensuring we provide the products and services you have selected.
We may use information about you to:
Improve our products and services
• Enhance and personalise the products and services that we offer you and to develop new products and services; • Perform analysis and research; • Aggregate information about you, your use of the services with information about other users of the services in order to identify trends;
Provide you with services and information
• Provide you with the products and services you have selected and to manage your contract provided by us; • Provide you with access to parts of the website, if applicable; • Contact you if necessary;
• Tell you about any new services or products;
• Market our products and services to you;
• Send you information about our products and services by email or other means if you have opted in as a consumer to receiving relevant marketing communications;
Satisfy our legal, regulatory and business requirements
•Help us keep your information safe, eg: checking your identity;
• Investigate any complaints or other enquiries that you raise;
• Assess credit risk, assess the provision of loans, debt tracing, debt recovery, credit management and crime, fraud and money laundering detection and prevention.
We may also disclose your personal information or information about your usage of our services to certain third parties (as listed below). This data may identify you personally or may be included in aggregated and anonymised data (which means you will not be identified). These third party finance companies may use this information:
• To provide you with targeted offers, promotions, adverts or commercial communications if you have opted in, as a consumer, to receiving relevant marketing communications;
• To give them a better understanding of our business; and/or;
• To provide you with products and services or to improve the products or services you are already receiving.
Details of how our third parties may use your data can be found below;
Agility Fleet - https://www.agilityfleet.com/data-privacy-policy/
Alphabet - https://www.alphabet.com/en-gb/privacy-policy
Alphera - https://alphera.co.uk/privacy-policy
BNP Paribas -https://www.bnpparibas.co.uk/en/legal-privacy/privacy-policy/
Close Brothers - https://www.closebrothers.com/email-alerts-privacy-notice
JBR Capital - https://jbrcapital.com/about/privacy-policy/
Motonovo - https://customer.motonovofinance.com/privacy
Private & Commercial Finance Bank - https://pcf.bank/privacy/
Santander - https://www.santanderconsumer.co.uk/your-data/privacy-policy/
Privacy policies for any other funder that we may use is available upon written request.
We are allowed to use your information in these ways because:
•We need it to provide you with products and services and to manage your contract with us or a third-party finance company;
• We need to use some of your information to comply with legal and regulatory obligations (such as legal obligations to keep details of calls made by customers for a certain period of time);
• We have a legitimate business interest in some uses of your information (such as conducting market research); and/or;
• You may have given your consent to us to use your data for certain activities, eg: marketing communications.
2. How long will you keep my personal data?
We keep information while you're our customer and after your contract has ended.
We use your information to provide you with the products and services you have selected and for a variety of other reasons.
For example, we might need to sort out disagreements, stop fraud and abuse, prove that you had a contract with us or follow our legal obligations. Or the police may need it as evidence. We may also keep information about how you use our products or services.
In each case, the length of time that we need to keep the information may be different, but we will only keep the information for as long as we need it.
We have a legal obligation to keep data about you for 12 months after the contract ends. Law enforcement agencies are entitled to access this data in support of the investigation, detection and prosecution of serious crime.
3. Who do you share my personal data with and why?
We will share your information in the following situations:
With partners, suppliers, agents and subcontractors who help us deliver the products and services you've chosen to use;
• When you have provided your consent;
• When we have legal or regulatory requirements such as a request from the competition authority, law enforcement agency or a credit reference agency.
We may share your information:
• With our current and prospective partners, agents and subcontractors (for example, advertisers and content providers) who are involved in delivering products or services used or ordered by you;
• With other companies in the CVM group, including their respective partners, agents and sub-contractors;
• With any relevant public authority or law enforcement agency;
• With any debt collection agency or credit reference agency;
• Where there is a change (or prospective change) in the ownership of CVM to new or prospective owners. In these circumstances we would require them to keep it confidential;
• Where we (or an affiliate processing your data on our behalf) are required to do so by law, regulation or legal proceedings;
• Where we believe it is necessary to protect CVM or third-party rights and property;
• Where you give us false or inaccurate information and/or we identify or suspect fraud;
• In response to a valid, legally compliant request by a competent authority;
• During emergencies when we believe physical safety is at risk;
• In response to a complaint that you have breached the services terms & conditions or any other product or service terms.
4. What data do you hold about me? (And how do you get it?)
We collect information in three ways:
- Directly from you, such as information filled in within application or registration forms, surveys and community posts;
- From the products and services, you use;
- From 3rd parties, such as information from credit reference agencies and fraud protection agencies.
We collect such information as:
• Your contact information including name, address, email address and telephone number;
• Your order history;
• Your payment details including bank, debit or credit card details;
• Your communications with us including requests and complaints;
• Your activity/interactions on our website;
• Your use of our services including but not limited to;
• Credit report information if you have completed personal details for a credit check through our website or over the phone to apply for a loan or contract;
• Loan information and loan application data including employment details, relationship details, homeowner status and bank details together with any other personal information required if you have applied for a loan or contract;
How we collect information:
We collect information directly from you when you are asked to provide personal details about yourself, including but not limited to when you:
• Purchase products or services from us;
• Register to become a CVM customer;
• Submit enquiries or comments to us or contact us; •
Enter any promotions, competitions or prize draws via the services;
• Use any CVM products and services;
• Take part in market research; and/or;
• When you make changes to or terminate your contract.
We collect information about you indirectly:
• From third parties including but not limited to those who provide our financial services, take payments and manage products;
• We may also collect information about you from other sources, including but not limited to: credit reference agencies, fraud prevention agencies and business directories and other commercially or publicly available sources;
• Our website may use a website recording service which records mouse clicks, mouse movements and page scrolling. Data collected by this service is used to improve our website usability. The information collected is stored and anonymised and then used for aggregated and statistical reporting. You will not be personally identified;
5. What rights do I have?
You have the following rights:
• To be informed about how we use your personal data (the purpose of this Privacy Notice);
• To update your personal data, you will need to contact us;
• To ask us to delete your personal data. However, there may be circumstances where we are legally entitled to retain it;
• To get a free copy of your personal data. A subset of your data (limited to data that you have provided to us);
• To object to the processing of your data and have it restricted. There may be circumstances where you ask us to restrict the processing of your information, but we are legally entitled to refuse that request;
• To review some automated decision-making or profiling (automated processing to determine certain things about you);
• The right to make a complaint to the Information Commissioner (www.ico.org.uk) if you think that any of your rights have been infringed by us.
To exercise any of your rights, you will need to contact our team. You may need to provide the information so that we can verify your identity:
CVM are required to respond to your request within 1 month. Where requests are complex and excessive, CVM is permitted an additional 2 months to process your request. However, in these circumstances we would provide an update on your request within 1 month of receiving it.
When requesting a copy of your personal data, you can also do this via post.
CVM reserve the right to charge an admin fee or refuse a request where requests for data are clearly unreasonable or excessive, particularly if they are repetitive.
6. How do I change my marketing preferences?
You can opt in and out of marketing communications at any time by changing your preferences within CVM. You will be able to choose to receive marketing communications about the products and services you have chosen, all marketing communications from CVM or options from selected partners.
You can also opt out of marketing communications by following unsubscribe links at the bottom of any marketing emails received from CVM.
We will never give your personal data to a third party for marketing unless you have expressly given us your permission.
7. How do you ensure my data is secure?
CVM is committed to keeping your data secure. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access, use or disclosure.
Security of Communications
Please be aware that communications over the Internet, such as e-mails and webmails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered - this is the nature of the World Wide Web/Internet. CVM cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control
8. How can I contact you?
If you would like more information or would like to raise any queries with us in relation to your information, you can contact us by writing to the Data Protection Officer at:
Data Protection Officer
7 Little Park Farm Road
9. Changes to this Privacy Notice
We will check this policy from time to time and post any changes here.
We may also let you know about these changes by email.
10. Resolving Privacy Issues
We will always try our best to resolve any data privacy issue you may have. You have the right to refer any data privacy issue to the Information Commissioner’s Office at any time.