Privacy Notice for ‘Target Group’ trading as ‘Target Servicing Ltd’
Target Servicing Limited Privacy Notice
Who are we?
In this notice, any reference to ‘we’, ‘us’ or ‘our’ are references to Target Servicing Limited (‘TSL’).
Target Servicing Limited (‘TSL’) is the "Data Processor" of any personal information that is processed on behalf of the ‘Data Controller’, for the purposes of managing your account.
The Data Controllers are our clients, your service provider, they are the companies that have outsourced the administration of your accounts to us, we process your data under contract to them.
We respect your rights to privacy and to the protection of your personal information. This notice provides information regarding how we use your information, who we share it with, circumstances under which we share it and what steps we take to protect it.
‘Personal data’ is information that can be used to identify a living individual, either on its own, or in combination with other data. Examples of personal data include your name and address.
‘Data processing’ refers to the collection, use, and storage of your personal data.
Our contact details
- Registered address: Target Servicing LTD, Target House, Cowbridge Road East, Cardiff, CF11 9AU
- Website address: www.targetgroup.com
- Data Protection Officer: DPO@targetgroup.com
Please note that the details provided above are specifically for TSL. If you need to speak to your service provider, you can do so using the contact details provided to you in their communications.
The type of personal information we process
Processing activities will be strictly limited to what is absolutely necessary for us to achieve the legitimate purposes we have identified in this notice.
The information we process on behalf of the Data Controller may include some or all of the following:
- Standard personal information such as your name, address, date of birth and contact details (including your telephone number(s) and email address).
- Financial information, including transactional activity and bank account details for collection or payment of any monies.
- Where necessary (for example, where we need to consider setting a payment arrangement on an account), relevant details about your personal and financial circumstances, income and expenditure information and information about other outstanding debts.
- Documents provided for identification and verification purposes (for example a copy of a passport, divers licence and/or bank statements).
- Information captured as part of recorded telephone conversations with us.
From time to time you may also choose to provide additional information to help with the administration of your account, such as information relating to your health. This type of information is classified as ‘special categories of personal data’ and will only be used for specific and limited purposes. Where you provide your consent to process this information, you can subsequently choose to withdraw it at any time using the contact details provided in communications issued to you by your service provider.
If you provide information relating to another person in relation to your account, for example a dependant/family member or to allow someone to act on your behalf, it may be necessary to collect and hold their personal information on your account. You should inform them of the privacy notices available.
Where do we obtain your personal information from?
We have obtained your personal data from your service provider.
For the purposes of administering your account we may also access third party data sources and combine and process data from those sources with your personal data. Third party data sources may include one or more of the following:
- Government agencies and registers.
- Credit Reference Agencies (CRAs).
- Fraud prevention and law enforcement agencies.
- Postcode/address search databases and telephone number verification databases.
- Third parties who provide services to you and/or us, (for example Solicitors, debt advice agencies, Mortgage Brokers, Independent Financial Advisors and field agents).
How your personal data will be processed by us
We will store, access, and use your personal data:
- For the purpose of administering your account in line with the conditions and requirements set by the Data Controller.
- To help investigate, prevent and detect fraud or financial crime.
- To retain a history of your account for future reference by you and/or the Data Controller in case of any legal claim.
TSL will not use your personal information for its own purposes.
TSL are not responsible for any processing activities directly undertaken by the Data Controller, details of such activities should be described in their own privacy notice and provided to you.
Legal grounds for our use of your personal data
The lawful bases under which we process your personal data is:
- Legitimate interest; and/or
- Processing using your consent
The lawful basis for processing any information you provide specifically relating to your health is your explicit consent. You can withdraw your consent at any time using the contact details provided in communications issued to you by your service provider.
Who might we share your personal data with?
We will share your information with the Data Controller
We may share your information where we have your express permission, or permission from a suitably authorised third-party representative, for example where they may be in possession of a power of attorney document.
We may also share information with third parties that provide services to us in connection with the ongoing administration of your account. They may include Credit Reference Agency’s, loan administration service providers, debt collection agencies, Solicitors, Asset Managers, tracing agents, print houses, payment service providers, telephony service providers, nominated third parties such as Mortgage Brokers or Independent Financial Advisors, providers of specialist services for alternative format communications (such as audio and braille) and storage companies.
We may also be required to share your information with third parties such as law enforcement agencies, judicial bodies, government entities and tax authorities in relation to suspected or actual fraud, financial crime, criminal related activities and/or for taxation purposes.
TSL will not share your information with third parties without the prior knowledge and consent of the Data Controller.
Keeping your personal information safe
We are committed to ensuring that the information we hold about you is kept safe and secure. We have a range of physical and technological security measures in place to help us maintain the integrity and safety of your information and help us to achieve and maintain compliance with applicable data protection laws.
Where it is necessary for us to share your personal information with a third service party provider, we will ensure that the transfer of the information is done in a secure and controlled manner and only under the authority of the Data Controller.
All third-party providers instructed to act on behalf of TSL are only able to process the information shared with them to perform specific tasks or services and must act in accordance with applicable data protection laws.
Processing your personal information outside of the UK or EEA
It may be necessary to process your personal data in countries outside of the United Kingdom (UK) and/or the European Economic Area (EEA). If this happens, we will ensure the transfer is compliant with data protection legislation and appropriate physical and/or technological safeguards are in place to protect your personal data.
TSL will not transfer your personal information outside of the UK and/or EEA without the prior knowledge and consent of the Data Controller.
Retention of your information
We will retain personal information in accordance with the retention and deletion requirements of the Data Controller.
Personal information may also be transferred and deleted from TSL systems where we cease to be the nominated administrators of the account. These activities will only be completed under the instruction of the Data Controller.
Your data protection rights
Under data protection law, you have rights including:
- Your right of access - You have the right to ask for copies of your personal information.
- Your right to rectification - You have the right to ask to rectify personal information you think is inaccurate. You also have the right to ask to complete information you think is incomplete.
- Your right to erasure - You have the right to ask to erase your personal information in certain circumstances.
- Your right to restriction of processing - You have the right to ask to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability - You have the right to ask for the transfer of the personal information you gave us to another organisation, or to you, in certain circumstances.
- Your right to withdraw consent – Where we rely on your consent to process your personal information you have a right to withdraw it at any time.
- Your right to complain – You have a right to raise a complaint directly with your service provider, the ICO or with both if you are unhappy with the way in which your personal information has been processed.
If you would like to make a request for any of the above, please use the contact details provided in communications issued to you by your service provider.
Making a complaint
If you have any concerns regarding the processing of your personal information, you can make a complaint directly to your service provider using the contact details provided in communications issued to you.
Alternatively, you can also complain directly to the Information Commissioner’s Office (ICO) if you are unhappy with how your personal information has been processed.
The ICO’s address:
Information Commissioner’s Office
ICO helpline number: 0303 123 1113
Further data protection help and guidance
If you would like more information, help and advice about data protection regulations and your rights as an individual, you can visit the ICO website: https://www.ico.org.uk