Privacy Policy

ABOUT US

We, Drummonds Limited, are committed to safeguarding the privacy of our website visitors, our prospective customers (“prospects”) and our customers; this policy sets out how we will treat your personal information. If you have any questions about this policy or our treatment of your personal data, please contact us:

  • by email at: dataprotection@drummondsltd.co.uk
  • by post to: Drummonds Limited, Blackwell House, Guildhall Yard, London, EC2V 5AE
  • by telephone on: 0161 791 1480

Our data protection registration number is Z1631285. Our company is registered in England and Wales.

Drummonds Limited uses the trading style Financial Claims Office on selected promotional materials, which is registered as a tradings style with the Financial Conduct Authority.

Throughout this document we refer to the provision of our ‘Claims Services’. A definition of Claims Services can be found within our Terms of Engagement.

THE DATA SUBJECT 'YOU'

For the purpose of data processing we will refer to you as either a prospect or a customer, depending on your relationship with Drummonds.

Prospect: A potential customer who has not entered into a contract with Drummonds by agreeing to our Terms of Engagement.

Customer: An individual who has entered into a contract with Drummonds by returning a signed Letter of Authority, agreeing to Drummonds’ Terms of Engagement.

Throughout the policy, we refer to your personal information as your data.

PROSPECTS
When you provide your data to us, you consent for us to use your personal information to:

  • Contact you about the Claim Services we offer via the contact methods you have provided, which could include telephone, text message (SMS), email and/or post;
  • Administer our website, including ensuring that we can enable your use of the services on our website (including enquiries and complaints about our website) and improve your browsing experience by personalising the website

To process your enquiry, we require that you provide your full name and postal address. Depending on the method by which you make your enquiry, we may also require that you provide your telephone number and/or email address.

Upon receipt of your enquiry we will use your data to send you an Initial Pack, via post and may also contact you using the contact details you have provided to discuss your potential claim.

If you do not wish to provide these personal details, we will be unable to offer our Claims Services to you.

We will keep your contact details following an enquiry for a maximum period of three years. During this period, we will contact you using the contact details you have provided to offer our Claims Services to you. Contact will be made using the contact methods you have provided which could include:

  • Telephone, text message (SMS)
  • Post

We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure cloud servers that are subject to strict security requirements.

You can withdraw your consent for us to contact you by telephone, text message (SMS), email and/or post at any time. You are able to withdraw consent verbally via telephone or in writing via email or post using the contact details at the beginning of this policy. Additionally, every email, letter and text message (SMS) we send to you will include a way to opt-out.
CUSTOMERS
During the provision of our Claims Services, you agree for us to process your personal information through signing our Letter of Authority which means you agree to our Terms of Engagement, to allow us to:

  • Supply to you Claims Services under our Agreement;
  • Contact third parties on your behalf, with your specific instruction;
  • Provide you with updates via telephone, text message (SMS), email and post where such contact details have been provided; and
  • Send statements and invoices to you and collect payments from you.

Once you have entered into a contract with us, we will keep your data for as long as necessary to fulfil the purposes it was collected for. We will normally keep your data for six years starting from, the date of the conclusion of your last contract.

After this time, we will delete the information or anonymise the data so that it cannot be linked back to you.

The retention of your data enables us to provide our services to you, and fulfil our legal obligations including our accounting requirements and our regulatory obligations, such as complaints handling. Once you have entered into a contract with us we will also, send you information about similar products and services using the contact details you have provided to us, which could include telephone, text message (SMS), email and/or post.

We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure servers that are subject to strict security requirements.

You are able to opt-out of contact by telephone, text message (SMS) and/or email at any time. Whilst you remain under contract, you are unable to withdraw consent for postal communications, as we require this method of contact to fulfil our contractual and regulatory obligations.

You are able to withdraw consent verbally via telephone or in writing via email or post using the contact details at the beginning of this policy.

LEGITIMATE INTEREST

We have a Legitimate Interest in keeping both prospects and customers updated about any further services offered by us which may be of interest to you, including communication of any developments that may have an impact on the original service you engaged with us about (e.g. a change in the law that will make additional services available to you) and/or similar products and services. In these instances we may also provide a referral to a solicitor within our legal panel with your consent, including our legal partner(s).

‘Legitimate Interest’ means the interests of our company in conducting and managing our business [to enable us to give you the best service/products and the best and most secure experience].

For example, we have an interest in making sure our marketing is relevant for you, so we may process your information to send you marketing that is tailored to your interests.  It can also apply to processing that is in your interests as well.

When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override  your interests – we will not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

When establishing a ‘legitimate interest’ for communications/promotions to prospects, we adhere carry out a 3-stage Legitimate Interests Assessment (LIA) where we look to:

  • Identify a Legitimate Interest
  • Carry out a Necessity Test
  • Carry out a Balancing Test

Should you no longer wish to receive information about similar products and services, you can always withdraw your consent to receive marketing communications from us and we will stop processing your data for marketing purposes. You are able to withdraw your consent verbally via telephone or in writing via email or post using the contact details found on the specific marketing communication and at the beginning of this policy.

WHAT DATA DO WE COLLECT?

We collect, store and use the following kinds of your data:

  • information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type, referral source, length of visit and number of page views);
  • information relating to any transactions carried out between you and us on or in relation to this website, including information relating to the supply of our Claims Services;
  • information that you provide to us for the purpose of registering with us (including name, address, telephone number, email address and any financial information);
  • information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters;
  • information required to complete our Claims Services that we will request directly from you, including your personal circumstances and information about your financial products and services (this is not an exhaustive list); and
  • any other information that you choose to send to us.
RECIPIENTS OF YOUR DATA

We control the use of your data as you have directed. We do not sell your data to third parties in any circumstances.

To allow us to provide our Claims Services to you, the following third parties provide critical functions to our business and will process your personal information as directed by us and in accordance with strict data security arrangements:

  • Our Claims Services: during our Claims Services we will provide your data, under your specific instruction, to named Lenders, Loan Providers, Loan Brokers, Banks or other service providers and, if required, the Financial Ombudsman and/or Financial Services Compensation Scheme. We may also provide a referral to a solicitor within our legal panel with your consent, including our legal partner(s);
  • Our Systems and IT: we use third party firms who provide essential storage arrangements (including call recordings), software and support to our infrastructure some of which are stored outside of the European Economic Area (EEA);
  • Communicating with you: we use an outsourced print-house who manage our printing, they receive a copy of postal communication and print and send this on our behalf. Additionally, we use marketing platforms to send some of our email and text message (SMS) communications;
  • Our Regulators: we may be required to provide your data to our Regulators, who include the Financial Conduct Authority, the Financial Ombudsman Service and the Information Commissioner’s Office;
  • Our Professional Services: we use professional legal, consultancy and accountancy services to help us fulfil our legal obligations and help us improve our business; and
  • Other Third Parties: we may share your data with other third parties that provide services to us where you provide consent or we believe we have a Legitimate Interest to do so, including review platforms, tracing agents, credit controllers and/or debt collectors.

We have carefully selected our third parties due to their commitment to keeping your data safe. If you request for us to stop processing your data, we will also communicate this to the relevant third parties if they are processing this on our behalf. If you have any concerns about the above third parties, please let us know and we can provide advice and support to help you manage your data preferences.

YOUR DATA RIGHTS

As a data controller, if you request the rectification, erasure or restriction of your data, we will also communicate this to any third party who your data has been disclosed to.

In exercising any of your rights, we will take action within one month. However, should the request be complex we can extend this by a further two months. We will inform you of this in this event. We will need to confirm your identity before completing any action on your behalf, and reserve the right to not complete action until we are satisfied that you are making the request. If we cannot complete your request, we will inform you within one month and explain why.

You can access your data at any time by submitting a Subject Access Request (“SAR”). We will confirm what data is being processed and provide you with a copy of your data in addition to confirming your data rights. We will provide this free of charge. However, if you make repetitive requests, we will charge an administrative fee of £10.

You can make this request using reasonable means, including by telephone, post or email. If you make the request by email, we will provide your information in a commonly used electronic format unless you instruct us otherwise

If you wish to amend any inaccurate data that we hold, please notify us specifically by telephone, post or email, or during the course of the provision of our services. We will make the amendment as soon as possible. If any data held is incomplete, you can complete this at any time. We may require this to be completed to allow us to provide our Claims Services.
We can erase or “forget” your data when requested by you in the following circumstances:

  • We no longer require your data (when we have finished providing any Claims Services requested by you and are no longer subject to any legal or Regulatory requirements, such as accounting requirements and complaints handling);
  • You withdraw your consent and there is no other reason for us to hold your data;
  • You object to the processing, as described below;
  • You believe your data has been unlawfully processed; or
  • There is a legal obligation to erase your data.

You can make this request using reasonable means including by telephone, post or email. If you request for your data to be erased, we will confirm whether this can take place and the next steps that we will take. If we cannot erase your data, we will explain why and confirm any actions required to allow us to do so.

You can restrict us from processing your data in the following circumstances:

  • You believe your data is inaccurate;
  • You believe your data has been unlawfully processed but do not want us to delete your data;
  • We no longer need your data but it is required by you for making or defending a legal claim; or
  • You object to the processing, as described below, but we are verifying this.

If you make a restriction request, we will still store a copy of your data but cannot use this. We will inform you if the restriction needs to be lifted. You can make this request using reasonable means including by telephone, post or email. If you request for your data to be restricted, we will confirm whether this can take place and the next steps that we will take. If we cannot restrict your data, we will explain why and confirm any actions required to allow us to do so.

You can object to the processing of your data at any time. If you object, we will no longer process your data unless we have a compelling and legitimate reason not to do so. In this case, you will be informed why we cannot stop processing your data.

You can always object to receiving marketing from us and we will stop processing your data for marketing purposes at any time.

You can request your data in a commonly used electronic format, and for us to transfer this to another entity or person, where we are processing your data with your consent or in accordance with a contract. This will only apply to information which is processed by automated means (e.g. by a computer). Where feasible, we will send your data directly to another entity or person.
LEGAL REQUIREMENTS

We may be required to use your data due to a legal requirement which is placed upon us; this includes our regulatory requirements such as financial record keeping, staff training and monitoring, in addition to complaint handling. In these circumstances, we may be required to keep your data by law. We will always inform you if this is the case.

COOKIES

A cookie consists of information sent by a web server to a web browser, and is stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser. Our Cookie Policy can be found online at: https://www.drummonds.co.uk/cookie-policy.

DISCLOSURES

We may disclose information about you to any of our employees, officers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes as set out in this policy.

In addition, we may disclose information about you:

  • to the extent that we are required to do so by law;
  • in connection with any legal proceedings or prospective legal proceedings; and
  • in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
THIRD PARTY DATA TRANSFERS

We will only share your personal information outside the EEA where we have your consent, to comply with a legal duty, or where we work with a third party service provider to enable us to provide you with our services, and they process information outside of the EEA.

If we do share your information outside of the EEA with a third party service provider we will make sure that it is protected to the same extent as in the EEA. This includes through ensuring that the European Commission has made an ‘adequacy decision’ in respect of their data protection measures. You can learn more about this on the European Commission website.

In addition, some of the third party service providers we use that are based in the EEA may provide services which mean your data is transferred outside of the European Union. In any case, we ensure that there are appropriate security measures in place such as technical security, including encryption and restricted access to your data. We have strict contracts in place to make sure your data is kept safe and your data is always under our control. If you have any questions, please feel free to contact us for further information.

THIRD PARTY WEBSITES

This policy references other websites. We are not responsible for the privacy policies or practices of third party websites.

POLICY AMENDMENTS

We may update this policy from time-to-time by posting a new version on our website at https://www.drummondsltd.co.uk/privacy-policy. You should check this page occasionally to ensure you are happy with any changes.