Providing efficient and effective service to local authorities, Magistrates’ Courts and private landlords since 2002

News Article

GDPR

  • 16 May 2018
  • John Caldon

The General Data Protection Regulation (“GDPR”) is the new legal framework that will come into effect on May 25, 2018 in the European Union. Building on current data protection laws, GDPR gives every business a new set of obligations and every consumer strengthened rights regarding their data. Please see below our updated privacy policy.

 

Privacy Policy

London Warrant Enforcement Limited (“we”, “us”, or “our”) is committed to protecting and respecting the privacy of everyone who visits our sites at www.lw-e.com and www.lw-e.co.uk (the “site”) Our Privacy Policy (the “Policy”) describes how we use any personal information we collect from you, or that you provide to us and its security in a manner consistent with your rights and our obligations under the Data Protection Act 1998 (“DPA”) and new legislation under the General Data Protection Regulations 2018 (“GDPR”) (“current legislation”).

Please read the following carefully to understand our views and practices regarding your personal data and how it is treated. By entering our site at www.lw-e.com or www.lw-e.co.uk you are deemed to have accepted this policy. If you do not accept and agree with this Privacy Policy, you must not visit or stop using www.lw-e.com or www.lw-e.co.uk immediately.

i.            Information about us

1.              Our Site is operated by London Warrant Enforcement Ltd, a limited liability company registered in England & Wales with Companies House under company no. 04388195, our registered office is at 20-22 Wenlock Road, London N1 7GU.

2.              In accordance with current legislation, London Warrant Enforcement Limited is registered with the Information Commissioner’s Office (ICO) under registration no. Z8501150. Our classification /Nature of work is Debt administration and factoring. Our nominated representative for the purposes of current legislation is John Caldon.

ii.           What this policy covers

1.              This policy applies to www.lw-e.co.uk and www.lw-e.com only and does not apply to any other sites whose links appear either directly or indirectly on our site such as https://en-gb.facebook.com/londonwarrantenforcement/ It is therefore in your own interest to read the privacy policies of that website as we are not responsible for any data captured by that site or how it is used.

iii.          Information we may collect from you

1.              We may collect your personal information through various means, including via our Site or when you make a credit or debit card payment through our payment processing merchant  Barclaycard ® who use 128 bit encrypted Secure Socket Layer (SSL) technology. Your card details will not be stored by us. They will only be taken by Barclaycard ® when making the payment. London Warrant Enforcement captures personal information about the payment you are about to make to ensure each payment can be identified and credited to the correct account.

2.              Other data may be collected through direct contact, telephone, email or other electronic correspondence or if you voluntarily submit it, except where we are required by law to collect personal data (for example, to comply with money laundering regulations) in which case the provision of personal data is mandatory. We may not be able to provide the services you request where you fail to provide us with such required information.

3.              We will use your information to provide the service requested. We may share your personal data between our client, partner organisations, such as government bodies and the police. We will do so when it is of benefit to you, or required by law, or to prevent or detect fraud.

4.              Some or all of the following data may be collected about you:

§  Name;

§  Business/company name;

§  Date of birth;

§  Gender;

§  Job title;

§  Profession;

§  Visual and audio images of you through our use of Body Worn Video and audio recording equipment;

§  Contact information such as email addresses and telephone numbers;

§  Demographic information such as postcode and preferences;

§  Financial information such as credit / debit card numbers;

§  Personal data collected arising out of the debt collection and enforcement process (some of which may include sensitive data related to the customer or other third parties), such as information on the physical or mental health or condition of the debtor and details of incidents occurring during debt enforcement visits;

§  Social media profile names;

§  Caller line identification;

§  Complainants and other individuals in relation to a judicial service complaint or  enquiry;

§  People who use our services

§  Information that you provide to us in any application for employment.

§  Vehicle index registration keeper details; and

§  Banking details such as sort code and account no. that you have provided to us.

The following data is automatically collected

§  IP address;

§  Web browser type and version;

§  Operating system;

§  A list of URLs starting with a referring site, your activity on our Site, and the site you exit to;

iv.           Information we receive from other sources

1.              Our clients or partner organisations may share personal data with us in order for us to provide our service.

2.              The following data may be shared with us by our clients or partner organisations:

§  Name of any other persons in your household;

§  Any company, charity or association you may have;

§  Date of birth;

§  Gender;

§  Your employment details;

§  Contact information such as email addresses and telephone numbers;

§  Any other addresses or abodes you may have;

§  Personal data collected arising out of the enforcement process (some of which may include sensitive data related to the customer or other third parties), such as information on the physical or mental health or condition of the debtor or any others at a property we may visit and details of incidents occurring during previous enforcement visits, this is to ensure the Health and Safety of our enforcement agents and sub-contractors;

§  Social media profile names;

§  Caller line identification;

§  Vehicle index registration keeper details;

v.           Sensitive personal data

1.              Current legislation defines certain personal data as ‘sensitive’ such as personal data regarding your ethnic origin, mental and physical health. We are required under the Taking Control of Goods Regulations to identify any vulnerabilities and therefore we may use that sensitive personal data. We may, for debt collection purposes, therefore ask you for some sensitive details or you may volunteer such personal data to us. We will only use this personal data for debt collection purposes and we will obtain your consent to process this data. We may share any of your sensitive personal data with our client to ensure your case is managed appropriately for debt collection purposes only. Any sharing of your sensitive personal data with clients will be on the basis of your consent or if we are required or permitted to do so under current legislation.

vi.          How we use this information

1.              All personal information is stored securely on servers in the United Kingdom in accordance with the principles current legislation. We use your data to provide the best possible services to you and to fulfil our legal obligations to our staff and enforcement agents acting on our behalf.

This includes:

§  supplying our services to you on behalf of our clients;

§  personalising and tailoring our services for you;

§  providing and managing your access to our Site;

§  personalising and tailoring your experience on our Site according to your interests or to make it more user friendly;

§  responding to communications from you, including any complaints;

§  enabling payments to be made by debtors on behalf of our clients;

§  sharing information about incidents occurring at the doorstep to protect the health and safety of the individuals involved with enforcement visits; and

§  collecting information (where appropriate) on the vulnerability of individual customers who we are collecting or enforcing orders against, to ensure that they are treated fairly.

2.              We will not,  send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the Data Protection Act 1998 and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015.

3.              We may use your e-mail address to make contact with you in order to encourage or remind you of a payment that is due or to ask you to contact our helpline or enforcement agent.

4.              We may use your mobile number to contact you by Short Message Service (SMS) to encourage or remind you of a payment that is due or to ask you to contact our helpline or enforcement agent.

5.              Calling our helpline may result in our collection of Calling Line Identification information. All calls are recorded. Call recordings may be reviewed as part of a complaint investigation. The use of this information assists with the improvement of our efficiency and effectiveness.

vii.         How and where information is stored

1.              We only keep your data for as long as we need to in order to use it as described in section 4, and/or for as long as we have your permission to keep it.

2.              Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our Site.

3.              Your data will only be stored in line with current legislation.

4.              Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting to us via the internet.

viii.        Disclosure of your information

1.              We may compile statistics relating to site traffic, all of this will be totally anonymous and will only be shared and used within the bounds of the law.

2.              Occasionally we may be legally bound to release certain data held by us which may include personal information, this may be because of legislative requirements, court order or government authority. We do not require your further consent to share or release this data and will comply with any legal request made to us.

6.              It may be necessary to share or release your data in pursuit of a general public interest or a third party’s interest. This may include assisting law enforcement agencies or private stakeholders in their efforts to combat illegal activities, such as money laundering, fraud prevention or misuse of services.

ix.          Complaints

1.              If we investigate a complaint it may be necessary to release certain information to other organisations in order to assist with resolving that complaint.

2.              Upon receipt of a complaint, a folder is created with details of that complaint and the identity of the complainant plus any other persons involved.

3.              We will only use the information held within the complaint folder to resolve this complaint. Any information released such as statistics will not identify any specific person or individual.

4.              We would disclose the complainant’s identity to whoever the complaint is about. Any complainant would need to advise if they object to this when making the complaint.  It may however not be possible to handle complaints on an anonymous basis.

5.              Complaints will be held in a specific folder within a secure environment for a six year period.

6.              If you are not satisfied with the way in which we have handled your data you may make complaint to the Information Commissioners Office by telephoning 0303 123 1113, by e-mail at https://ico.org.uk/global/contact-us/email/ or by live chat at https://ico.org.uk/global/contact-us/live-chat

x.           Your right to withhold information

1.           You can access most of our site without providing any information but certain areas require you to submit certain data.

2.           You may restrict your internet browser’s use of Cookies. For more information see below relating to the use of cookies.

xi.          Your right to access information

1.           You have the legal right to request details of any personal information we hold about you under current legislation. If you would like a copy of the information held on you, please write to us at London Warrant Enforcement, 20-22 Wenlock Road, London N1 7GU. You will be required to provide certain documents to identify yourself.

xii.         Ensuring the accuracy of your information

1.           If you believe that any information we are holding or have published about you is incorrect or incomplete, please contact us as soon as possible at London Warrant Enforcement, 20-22 Wenlock Road, London N1 7GU. You will be required to provide certain documents to identify yourself. We will attempt to remove anything that is incorrect or complete as soon as physically possible.

2.           We may retain residual information about you in our backup and/or archival copies of our database. This will be deleted in accordance with our data retention policy.

xiii.        Protecting your information

1.           We will make all reasonable efforts to protect and safeguard and data held about you. We have strict company processes both physical and electronic to secure your information.

2.           You should note that when using www.lw-e.com or www.lw-e.co.uk, your information may travel through third party infrastructures that are not under our control. If you follow a link to any of these websites including https://en-gb.facebook.com/londonwarrantenforcement/, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

3.           Our software is highly encrypted to protect your data. Unfortunately, the internet is never a completely secure environment. Therefore, we cannot guarantee that hackers or unauthorised personnel will not gain access to your personal information despite our best efforts.

4.           We have confidentiality protocols in place with our third party service providers to protect your personal data and information.

xiv.        Cookies

1. What Are Cookies

As is common practice with almost all professional websites this site uses cookies, which are tiny files that are downloaded to your computer, to improve your experience. This page describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored however this may downgrade or 'break' certain elements of the sites functionality. For more general information on cookies see https://en.wikipedia.org/wiki/Secure_cookie

2. How We Use Cookies

We use cookies for a variety of reasons detailed below. Unfortunately in most cases there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site. It is recommended that you leave on all cookies if you are not sure whether you need them or not in case they are used to provide a service that you use.

3. Disabling Cookies

You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of this site. Therefore it is recommended that you do not disable cookies.

4. The Cookies We Set

We use cookies when you are logged in so that we can remember this fact. This prevents you from having to log in every single time you visit a new page. These cookies are typically removed or cleared when you log out to ensure that you can only access restricted features and areas when logged in.

When you submit data to through a form such as those found on contact pages or comment forms cookies may be set to remember your user details for future correspondence.

5. Third Party Cookies

In some special cases we also use cookies provided by trusted third parties.

6. Identifying third-party cookies

You can check if website uses third-party cookies in any modern browser. Instructions vary in different browsers

7. More Information

Hopefully that has clarified things for you and as was previously mentioned if there is something that you aren't sure whether you need or not it's usually safer to leave cookies enabled in case it does interact with one of the features you use on our site. However if you are still looking for more information please contact us through one of our preferred contact methods.

xv.         Changes to our Privacy Policy

1.              This Privacy Policy may change when deemed necessary. Any changes will be posted immediately on our site where terms of this policy would have been accepted on entry.

2.              Please check with us regularly to keep up to date with our Privacy Policy.

3.              This policy is dated the 16th day of May 2018

  

OUR OBLIGATIONS TO OUR CLIENTS AS THEIR DATA PROCESSOR

1                     London Warrant Enforcement Ltd hereby referred to as the Data Processor will process the personal data in compliance with DPA 2018: Data Protection Act 2018; GDPR: the General Data Protection Regulation (Regulation (EU) 2016/679) 

2                     The Data Processor undertakes that it shall process the personal data strictly in accordance     with the Data Controller's instructions for the processing of that personal data.

3            The Data Processor will process the Personal Data for the following purposes only:

•            The pursuant of the debt type in accordance within the relevant Regulations/Legislation.

4            The Data Processor will treat the personal data, and any other information provided by the Data Controller as confidential, and will ensure that access to the personal data is limited to only those employees who require access to it for the purpose of the Data Processor carrying out the permitted processing and complying with its obligations under their Data Processor Agreement.

5            The Data Processor will ensure that only such of its employees who may be required by it to assist it in meeting its obligations under their agreement shall have access to the personal data. The Data Processor will ensure that all such employees have undergone training in the law of data protection, their duty of confidentiality under contract and in the care and handling of personal data.

6            The Data Processor agrees to assist the Data Controller promptly with all subject information requests which may be received from the data subjects of the personal data and within its        service level target of 21 days.

7            The Data Processor will not disclose the personal data to a third party in any circumstances     other than at the specific written request of the Data Controller, unless the disclosure is                        required by law.

8            The Data Processor will NOT transfer the personal data outside of the United Kingdom.

9            The Data Processor will not sub-contract any of the processing without explicit written                              agreement from the Data Controller.  Where such written agreement is provided, the Data     Processor will ensure that any sub­ contractor it uses to process the personal data complies   with the terms of this agreement.

10          The Data Processor will employ appropriate operational and technological processes and       procedures to keep the personal data safe from unauthorised use or access, loss,                destruction, theft or disclosure. The organisational, operational and technological processes               and procedures adopted are required to comply with the requirements of ISO 27001 as                  appropriate to the services being provided to the Data Controller.

11          The Data Processor will not keep the personal data on any laptop, tablet or other removable drive or device unless that device is protected by being fully encrypted, and the use of the laptop, tablet or other removable device is necessary for the provision of the services under their agreement. Where this is necessary, the Data Processor will keep an audit trail of which laptops/drives/devices the personal data are held on.

12          The Data Processor will notify the Data Controller of any information security incident that may impact the processing of any personal data covered by their agreement within two working days of discovering, or becoming aware of any such incident.  Following the report of any incident,             the Data Processor will cooperate with the Data Controller's Information management staff whilst they carry out a risk assessment, root cause analysis and identify any corrective action required. The Data Processor will cooperate with the Data Controller in implementing any required corrective action agreed between the parties.

13          On satisfactory completion of the service or on termination of this agreement, the Data Processor will ensure that the personal data is securely removed from our systems and any printed     copies securely destroyed. In complying with this clause, electronic copies of the personal data shall be securely destroyed by either physical destruction of the storage media or secure deletion using appropriate electronic shredding software that meets HM Government standards. Any hard copy will be destroyed by cross-cut shredding and secure re-cycling of the resulting paper waste.

14          The Data Controller reserves the right upon giving reasonable notice and within normal  business hours to carry out compliance and information security audits of the data processor in order to satisfy itself that the Data Processor is adhering to the terms of their               agreement.  Where a sub­ contractor is used, the Data Processor agrees that the Data Controller may also, upon giving reasonable notice and within normal business hours, carry out               compliance and information security audits and checks of the sub­ contractor to ensure adherence to the terms of their agreement.