Name of Firm: - Broadway Jewellers (Kent) Ltd
We are a Consumer Credit Business licensed by the FCA Ref number 738978
We are registered with the ICO for Data Protection ref number ZA344155
We do not require a Data Protection Officer because we are a small business with relatively small amounts of data stored. However our Business Manager is the key contact for data protection.
Under FCA SYSC requirements we also have a senior manager who takes responsibility for data, their title is Director of Broadway Jewellers (Kent) Ltd
2 Basis of Processing Data
We retain data and relevant information about our customers on the following basis;
Pawnbroking- Legitimate Interest- We process - proof of name, address complying with AML requirements. We ask for identification [e.g. passport/driving license & recent utility bill] for all new customers and apply due diligence as per our AML policy.
Pawnbroking-Marketing soft opt in- We use a soft opt in for marketing. This means that unless the customer ticks the box on contract note 6 of their Pawn Contract we may send them relevant marketing e mails and contact them as per article 22 of the PECR (Privacy and Electronic Communications Regulations), on the basis that;
We do not use third parties either for marketing or for CRAs (Credit Rating Assessments).
CCTV- is retained for one month as part of the legitimate process of preventing crime. Footage is shared with police on request to help ongoing investigations.
3. Data Controller
We Broadway Jewellers (Kent) Ltd are the Data Controllers, and are responsible for all personal information retained, and are subject to audit by the Information Commission Office (ICO). We do not share our data with 3rd parties.
The pawnbroking customers are made aware at point of transaction how, where and with whom their information will be shared.
There is standard information that our staff always read out to customers. We state to them before any information is taken;
Please read our privacy notice carefully, this explains what personal information we require about you to enter into and manage our agreement with you and for our legitimate interests (for example preventing fraud). It also explains how we may acquire, use and share that information and what rights you have regarding the data we hold about you. We may send you marketing communications unless you opt out of receiving them (see the tick box on note 6).
We Show the Customer Our Privacy Notice
We show every customer the privacy notice before any pawn transaction via a laminated privacy notice. Since the basis for processing data is Legitimate Interest (a pawn contract) the customer is not required to sign this.
Every contract has a Data Processing Clause (no. 6 on back of pawn contract)
This is a shortened version of the privacy notice but also has a soft opt in for marketing.
6. Data protection
The personal information we collect about you is used by us to fulfil our statutory obligations, to administer your agreement(s) and contact you, and when otherwise required by law or where permitted by Regulation (EU) 2016/679, the General Data Protection Regulation (GDPR). You will have already seen our privacy notice. It is important that you provide us with accurate information. If you provide false or inaccurate information or we suspect fraud, this information may be recorded. We will retain your data for six years after our account with you is closed, whether settled by you or in default.
You have the right to:
We may contact you by post, email, SMS or telephone for the purposes of marketing our products and services; please tick here □ if you do not wish to receive such marketing.
[We do not undertake CRA checks and we do not share data with 3rd parties]
5. Data collection
We have reviewed our business through our Information audit to identify the data that is processed and how it flows into the business.
We will ensure that data is collected within the boundaries defined in this policy. When collecting data, wewill ensure that the customer clearly understands why the information is needed.
We will respect the following rights for individuals:
6. Data Storage
Information and records relating to service users will be stored securely and will only be accessible to authorised staff. Information will be stored for only as long as it is needed or required statute and will be disposed of appropriately. [We store pawnbroking data for 6 years from the last point of contact].
It is our responsibility to ensure all personal and company data is non-recoverable from any computer system previously used within the organisation, which has been destroyed or sold to a third party.
We will undertake periodic [annual] Information audits and Data Protection Impact Assessments to continually aim to improve systems, minimise risk and improve security.
We will ensure that:
This policy will be updated as necessary to reflect best practice in data management, security and control and to ensure compliance with any future changes or amendments made to the GDPR 2018.
8 Data Breaches
We will maintain a log of all data breaches no matter how small. A small breach would include overhearing account details, losing a small amount of data or accidental deletion, loss of CCTV footage.
Examples of a major breach would be loss or theft of entire database, web cyber security issue or hacking resulting in theft of e mails/ passwords/ financial data of a significant or unquantified number of people.
We will ensure we have robust breach detection, investigation and internal reporting procedures in place.
We will report serious breaches within 72 hours of becoming aware of the breach where feasible, to the ICO on 0303 123 1113 and explain;
9 Our Privacy Notice
Broadway Jewellers (Kent) Ltd Privacy Notice
This explains how and why we acquire and use your personal information in accordance with Regulation (EU) 2016/679, the General Data Protection Regulation (GDPR).
We may collect information about you: as part of your loan application and for the purposes of managing your loan agreement from you, from public records and from third parties with your consent .This includes your name, address, date of birth, contact details, employment information, credit record and your agreement history.
We use your information to:
We may use your data for the above purposes to fulfil our legitimate interest of managing our legal agreement with you and where otherwise required to comply with our legal and regulatory obligations and where permitted by the GDPR. If you do not provide us with your personal information, we will not be able to lend to you.
We may also use your information for other purposes where you have consented to this (see below).
We may share your information with:
We store your information:
We keep your information:
You have the right to:
If you have question, want to exercise your rights or make a complaint, please contact us.
If we cannot resolve your complaint, you may contact the Financial Ombudsman Service at:
Financial Ombudsman Service
Tel: 08000 234 567
You also have the right to complain to the Information Commissioner's Office at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. www.ico.org.uk.
We may contact you by post, email, SMS or telephone for the purposes of marketing our products and services; please tick the box in note 6 on your contract if you do not wish to receive such marketing.