Privacy Policy

Blue Panda Finance takes the security and privacy of the personal information that you provide very seriously and is committed to protecting and respecting your privacy. Blue Panda Finance takes every reasonable precaution to ensure that your information is used only in ways as outlined in this Privacy Policy and handled within compliance of the Blue Panda Finance Terms and Conditions.

PURPOSE

This Privacy Policy will explain how Blue Panda Finance will use your information for marketing and all other purposes. By submitting your details to Blue Panda Finance via this website (the “Site”, “We”, “Us”), social media, electronic communication or by telephone via the contact centre (the “Contact Centre”), you consent to Blue Panda Finance using your personal information in accordance with this Privacy Policy, and in particular to:

Administer our website, including ensuring that we can enable your use of the services on our website (including enquiries and complaints about our website) and improve your browsing experience by personalising the website.
Contact you for marketing and informational purposes about your potential financial-mis-selling complaint and related claims-management services. This may include areas such as payment protection insurance, packaged bank accounts, concealed commissions, mis-sold pensions and investments, payday loans, mortgages and other secured lending, car-finance agreements, and other similar financial products or services.
Contact you via the contact methods you have chosen to provide, including via text message, telephone, email and by post.

SCOPE

This policy sets out the basis on which any personal data Blue Panda Finance collects from you, or that you provide to Us, will be processed by. Please read the remainder of this Policy carefully to understand Blue Panda Finance practices regarding your personal data and how we will treat it.

YOUR PERSONAL DATA

During the course of your interaction with Blue Panda Finance, there is various information that we will collect about you. We only collect the personal data about you that is needed to proceed with claims management services on your behalf. This includes information you voluntarily provide to us, including; name, address, email, date of birth, phone number and all other information you provide to us as part of the Claims Management process.

All personal data we hold is processed by Blue Panda Finance staff in the UK. Your information is held on our servers, which are hosted by our IT provider – compliant to ISO9001 and ISO27001), also based here in the UK.

We collect, store and use the following kinds of your data:

information that you provide to us for the purpose of registering with us (including name, address, date of birth, telephone number and any financial information);
information relating to any transactions carried out between you and us on or in relation to this website, including information relating to the supply of our services;
information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters);
information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type, referral source, length of visit and number of page views). This information relates only to overall browsing trends and patterns and does not identify any individual user;
information required to complete our services that we will request directly from you, including your personal circumstances and information about your financial products and services; and
any other information that you choose to send to us.

If you choose not to provide personal data that we are legally required to collect, or that we need to fulfil a contract with you, we may be unable to deliver the agreed service or product. In such circumstances, we may have to cancel the relevant service or product, and we will inform you if this becomes necessary.

How we collect your personal data

We collect personal data through various methods, including direct interactions. You may provide information by completing our forms or by corresponding with us via telephone, post, email, or other channels. This includes personal data you supply when you:

engage or appoint us to provide products or services;
request marketing information; or
give us feedback.

Why we need your Data

As the data controller for customer and prospective-customer information, we process personal data for a range of purposes. The key purposes are outlined below:

Register you as a new customer;
Supply to you services you have engaged us to perform;
To manage our relationship with you and performance of a contract with you;
Send you general business or service-related communications using the contact details you provided. You can update your communication preferences at any time by using our Contact Us Page;
Contact third parties on your behalf, with your specific instruction;
Refer you to an appropriate law firm or Claims Management Company for assessment and possible representation if we identify that you may have a claim relating to mis-sold financial products.
Send you email notifications which you have specifically requested;
To make suggestions and recommendations to you about goods or services that may be of interest to you;
Invite you to provide a review or complete a customer satisfaction survey, and publish any feedback or testimonials you choose to share about our services;
Use data analytics to enhance our website, services, marketing, and overall customer experience; and
Monitor and record telephone calls and other communications to meet regulatory requirements and for quality assurance and staff training purposes.

Please note, there is certain information and data we need to be able to complete our services for you. We will always explain what it is we need, and why we need it. If you do not provide this, we may not be able to fulfil our contractual obligations with you. If you do not wish to provide this, we have the right to terminate your contract with us.

Marketing, Advertising and Promotions

We give you clear choices about how we use your personal data for marketing. Depending on your contact preferences, we may send you information about products or services offered by us or by other companies within our group.

You have a right to withdraw your consent.

Where we rely on your permission to process your personal information, you have a right to withdraw your consent at any time. We will always make it clear where we need your permission to undertake specific processing activities.

You have a right to object to direct marketing.

At times we may rely on our legitimate interests to suggest products or services that could be relevant to you. Before doing so, we carefully balance our interests against any potential impact on your rights and freedoms. We will not use your personal data where our interests are outweighed by that impact, unless we have your consent or are otherwise legally required or permitted to do so.

You can update your marketing preferences or opt out of marketing at any time. Opting out will not affect personal data you provide to us in connection with our services. To stop marketing communications, you can:

click the unsubscribe (opt-out) button contained in any such communication received;
contact us on 0161 914 5620; or
email us at: optout@bluepandafinance.co.uk providing us with your name and contact details.

We may use information to help us understand what services may be of interest to you and to decide which offers to send. We will always obtain your explicit consent (opt-in) before sharing your personal data with any third party outside our group for their own marketing.

Where you have subscribed to receive marketing from us, we will continue to send you marketing communications for a reasonable period consistent with your original consent, unless you withdraw that consent earlier.

COOKIE USE

It is necessary for this website to use cookies. In fact, most websites you visit will use cookies in order to improve your user experience by enabling that website to ‘remember’ you, either by creating session cookies (for the duration of your visit) or persistent cookies (for repeat visits). This makes the interaction between you and the website faster and easier. If a website does not use cookies, it will think you are a new visitor every time you move to a new page on the site – for example, when you enter your login details and move to another page it will not recognise you and it will not be able to keep you logged in. Cookies are also used to enable help target advertising or marketing messages based on your location and/or browsing habits. Cookies may be “first party cookies” (set by the website you are visiting) or “third party cookies” (set by other websites who run content on the page you are viewing). Third Party cookies assist with collating information to assist with analytics or targeted marketing.

What is in a cookie?

A cookie is a simple unique text file stored on your computer or mobile device by a website server. Only that website’s service is able to retrieve or read the contents of the cookie. It will contain some information such as the URL of the website, a unique identifier and some digits and numbers.

What to do if you don’t want cookies to be set

Some people find the concept of cookies intrusive. If you prefer, it is possible to block cookies or even to delete cookies that have already been set; but you need to be aware that you might negatively affect the manner in which this website responds to you and may prevent you from using certain parts of the site.

Should you wish to control the manner in which Cookies are handled on your computer, configuring your Internet browser is a free and effective way to do this. Please see the guides below to assist with the most popular Browsers:

What Cookies do we use?

This website uses the following external tracking services:

Google Analytics Universal Tracking
Google AdWords Conversion
Google AdWords Remarketing

Google Analytics

We use Google Analytics to analyse how website visitors interact with our website. We use this information to identify trends and help us improve our website. The cookies collect information in an anonymous form about visitors to the site, including what pages they visited, how long they stay on each page for and the number of clicks.

To opt out of Analytics for the web, please visit the Google Analytics Opt Out Page.

Google Adwords

This website uses cookies to track conversions from the sites Adwords marketing campaigns and also for the purpose of addressing visitors via remarketing campaigns with online advertising at a later point in time within the Google advertising network. For the placing of remarketing adverts, third parties such as Google Cookies use this current website on the basis of a visit. You, as a user, have option of deactivating the use of cookies via Google by visiting the Google deactivation page.

For more information on how businesses use cookies and how to manage cookies you can visit the following resources:

What we do with your Data and how we use it

To deliver and complete the services you have requested, we may need to share your personal data with carefully selected third parties who perform essential functions on our behalf. We do not sell, rent, or otherwise disclose your personal information to unrelated organisations or individuals, except where required by law or necessary to comply with a regulatory or legal process. We may also share anonymised, aggregated demographic information (which cannot identify you) with business partners, affiliates, or advertisers for analytical and improvement purposes.

To allow us to provide our services to you, the following third parties provide critical functions to our business and will process your personal information as directed by us and in accordance with strict data security arrangements:

Service Delivery Partners: Organisations involved in progressing your case or facilitating the services you have requested (for example, lenders, brokers, specialist claims partners, external advisers, or dispute-resolution bodies such as the Financial Ombudsman Service). Where a referral is appropriate, we will inform you in advance, identify the partner firm, and give you the opportunity to review their documentation and any applicable charges before proceeding. We will also provide a referral to any partner firm, at your request, such as ID Tech Solutions Ltd for cases relating to diesel emissions claims and/or diesel particulate filter claims; Pacific Financial Solutions, to provide debt advice/solutions. Before any referral is done, you will always know which partner firm we will offer to refer you to and will have the chance to review their paperwork and any charges you are agreeing to before proceeding.
Advertising and Analytics Providers: We also use third party advertising services who provide analytical information about our advertising to help us improve this in the future. In any event, the data held by analytics firms is on an anonymised basis meaning they cannot identify you.
Systems and IT: We use third party firms who provide essential storage arrangements (including call recordings), software and support to our infrastructure.

Authorised employees who require access to your information to provide the requested goods or services.

Regulators & Authorities: Regulatory bodies such as the Financial Conduct Authority, the Financial Ombudsman Service, or the Information Commissioner’s Office, where we are legally required to share information.

Professional Advisors: External legal, consultancy, and accountancy firms that assist us in meeting our legal and regulatory obligations.

We have carefully selected our third parties due to their commitment to keeping your data safe, and, where possible, all data is processed within the UK. Where data is transmitted outside of the UK, we ensure that there are appropriate security measures in place such as technical security, including encryption and restricted access to your data.

Some of these third parties may be based outside the European Economic Area. For more information, including on how we safeguard your personal data when this occurs, see below: ‘Transferring your personal data out of the UK and EEA’.

We will not sell or distribute personal data to other organisations without your approval.

How long your personal data will be kept

We will keep your personal data while we are providing services to you. Thereafter, we will keep your personal data for as long as is necessary:

to respond to any questions, complaints or claims made by you or on your behalf;
to show that we treated you fairly;
to keep records required by law

We will not keep your data for longer than necessary. Different retention periods apply for different types of data.

When it is no longer necessary to keep your personal data, we will delete or anonymise it.

Transferring your personal data out of the UK and EEA

To deliver services to you, it is sometimes necessary for us to share your personal data outside the UK/EEA, eg:

with your and our service providers located outside the UK/EEA;
if you are based outside the UK/EEA;
where there is a European and/or international dimension to the services we are providing to you.

Under data protection law, we can only transfer your personal data to a country or international organisation outside the UK/EEA where:

the UK government or, where the EU GDPR applies, the European Commission, has decided the particular country or international organisation ensures an adequate level of protection of personal data (known as an ‘adequacy decision’);
there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for data subjects; or
a specific exception applies under data protection law

These are explained below.

Adequacy decision

We may transfer your personal data to certain countries, on the basis of an adequacy decision. These include:

all European Union countries, plus Iceland, Liechtenstein and Norway (collectively known as the ‘EEA’);
Gibraltar; and
United States & South Africa.

The list of countries that benefit from adequacy decisions will change from time to time. We will always seek to rely on an adequacy decision, where one exists.

Other countries or international organisations we are likely to transfer personal data to do not have the benefit of an adequacy decision. This does not necessarily mean they provide poor protection for personal data, but we must look at alternative grounds for transferring the personal data, such as ensuring appropriate safeguards are in place or relying on an exception, as explained below.

Transfers with appropriate safeguards

Where there is no adequacy decision, we may transfer your personal data to another country or international organisation if we are satisfied the transfer complies with data protection law, appropriate safeguards are in place, and enforceable rights and effective legal remedies are available for data subjects.

The safeguards will usually include using legally-approved standard data protection contract clauses.

To obtain a copy of the standard data protection contract clauses and further information about relevant safeguards, please contact us (see ‘Key Contact Details’ below).

Transfers under an exception

In the absence of an adequacy decision or appropriate safeguards, we may transfer personal data to a third country or international organisation where an exception applies under data protection law, eg:

you have explicitly consented to the proposed transfer after having been informed of the possible risks;
the transfer is necessary for the performance of a contract between us or to take pre-contract measures at your request;
the transfer is necessary for a contract in your interests, between us and another person; or
the transfer is necessary to establish, exercise or defend legal claims

We may also transfer information for the purpose of our compelling legitimate interests, so long as those interests are not overridden by your interests, rights and freedoms. Specific conditions apply to such transfers and we will provide relevant information if and when we seek to transfer your personal data on this ground.

If you request for us to stop processing your data, we will also communicate this to the relevant third parties if they are processing this on our behalf. If you have any concerns about the above third parties, please let us know and we can provide advice and support to help you manage your data preferences.

Except as described herein, we do NOT disclose your information to nor share your information with third parties.

We take appropriate security measures to protect against unauthorised access to or unauthorised alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorised access to systems where we store personal data.

We restrict access to personal information to our employees, contractors and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.

We also have procedures in place to deal with any data security breach should one occur. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

MONITORING AND RECORDING

We may monitor and record communications with you (Such as telephone calls and emails) for quality assurance, training, fraud-prevention, and compliance purposes.

For regulated claims management activities, applicable regulations require us to retain personal data, including online enquiries, call recordings, and emails, for at least 12 months after our final contact with you. For all other services, we keep call recordings and emails only for as long as they are needed to fulfil the purposes for which they were collected or to meet our legal and regulatory obligations.

LEGITIMATE INTERESTS

We rely on legitimate interests as our lawful basis for processing. Processing is necessary for the performance of a contract to which you, the data subject is party and to take steps at the request of you, prior to entering into a contract. We will only process your personal data in a way that you reasonably expect.

In respect of our legitimate interests, we have a legitimate interest in keeping you updated about any further services offered by us which may be of interest to you both during and after the conclusion of your contract with us, including communication of any developments that may have an impact on your original service (e.g. a change in the law that will make additional services available to you). We will use the details you have provided to contact you including by telephone, email and post. If you do not wish for us to contact you in this manner, or by a specific method, you will be able to unsubscribe at any time to one or all contact methods and this option will be easy for you to complete.

Furthermore, we offer a comprehensive service to address several areas of financial mis-selling and will help you assess any affected products. As part of this service, we can provide a direct referral to any partner partners who are able to offer specialist support in respect of alternative financial products. We will always ask for your consent before doing so and this is entirely your choice.

We also have a legitimate interest in using your data to help us to review our services and obtain analytics in respect of our customer base.

GENERAL DATA PROTECTION REGULATION

We will do our utmost to ensure our requirements pursuant to the UK GDPR (including any statutory modification or re-enactment) are fully complied with at all times. As is necessary for the purposes of legitimate interests, we will use your data (Data) in the progression of your matter and will act as a “data controller” (for the purposes of UK GDPR) of your data. Specifically we will use your data for the purpose of progressing your claim including through Court, Counsel, Arbitrators, Ombudsman Schemes and Claims Management Partners, Solicitor Agents and any other search in the progression of your matter.

We comply at all times with our obligations under UK GDPR, including but not limited to, taking appropriate technical and organisational measures against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to personal or special personal data. When considering what measures are appropriate, we shall have regard to the state of good practice, technical development and the cost of implementing any measures to ensure a level of security appropriate to the harm that might result from such unauthorised or unlawful processing or accidental loss or destruction, and to the nature of the data to be protected.

If you are ever dissatisfied, please contact us so we can do our best to resolve your concerns. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), at www.ico.org.uk.

To help us meet our legal obligations, it is important that the personal data we hold about you remains accurate and up to date. Please let us know promptly of any changes during your relationship with us.

Access to your personal information

You have a right to get access to the personal information we hold about you.

If you would like a copy of the personal information we hold about you, please contact us using the Key Contact Details below.

Change inaccurate personal information

You have a right to rectification of inaccurate personal information and to update incomplete personal information.

If you believe that any of the information that we hold about you is inaccurate, you have a right to request that we restrict the processing of that information and to rectify the inaccurate personal information.

Request us to delete your information

You have a right to request that we delete your personal information.

You may request that we delete your personal information if you believe that:

We no longer need to process your information for the purposes for which it was provided.
We have requested your permission to process your personal information and you wish to withdraw your consent.
We are not using your information in a lawful manner.

You can withdraw your consent (opt-out) for us to contact you at any time. Please note: if you have signed a contract to complete a claim, our contractual rights will still apply, and we can contact you in relation to a cancellation fee or any outstanding monies owed to us.

Request us to restrict the processing of your information

You have a right to request us to restrict the processing of your personal information.

You may request us to restrict processing your personal information if you believe that:

any of the information that we hold about you is inaccurate
we no longer need to process your information for the purposes for which it was provided, but you require the information to establish, exercise or defend legal claims; or
we are not using your information in a lawful manner

You can withdraw your consent (opt-out) for us to contact you at any time. Please note: if you have signed a contract to complete a claim, our contractual rights will still apply and we can contact you in relation to a cancellation fee or any outstanding monies owed to us.

Request personal information provided in a portable format

You have a right to data portability.

Where we have requested your permission to process your personal information or you have provided us with information for the purposes of entering into a contract with us, you have a right to receive the personal information you provided to us in a portable format.

You may also request us to provide it directly to a third party, if technically feasible. We’re not responsible for any such third party’s use of your account information, which will be governed by their agreement with you and any privacy statement they provide to you.

If you would like to request the personal information provided to us in a portable format, please contact us using the Key Contact Details below.

Object to the processing of your personal information

You have a right to object to the processing of your personal information.

You have a right to object to us processing your personal information (and to request us to restrict processing), unless we can demonstrate compelling and legitimate grounds for the processing, which may override your own interests or where we need to process your information to investigate and protect us or others from legal claims.

Depending on the circumstances, we may need to restrict or cease processing your personal information altogether, or, where requested, delete your information.

If you wish to exercise any of your rights, please use the contact information in the Key Contact Details section below.

OUR DATA RETENTION POLICY

Adhering to the Information Commissioner’s Office guidance and under the Financial Conduct Authority’s rules, we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for a reasonable period. This extends to keeping recordings of all inbound and outbound calls and copies of electronic communications such as emails or SMS.

We have determined a reasonable retention period to be 6 years after a customer ceases a contractual relationship with us. We believe this is an appropriate period to preserve evidence for tax, regulatory and legal purposes and with one eye on appropriate limitation periods relevant and the necessity to preserve evidence to aid scrutiny.

In instances where we receive an enquiry but a service contract is NOT entered into, we keep personal data for a period of 12 months following last contact.

TELEPHONE PREFERENCE SERVICE (TPS)

If you are registered with the telephone preference service (TPS) you understand that by agreeing to the terms of this privacy policy you are giving express consent for Blue Panda Finance to contact you via telephone and SMS (text) for the purpose of progressing your application(s). Further information is available on the ICO website found here.

COMPLAINTS

If you believe we have mistreated your information/data and wish to lodge a complaint you can do it in the following ways: You can register a complaint directly with us by email via complaint@bluepandafinance.co.uk with the email subject header “Complaint”. We will respond to your inquiry within 48 hours. You are also able to raise a complaint directly with us any of the contact methods shown in the Key Contact Details section below.

You can also register a complaint directly with the ICO via their online form, by telephone on 0303 123 1113, or in writing to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

POLICY MODIFICATIONS

We may update this Privacy Policy at any time, and any changes will be posted on this page. Please review it periodically to stay informed.

If we intend to use your previously collected personal data for a purpose that is materially different from the one originally disclosed, we will provide notice and, where required by law, obtain your consent before doing so.

However, if the change relates directly to progressing or improving your claim, we may process your personal data without prior notice or consent where permitted or required by applicable law or regulation.

KEY CONTACT DETAILS

Should you have any questions regarding your privacy and/or data that are not detailed throughout this Privacy Policy then we provide you with the following details for contact, the Data Protection Officer (DPO), and the Data Controller. The DPO and Data Controller accept liability for the lawful processing of your data and agrees to only use your data lawfully and only collect necessary and non-excessive data. Our Data Protection Officer can be contacted using the details below:

Phone: 0161 914 5620

Email: data@bluepandafinance.co.uk

Post: For the Attention of the DPO, Blue Panda Finance, Suite 50, 792 Wilmslow Road, Manchester, M20 6UG.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

ADDRESS

Blue Panda Finance