Data Privacy Policy

Who looks after your personal information

Your personal information will be held by Outsauce Financing Limited and Outsauce Principal Limited, which is part of the Outsauce Holdings Group.

How we use your personal information

We will use your personal information:

  • To provide products and services, manage your relationship with us and comply with any laws or regulations we are subject to (for example the laws that prevent financial crime or the regulatory requirements governing the products we offer).
  • For other purposes including improving our services, exercising our rights in relation to agreements and contracts and identifying products and services that may be of interest.

To support us with the above we analyse information we know about you and how you use our products and services.

Who we share your personal information with

Your personal information will be shared with the Outsauce Holdings Groupand other companies that provide services to you or us, so that we and any other companies can look after your relationship with us. By sharing this information it enables us to run facilities, and provide products and services efficiently. You can find out more about how we share your information with credit reference and fraud agencies below and can access more information about how else we share your personal information in our Full Privacy Notice.

Where we collect your personal information from

We will collect personal information about you from a number of sources including:

  • Information given to us on application forms, when you communicate with us, over the phone or through the device you use and when new services are requested.
  • From analysis of how you operate our products and services, including the frequency, nature, location, origin and recipients of any payments.
  • From, or through, other organisations (for example credit checking agencies, insurance companies,  social media and fraud prevention agencies).

For more information about where we collect personal information about you from see our Full Privacy Notice.

Do you have to give us your personal information

We may be required by law, or as a consequence of any contractual relationship we have, to collect certain personal information. If you fail to provide this information to us it may prevent or delay us fulfilling these obligations or performing services which may prevent us operating facilities.

What rights you have over your personal information

The law gives you a number of rights in relation to your personal information including:       

  • The right to access the personal information we have about you. This includes information from application forms and any other correspondence.
  • The right to get us to correct personal information that is wrong or incomplete.
  • In certain circumstances, the right to ask us to stop using or delete your personal information.
  • From 25 May 2018 you will have the right to receive any personal information we have collected from you in an easily re-usable format when it’s processed on certain grounds, such as consent or for contractual reasons.  You can also ask us to pass this information on to another organisation.

You can find out more about these rights and how you can exercise them in our Full Privacy Notice.

Other Individuals you have financial links with

We may also collect personal information about other individuals who you have a financial link with. This may include people who you have commercial links to, for example other directors or officers of your company. 

We will collect this information to assess any applications, provide the services requested and to carry out credit checks and fraud prevention checks. You can find out more about how we process personal information about individuals with whom you have a financial link in our Full Privacy Notice.

How we use credit reference agencies

In order to process your application we may supply your personal information to credit reference agencies (CRAs) including how you use our products and services and they will give us information about you, such as about your directorship history. We do this to assess product suitability, check your identity, manage your facility and prevent criminal activity.

We may also continue to exchange information about you with CRAs on an ongoing basis. CRAs will share your information with other organisations, for example other organisations you ask to provide you with products and services. Your data will also be linked to the data of any other financial associates as explained above.

You can find out more about the identities of the CRAs, and the ways in which they use and share personal information, in our Full Privacy Notice.

How we use fraud prevention  agencies

The personal information we have collected from you and anyone you have a financial link with may be shared with fraud prevention agencies who will use it to prevent fraud and money laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found in our Full Privacy Notice.

Our full data privacy notice

It is important that you understand how the personal information you give us will be used. Therefore, we strongly advise that you read our Full Privacy Notice.

How you can contact us

If you have any questions or require more information about how we use your personal information please contact us using our email BEST@outsauce.net or calling us on 03301008695.

Last updated on 20/03/2018

 

 

 

 

 

 

 

 

 

Full Privacy notice

Our Privacy Promise

We promise:

  • To keep your data safe and private.
  • Not to sell your data.
  • To give you ways to manage and review your marketing choices at any time.

Who we are

When we refer to Outsauce, we mean Outsauce Holdings Limited and subsidiary companies which comprise the following:

  • Outsauce Principal Limited.
  • Outsauce Financing Limited.

How the law protects you.

As well as our Privacy Promise, your privacy is protected by law. This section explains how that works.

Data Protection law says that we are allowed to use personal information only if we have a proper reason to do so. This includes sharing it outside Outsauce. The law says we must have one or more of these reasons:

  • To fulfill a contract we have with you, or
  • When it is our legal duty, or
  • When it is in our legitimate interest, or
  • When you consent to it.

A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.

Here is a list of all the ways that we may use your personal information, and which of the reasons we rely on to do so. This is also where we tell you what our legitimate interests are.

What we use your personal information for

Our reasons

Our legitimate interests

• To manage our relationship with you and your business.

• To develop new ways to meet our customers’ needs and to grow our business.

• To develop and carry out marketing activities.

• To study how our customers use products and services from us and other organisations.

• To provide advice or guidance about our products and services.

• Your consent.

• Fulfilling contracts.

• Our legitimate interests.

• Our legal duty.

 

•Keeping our records up to date, working out which of our products and services may interest you and telling you about them. 

• Developing products and services, and what we charge for them.

• Seeking your consent when we need it to contact you.

• Being efficient about how we fulfil our legal duties.

• To develop and manage our brands, products and services.

• To test new products.

• To manage how we work with other companies that provide services to us and our customers.

• Fulfilling contracts.

• Our legitimate interests.

• Our legal duty.

 

• Developing products and services, and what we charge for them.

• Being efficient about how we fulfil our legal and contractual duties.

• To deliver our products and services.

• To make and manage payments.

• To manage fees, charges and interest due on customer facilities.

• To collect and recover money that is owed to us.

• Fulfilling contracts.

• Our legitimate interests.

• Our legal duty.

 

• Being efficient about how we fulfil our legal and contractual duties.

• Complying with regulations that apply to us.

 

• To detect, investigate, report, and seek to prevent financial crime.

• To manage risk for us and our clients.

• To obey laws and regulations that apply to us.

• To respond to complaints and seek to resolve them.

• Fulfilling contracts.

• Our legitimate interests.

• Our legal duty.

 

• Developing and improving how we deal with financial crime, as well as doing our legal duties in this respect.

• Complying with regulations that apply to us. 

• Being efficient about how we fulfil our legal and contractual duties.

• To run our business in an efficient and proper way. This includes managing our financial position, business capability, planning, communications, corporate governance, and audit.

• Our legitimate interests.

• Our legal duty.

 

• Complying with regulations that apply to us. 

• Being efficient about how we fulfil our legal and contractual duties.

• To exercise our rights set out in agreements or contracts.

•Fulfilling contracts.

 

 

Where we collect personal information from

We may collect personal information about you (or your business) from other companies within Outsauce and from these sources:

Data you give to us:

  • When you apply for our products and services.
  • When you talk to us on the phone or in person.
  • When you use our website.
  • In emails and letters.
  • In customer surveys.

Data we collect when you use our services. This includes the amount, frequency, type, location, origin and recipients:

  • Transaction data.
  • Payment data for Payroll and Back Office services.
  • We gather this data from devices you use to connect to our website and portals, such as computers and mobile phones, using cookies and other internet tracking software.

Data from third parties we work with:

  • Companies that introduce you to us.
  • Credit reference agencies.
  • Insurers.
  • Social networks.
  • Fraud prevention agencies.
  • Payroll service providers.
  • Public information sources such as Companies House.
  • Agents working on our behalf.
  • Government and law enforcement agencies.

Who we share your personal information with

We may share your personal information with companies within Outsauce and these organisations:

  • Agents and advisers who we use to help run your facility, collect money that is owed to Outsauce, and explore new ways of doing business.
  • HM Revenue & Customs, regulators and other authorities. 
  • Credit reference agencies.
  • Fraud prevention agencies.
  • Any party linked with you or your business’s product or service.
  • Any sub-processors to complete payroll services and fulfil our contractual obligations.
  • Organisations that introduce you to us.
  • Companies that we introduce you to.
  • Companies you ask us to share your data with.

We may also share your personal information if the structure of the Outsauce Holdings Group changes in the future:

  • We may choose to sell, transfer, or merge parts of our business, or our assets. Or we may seek to acquire other businesses or merge with them. 
  • During any such process, we may share your data with other parties. We’ll only do this if they agree to keep your data safe and private.
  • If a change to Outsauce happens, then other parties may use your data in the same way as set out in this notice.

Credit Reference Agencies

We carry out company credit checks and identity/director checks when you apply for a product or services for you or your business. We may use Credit Reference Agencies to help us with this.

If you use our services, from time to time we may also search information that the CRAs have, to help us manage those facilities. We will go on sharing your personal information with CRAs for as long as you are a client.  When we ask CRAs about you or your business, they will note it on your credit file. This is called a credit search. Other lenders may see this and we may see credit searches from other lenders.

We will share your personal information with CRAs and they will give us information about you. The data we exchange can include:

  • Name, address and date of birth.
  • Public information, from sources such as the electoral register and Companies House.

We’ll use this data to:

  • Assess whether your business is able to afford the services.
  • Make sure what you’ve told us is true and correct.
  • Help detect and prevent financial crime.
  • Manage facilities with us.
  • Trace and recover debts.
  • Make sure that we tell you about relevant offers.

You can find out more about the CRAs on their websites, in the Credit Reference Agency Information Notice. This includes details about:

  • Who they are.
  • Their role as fraud prevention agencies.
  • The data they hold and how they use it.
  • How they share personal information.
  • How long they can keep data.
  • Your data protection rights.

Fraud Prevention Agencies (FPAs)

We will need to confirm your identity before we provide services to you or your business. Once you have become a client of ours, we will also share your personal information as needed to help detect fraud and money-laundering risks. We use Fraud Prevention Agencies to help us with this. 
 

Both we and fraud prevention agencies can only use your personal information if we have a proper reason to do so. It must be needed either for us to obey the law, or for a ‘legitimate interest’.

A legitimate interest is when we have a business or commercial reason to use your information. This must not unfairly go against what is right and best for you.

We will use the information to:

  • Confirm identities.
  • Help prevent fraud and money-laundering.
  • Fulfil any contracts you or your business has with us.

We or an FPA may allow law enforcement agencies to access your personal information. This is to support their duty to detect, investigate, prevent and prosecute crime. FPAs can keep personal information for different lengths of time. They can keep your data for up to six years if they find a risk of fraud or money-laundering.

The information we use, these are some of the kinds of personal information that we use:

  • Name.
  • Date of birth.
  • Residential address.
  • History of where you have lived.
  • Contact details, such as email addresses and phone numbers.
  • Data relating to your or your businesses products or services.
  • Your businesses details.
  • Data that identifies computers or other devices you use to connect to the internet. This includes your Internet Protocol (IP) address.

We and FPAs may process your personal information in systems that look for fraud by studying patterns in the data. We may find that a facility is being used in ways that fraudsters work. Or we may notice that an facility is being used in a way that is unusual for you or your business. Either of these could indicate a possible risk of fraud or money-laundering.

If we or an FPA decide there is a risk of fraud, we may stop activity on the facilities or block access to them. FPAs will also keep a record of the risk that you or your business may pose.

This may result in other organisations refusing to provide you with products or services, or to employ you.

If you choose not to give personal information

We may need to collect personal information by law, or under the terms of a contract we have with you.

If you choose not to give us this personal information, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform services needed to run your facilities. It could mean that we cancel a product or service you have with us.

Any data collection that is optional would be made clear at the point of collection.

Marketing

We may use your personal information to tell you about relevant products and offers. This is what we mean when we talk about ‘marketing’.

The personal information we have for you is made up of what you tell us, and data we collect when you use our services. We study this to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.

We can only use your personal information to send you marketing messages if we have either your consent or a ‘legitimate interest’. That is when we have a business or commercial reason to use your information. It must not unfairly go against what is right and best for you.

You can ask us to stop sending you marketing messages by contacting us at any time. Whatever you choose, you'll still receive reports and other important information such as changes to your existing services.

We may ask you to confirm or update your choices, if you take out any services with us in future. We will also ask you to do this if there are changes in the law, regulation, or the structure of our business. If you change your mind you can update your choices at any time by contacting us.

How long we keep your personal information

We will keep your personal information for as long as you are a customer of Outsauce.

After you stop being a customer, we may keep your data for up to 7 years for one of these reasons: 

  • To respond to any questions or complaints.
  • To show that we treated you fairly.
  • To maintain records according to rules that apply to us.

We may keep your data for longer than 7 years if we cannot delete it for legal, regulatory or technical reasons.

How to get a copy of your personal information

You can access your personal information we hold by writing to us at this address:
  
Data Subject Access Request/Compliance Dept
Outsauce Financing Limited
St George’s House
13-14 Ambrose Street
Cheltenham, Gloucestershire
GL50 3LG

Letting us know if your personal information is incorrect

You have the right to question any information we have about you that you think is wrong or incomplete. Please contact us if you want to do this.  If you do, we will take reasonable steps to check its accuracy and correct it.

 

What if you want us to stop using your personal information?

You have the right to object to our use of your personal information, or to ask us to delete, remove, or stop using your personal information if there is no need for us to keep it. This is known as the ‘right to object’ and ‘right to erasure’, or the ‘right to be forgotten’.

There may be legal or other official reasons why we need to keep or use your data. But please tell us if you think that we should not be using it. We may sometimes be able to restrict the use of your data. This means that it can only be used for certain things. In this situation, we would not use or share your information in other ways while it is restricted.

You can ask us to restrict the use of your personal information if:

  • It is not accurate.
  • It has been used unlawfully but you don’t want us to delete it.
  • It not relevant any more, but you want us to keep it for regulatory reasons.
  • You have already asked us to stop using your data but you are waiting for us to tell you if we are allowed to keep on using it.

If you want to object to how we use your data, or ask us to delete it or restrict how we use it or, please contact us.

 

How to withdraw your consent

You can withdraw your consent at any time. Please contact us if you want to do so. If you withdraw your consent, we may not be able to provide certain products or services to you. If this is so, we will tell you.

How to complain

Please let us know if you are unhappy with how we have used your personal information. You can contact us as per our Statement of Complaint Handling held on our Website.

Future formats for sharing data

The Data Privacy laws provide you with the right to get your personal information from us in a format that can be easily re-used. You can also ask us to pass on your personal information in this format to other organisations.

Cookies

To find out more about how we use cookies please see our Privacy and Cookies Notice on our Website.