At Selina, we take your personal data seriously. This policy:

• sets out the types of personal data that we collect about you;
• explains how and why we collect and use your personal data;
• explains how long we keep your personal data for;
• explains when, why and with who we will share your personal data (including credit reference agencies and fraud prevention agencies);
• sets out the legal basis we have for using your personal data;
• sets out how we keep your data secure;
• explains the effect of refusing to provide the personal data requested;
• explains where we store your personal data and whether we transfer your data outside of the EEA;
• explains the different rights and choices you have when it comes to your personal data; and
• explains how we may contact you and how you can contact us
  

We collect the information necessary to be able to assess whether you are eligible to use our product, to determine the terms corresponding to your risk profile and to deliver our product/services to you. We may collect, use, store and transfer different kinds of personal data about you which are grouped follows::

• Identity Data includes first name, maiden name, last name, marital status, title, date of birth, gender, address and employment history, and citizenship.
• Contact Data includes address, email address and telephone numbers.
• Financial Data includes bank account details and bank statements, your income and outgoings, credit history including details of any history of bankruptcy or county court judgements, mortgages and protection products held, and payment/ direct debit details.
• Special Category/Sensitive Data which includes physical and mental health conditions, racial / ethnic origin, criminal offences and convictions. Special category data is collected, where relevant, for the purposes of preventing fraud.
• Transaction Data includes details about the products and services you may have benefitted from by using Selina.
• Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
• Profile Data includes your username and password.
• Job Application Data includes data submitted throughout the recruitment process i.e. name, email address etc.
• Employment Data includes any personal information you provide to Selina as part of the recruitment process or throughout your employment at Selina should you be a permanent employee, contractor, or third party provider
• Usage Data includes information about how you use our website, products and services.
• Marketing and Communications Data includes your preferences in receiving marketing from us, and our business partners and your communication preferences.

Apart from the information customers provide to us directly, we may also record information about potential vulnerabilities where we think this is appropriate to meet the obligations placed on us by the Financial Conduct Authority (FCA) with regard to vulnerable customers. You can find out more about our obligations to potentially vulnerable customers here.

We use your personal data to:

• Assess your eligibility for our products and assign a risk profile to you in order to determine the terms;
• Administer your relationship with us and to communicate with you by telephone, mail, email, text (SMS) message, instant messaging or other electronic means;
• Verify your identity as part of our identity authentication process and to prevent, detect and prosecute fraud and crime and comply with legal or regulatory requirements;
• Provide you with the information, products and services that you request or we reasonably determine may be of interest to you;
• Where you have provided your consent for us to market to you, provide you with information about other products and services we offer that are similar to those that you have already purchased or enquired about, or about products or services we feel may interest you.
• Contact you to discuss how we could improve our services to you.

We will use your personal data for the purposes stated above, unless we reasonably consider that we need to use it for another reason and it is compatible with the original purpose. Please note that we may process your personal data without your knowledge or consent, where this is required or permitted by law.

While you are a customer of ours, we'll only retain your personal data including call recordings for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. This enables us to adhere to our regulatory requirements, ensure we provide suitable advice (where applicable), and to answer any questions you may have later down the line. If you don't transact with us, depending on the stage of your application, we may delete your information sooner in accordance with our data retention policy.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In accordance with our data retention policy, we will retain your personal information for a minimum of six years from the end of our business relationship with you. Our business relationship will be deemed to be at an end on the date upon which your account is closed (which will either be when all outstanding sums under the agreement have been repaid or when we stop pursuing arrears on the account) or when your application has been declined.

Please note that if your personal information is shared with third parties, they may have different retention policies. Fraud prevention agencies can hold your personal data for different periods of time; if you are considered to pose a fraud or money laundering risk, note that your data can be held by them for up to six years.

After termination of your contract, we may continue to use aggregated anonymised data for data analysis, profiling and research purposes, for example to gain insights about our customers. Aggregated anonymised data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. 

Your personal data may be shared with credit scoring agencies, solicitors, surveyors, fraud prevention agencies and government agencies. We will also share your personal data with the land registry in order to establish the charge over your property. It may also be necessary to share updates relating to your application with the firm or mortgage broker that introduced your application to us.

If you make an application to use our services, we will obtain copies of your credit report and score from designated credit scoring agencies on your behalf. We will also share your information with such credit scoring agencies in order to provide our services to you.

Credit scoring agencies collect and maintain information about consumers’ and businesses’ credit behaviour. This includes fraud prevention, credit information (including details of your previous applications and the conduct of your bank accounts) and publically accessible information (such as information from the Electoral Register, County Court Judgements, decrees, and bankruptcies). Credit scoring agencies may form a link between any previous or subsequent names that you use in the records they hold about you.

The identities of the credit scoring agencies used, and further data management details are available through the links below;

• Experian: www.experian.co.uk/crain
• Equifax: www.equifax.co.uk/crain

Additionally, you can contact any of the credit scoring agencies as follows, if you wish to obtain a copy of your credit report.

Experian, Consumer Help Service, PO Box 8000, Nottingham NG80 7WF or call 0844 4818000 or log on to www.experian.co.uk.

Equifax PLC, Credit File Advice Centre, PO Box 1140, Bradford, BD1 5US or call 0844 335 0550 or log on to www.equifax.co.uk

We may provide information to other organisations about you, your financial associates (individuals you have made a joint application with or are otherwise linked to your credit history) and your business (if you have one). This information is used by them and us to:

• help make decisions, for example when: (a) checking details on applications for loans or other credit and credit-related or other facilities; (b) managing loan, credit and credit-related accounts or facilities; (c) recovering debt; (d) checking details on proposals and claims for all types of insurance; (e) checking details of job applicants and employees;
• detect and prevent crime, fraud and money laundering;
• check your credit history;
• verify your identity if you, or someone financially linked with you, apply for a loan or services
• trace your whereabouts; and
• undertake research, statistical analysis and systems testing.

We also have processes and systems that protect our customers and ourselves against fraud and other crime. We will share your personal information with fraud prevention agencies and government agencies in order to help us to identify instances of fraud and trace those responsible. If false or inaccurate information is provided and fraud is identified, details of this fraud will be passed to these agencies. Law enforcement agencies may access and use this information.

Other organisations may also access and use this information to prevent fraud and money laundering, for example, when:

• checking details on applications for credit and credit related or other facilities;
• managing credit and credit related accounts or facilities;
• recovering debt;
• checking details on proposals and claims for all types of insurance; and
• checking details of job applicants and employees.

We and other organisations may access and use from other countries the information recorded by fraud prevention agencies.

Selina needs the information you provide us when you register and that we collect about you from third parties to allow us to provide you with our services as agreed in our contract with you. We are unable to provide our services to you without collecting relevant information that will allow us to be able to assess your suitability for the financial products and services we provide.

Selina may also use your personal data to comply with our legal obligations, including our obligations to regulators. We will always seek your consent to process certain types of information where we are legally required to do so such as marketing but may also rely upon legitimate interest for direct marketing where we can reasonably show the product or services may be of interest to you.

For other kinds of information we process (such as from the land registry or individual home appraisals), this is necessary in pursuit of our legitimate interests in establishing a charge over your property or adequately assessing your risk profile and property value.

While there are some risks with this type of activity, on balance, we consider the risk to your data protection rights is outweighed by the significant benefits in being able to provide you with:

1. a fair rate and maximum loan amount accessible,
2. the best customer service possible and,
3. a product that is suitable for your needs. 

Selina implements protections for your rights by establishing adequate cyber security in order to protect your data privacy.

We understand how important it is to keep your personal data secure, and have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your data to those employees, agents, contractors and other third parties who have a business need to know. They will process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we're legally required to do so.

If you do not provide the personal data necessary, or (where we are relying on your consent) if you withdraw your consent for the processing of your personal data, we may not be able to provide you with our products or services.

Selina may use an automated decision-making system to perform credit scoring/property value assessment activities and make determinations concerning your suitability for certain financial products and services.

We use this system to verify the financial details you provide us against those held by third-party providers, as well as benchmark them against our risk scoring guidelines. If you do not pass the relevant checks using the automated system, we cannot provide our goods or services to you.

Moreover, using an automated decision-making system enables us to provide you with the fairest rate possible, as well as minimise the risk to grant you a loan for which you are possibly not eligible.

You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal consequences for you or similarly significant effects. While Selina is confident that the technology works, we understand that not everyone is comfortable with decisions being left entirely up to machines. If you have any questions about our automated decision-making system, please contact us on dataprotection@selinafinance.co.uk or +44 20 8133 0157.

Selina may use cookies and similar technologies on our websites and in our emails.  A ‘cookie’ is small pieces of information, normally consisting of just letters and numbers that we store on your browser or the hard drive of your computer if you agree. The next time you visit our website, your device will remember useful information such as preferences, visited pages or logging in options.

Cookies are widely used to add functionality to websites, or to ensure they work more efficiently. Our website relies on cookies to optimise the user experience and ensure the site's services function properly.

Selina may use third party marketing cookies to help deliver advertising relevant to your interests. Details of our cookies policy can be found here.

Most web browsers allow some control to restrict or block cookies through the browser settings, however if you disable cookies you may find this affects your ability to use certain parts of our website or services.

Selina uses third party processors to provide our services; these companies will process or store your information on our behalf. Here are the types of entities we share information with, for a full list please contact us:

• Website Hosts
• Advertisement Platforms
• Web Analytic Platforms
• Customer Relationship Management Platforms
• Web/Mobile Chat Services
• Remarketing Platforms
  

We abide by the UK data protection laws. And, if we ever have to send data outside the UK, we take care that it's covered by the same high standards.

Your personal data may be processed in the USA by Selina or the third parties we use.  Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We'll only transfer your personal data to countries that have been deemed to provide an adequate level of protection
• Where we use certain service providers, we may use specific contracts which give personal data the same protection it has in the UK and Europe.
• Where we use third parties based anywhere else in the world, we use specific contracts and conduct a due diligence check to ensure that the country provides adequate protection to personal data.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

Under certain circumstances, you have rights under data protection laws in relation to your personal data. We'll be happy to discuss these and how they might apply to you. If you wish to exercise any of the rights set out below, please contact us.

Selina attempts to act on all legitimate requests within 30 days. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we'll notify you and keep you updated.

You won't have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge an administrative fee if your request is clearly unfounded, repetitive or excessive and/or further copies of the same information. Alternatively, we may be entitled to refuse to act on the request in these circumstances. Please consider your request responsibly before submitting it.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

In summary, you have:

1. The right to be informed

You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this policy.

2. The right of access

You have the right to obtain access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we're lawfully processing it.

3. The right to rectification

You are entitled to have the personal data that we hold about you  corrected.This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

4. The right to erasure

Also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to restrict processing (see below). Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you.

5. The right to restrict processing

You have rights to ‘block’ or suppress further use of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you don't want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.

6. The right to data portability

You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider. We'll provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

7. The right to object to processing

You have the right to object to certain types of processing of your personal data where we're relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. This includes processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

8. The right to lodge a complaint

You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator. The contact details for the UK Information Commissioner’s Office is provided below.

9. The right to withdraw consent

If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time; although this won't affect the lawfulness of any processing carried out before you withdraw your consent. This includes your right to withdraw consent to us using your personal data for marketing purposes. If you withdraw your consent, we may not be able to provide certain products or services to you. We'll advise you if this is the case at the time you withdraw your consent.

Selina may contact you by phone, email, post or through our mobile application. If you prefer a particular contact over another please just let us know.

Where you have consented we may send you messages by text (SMS), post, email and other digital methods (including new methods that may become available in the future) about products and services which may be of interest to you – these are marketing messages. You can ask us to stop or start sending you marketing messages at any time by contacting us or using the opt in or out links in our emails.

Where we make any significant changes to this privacy notice, we will contact you to ensure that you are aware of the changes. We may also make minor updates to this privacy notice without notifying you but will ensure that the updated version is available online.

Selina Finance Ltd is the controller and responsible for your personal data and this website (we use "Selina", "we", "us" or "our" in this Privacy Policy). 

We are registered with the ICO under number ZA514769. You can get in touch with us if you have any questions about this Privacy Policy, including any requests to exercise your legal rights, at:

Post: Selina Finance Ltd, 14 Hanway Place, London, W1T 1HD.

Email: dataprotection@selinafinance.co.uk

Telephone: 020 3984 8578

We are Selina Finance Ltd, a company registered in England and Wales under company number 11497606. We are authorised and regulated by the Financial Conduct Authority (FCA), under firm reference number 820183. You can check this on the Financial Services Register by visiting the FCA website.

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK independent supervisory authority for data protection issues. We'd always appreciate the chance to deal with your concerns before you approach the ICO however, so please contact us in the first instance.

If you have any questions or complaints relating to how we use your personal data, or if you wish to exercise any of your rights regarding your personal data, please contact us by emailing dataprotection@selinafinance.co.uk. We will respond to you as soon as possible. The length of time will depend on the type and complexity of the request, but you will receive a response no later than one month from the initial request.

This version was last updated in August 2022, and historic versions can be obtained by contacting us.

It's important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.