Effective Date: 16 May 2018
We encourage you to read this policy thoroughly. To make it easier, we’ve broken it up into bite-size chunks and some longer sections. If you want to know more about these sections, just click on the ‘FIND OUT MORE’ link at the end of each summary.
Experian is part of a group of companies whose parent company is listed on the London Stock Exchange (EXPN) as Experian plc. The Experian group of companies has its corporate HQ in Dublin, Ireland, and its operational HQs in Costa Mesa, California and Nottingham, UK. You can find out more about the Experian group on our website at www.experianplc.com.
Experian is responsible for processing the personal information you provide to us on this website https://www.vmcresponse.uk/ or was provided to us as part of enabling you to access the website, and where it is a requirement under English Law, Experian will maintain its registration with the Information Commissioners Office in the UK.
We will need to ask you for certain personal information to give you the best possible experience when you engage with us (via our websites or otherwise) and when you use our products and services.
Click below to see what types of personal information we will ask for or collect.
When you apply for Experian services from this website we will ask you to provide some contact
information. Contact information may include some or all the following:
We will only retain your Contact information for 1 year rolling period, then it will be completely removed from all systems.
For most of the services you select on our website, we will ask you to provide security information
that only you will know. Security information may include some or all the following:
Vehicle Registration Number
We will only retain your Security information for 1 year rolling period, then it will be completely removed from all systems
We use your personal information in lots of ways to make our products and services as effective as possible.
Click below to see what we will use your personal information for.
We will use your information to accept you as a new/returning customer and continue to provide you with our products and services
As part of providing our services to you we will confirm your identity and authenticate the information you provide for security purposes
Establishing your identity is important as the services may provide you with your personal credit information (such as your credit score or credit report) and we must be sure you are who you say you are. Identity checking may also involve checking the registration information you give us against information we already hold about you as a credit reference agency and potentially publicly available information about you such as from social media.
If we are unable to confirm your identity from the registration information you provide, we will let you know by the contact detail preference you have provided and you will then have the option to make a written application and provide further proof of your identity.
We will use your information for fraud investigation, detection and prevention measures and in order to provide suitable security for your account and your information that we hold (such as to enable us to prevent others logging in to your account without your permission from unknown devices)
We will use your information for the investigation, detection and prevention of crime (other than fraud)
Like any other business, we are required to comply with many laws and regulations. We will, where necessary, use your information to the extent required to enable us to comply with these requirements
In most cases, the information described above will be provided to us by you because you want to take services from us or engage with us and our use of your information will be governed by contract terms. Giving this information to us is therefore your choice. If you choose not to give all or some of it to us, this may affect our ability to provide the services you want, to you.
In the United Kingdom, we can also use personal information where the benefits of doing it are not outweighed by the interests or fundamental rights or freedoms of data subjects. The law calls this the “Legitimate Interests” condition for processing. E.G:
We must comply with various legal and regulatory requirements. Additionally, the services we provide help other organisations to comply with their own legal and regulatory obligations. For example, Experian is regulated by the Financial Conduct Authority.
Click below to find out more about which of the above legal grounds we rely on when processing your information.
To enable you to access our website and use our services we rely on the legal basis of Legitimate Interest, to ensure that we have taken reasonable precautions to only allow access to previous owner(s), to submit data.
To confirm your identity and authenticate the information you provide we rely on the legal basis of Legitimate interest by sending a letter to the recipient and provide the reference required, to grant access to the product.
For the investigation, detection and prevention of crime we rely on the legal basis of Legitimate Interest, ensuring reasonable steps are taken, to assess the information for the vehicle in question, and to identify data inaccuracies.
We share your personal information only with those persons who need to handle it so we can provide the Experian products and services you’ve signed up to. We also share it with companies within the Experian group who manage some parts of the services for us; with suppliers who provide services to us which require access to your personal information only; and with resellers, distributors and agents involved in delivering the services we provide where necessary for them to do so.
Lastly, we may also provide your personal information to fraud prevention agencies. This is to protect the Experian group of companies and our customers, to keep our systems secure, or where it’s necessary to protect either yours or our best interests.
Click below to find out more about who and why we share your information with others.
As a member of the Experian group of companies, we can benefit from the large IT infrastructure and expertise that exists within our business. This means that the personal data you provide to us may be accessed by members of our group of companies for support and administrative purposes.
We use a number of service providers to support our business and these service providers may have access to our systems in order to provide services to us and/or to you on our behalf.
Resellers, distributors and agents
We sometimes use organisations to help provide our products services to clients and customers. Personal information may be provided to them in connection with this purpose.
Fraud prevention agencies
We may check your details with the records we hold and share with fraud prevention agencies. If false or inaccurate information is provided and fraud is identified, we will record this and details will be passed to the other fraud prevention agencies. Law enforcement agencies may access and use this information.
We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:
Please contact us at Experian Ltd, PO Box 8000, Nottingham, NG80 7WF if you want to receive details of the fraud prevention agencies. We and other organisations may access and use the information recorded by fraud prevention agencies from other countries.
Public bodies, law enforcement and regulators
The police and other law enforcement agencies, as well as public bodies such as local and central authorities can sometimes request personal information. This may be for the purposes of preventing or detecting crime, apprehending or prosecuting offenders, assessing or collecting tax, investigating complaints or assessing how well a particular industry sector is working.
You can obtain a copy of the information we hold about you. See section Your rights to how we use your personal information for further information on how you can do this.
Experian is based in the UK, which is where our main databases are. We also operate elsewhere in and outside the European Economic Area, so we may access your personal information from and transfer it to these locations as well. Don’t worry though, any personal information we access from or transfer to these locations is protected by European data protection standards.
Click below to find out more about where we send your information and how it is protected
While countries in the European Economic Area all ensure rigorous data protection laws, there are parts of the world that may not be quite so rigorous and don’t provide the same quality of legal protection when it comes to your personal information.
To make sure we keep your personal information safe, we apply strict safeguards when transferring it overseas. For example:
Still want to know more about the safeguards we use to protect your personal information overseas? Feel free to contact our Data Protection Officer at uk.dpo@Experian.com.
If our right to process or share your personal information is based on the fact that you’ve given us consent, you have the right to withdraw that consent at any time by contacting us.
You can also ask for access to the personal information we hold about you and request that we correct any mistakes, restrict or stop processing or delete it. We will assess your request and subject to legal or overriding requirements to keep it we will act on your request, but please note that this does not mean that we will delete negative information about you if it is confirmed to be correct. Credit checking relies on having both positive and negative information in order for lenders to correctly assess your ability to repay any credit you receive If that is the case, we will explain why. To request a copy of the personal information we hold about you, please follow this [link].
In certain circumstances (e.g. where you provide your information to us (a) with consent to process it or (b) where the processing is necessary for the performance of our contract with you) you can require that we provide the information we hold about you either to you or a third party in a commonly used format. This only applies if we are processing it using automated means. If you would like more information about this, let us know by contacting our Data Protection Officer at email@example.com.
We will try to ensure that we deliver the best levels of customer service but if you think we are falling short of that commitment, please let us know by contacting our Data Protection Officer at firstname.lastname@example.org. You may also see our full [complaints handling procedure] and how to make a complaint.
If we cannot resolve things under that procedure, then you may have the right to refer your complaint, free of charge, to the Financial Ombudsman Service. The contact details for the Financial Ombudsman Service are: Telephone: 0300 123 9 123, or from outside the UK +44 20 7964 1000 E: email@example.com W: www.financial-ombudsman.org.uk Financial Ombudsman Service Exchange Tower London E14 9SR
You also have the right to contact the Information Commissioner’s Office (ICO), the supervisory authority that regulates the handling of personal information in the UK. You can contact them by:
You may also have the option to register your complaint using the European Commission Online Dispute Resolution (ODR) platform. This is a web-based platform that is designed to help consumers who have bought goods or services online to deal with issues arising from their purchase.
Online privacy and security is the most important aspect of any customer service and we take it extremely seriously. We use a variety of the latest technologies and procedures to protect your personal information from unauthorised access, destruction, use or disclosure.
Click below to see more about our safeguards and security measures for handling your information.
We have put in place various safeguards to ensure that individuals’ whose personal information we handle are not unduly harmed by the activities we use their personal data for. These include making information available to individuals so that they understand how their personal data will be used by Experian, explaining their rights to obtain the information we hold and to have their information corrected or restricted and providing information about how individuals can complaint if they are dissatisfied.
We restrict access to your personal data to those employees, and third parties, who need to know that information to provide products or services to you. We maintain physical, electronic, and procedural safeguards to protect your personal data.
Experian protects your information over the Internet by using secure web server technologies, which allows web browser programs (such as Microsoft Internet Explorer) to interact with Experian's web server via an encrypted session. Experian employs a Secure Sockets Layer (SSL) connection that provides an encrypted connection between your computer and Experian. The 128-bit encrypted connection scrambles ordinary text or data into cypher text to safeguard sensitive information during its journey across the Internet. The information is decrypted, or put back into a readable format, when it reaches its intended destination. When you visit any Experian website you may move in and out of secured areas. Any time that you are on a registration page or viewing your personal credit report, you will be in a secured area.
We’ll keep your personal information for the periods set out in the section ‘What information we collect’ above, and where we were not able to give a specific period, we will keep it only as long as we need it to provide the Experian products and services you’ve signed up to. We may also keep it to comply with our legal obligations, resolve any disputes and enforce our rights. These reasons can vary from one piece of information to the next and depend on the products or services you’re signed up to, so the amount of time we keep your personal information for may vary.
Click below to see more details about the logic behind how long we keep your information.
Contact information such as names and addresses are kept while there is a continuing need for us to have it.
Security check information such as date of birth and mother’s maiden name details are kept while there is a continuing need to retain it.
In all of these cases, our need to use your personal information will be reassessed on a regular basis, and information which is no longer required for any purposes will be deleted/disposed of securely.