Privacy Policy

1. Overview

1.1) We are committed to protecting your privacy rights as a consumer of our services. Our policy is to respect and protect your rights to privacy.

1.2) Financial Media Group Limited is an Appointed Representative of Cobain Digital Limited, and is entered on the Financial Services Register under reference number: 735834.

1.3) All information you provided will be held by Financial Media Group Limited is an Appointed Representative of Cobain Digital Limited, and is entered on the Financial Services Register under reference number: 735834  on UK based servers. 

1.4) We collect data on all our users in order to continually improve the services and products we offer. We also collect data to enter commercial arrangements which can include the sale of advertising space. Financial Media Group Limited is an Appointed Representative of Cobain Digital Limited, and is entered on the Financial Services Register under reference number: 735834, and adheres to UK Data Protection Legislation which, from 25th May 2018, includes EU Regulation 2016/679 General Data Protection Regulation (“GDPR”).

1.5) This privacy notice only relates to Financial Media Group Limited’s & Dot Broker’s  website and platform and does not extend to your use of the internet outside of this website.

2. Company information

2.1) Financial Media Group Limited is an Appointed Representative of Cobain Digital Limited, and is entered on the Financial Services Register under reference number: 735834.  DotBroker 45 Albemarle Street Mayfair, London W1S 4JL

3. General

3.1) Before using our services and purchasing our products, we require that each user undertakes checks for the purposes of verifying your identity and preventing fraud and money laundering. These checks require DotBroker to collect and store personal data about you.

3.2) Details of personal data we may need to collect to process these checks include, but are not limited to: name, address, date of birth, contact details, bank account numbers, national insurance number and device identifiers including IP addresses.

3.3) DotBroker may need to enable law enforcement agencies to access your personal data to detect, investigate and/or prevent crime.

3.4) We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering, and verifying identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested.

3.5) Fraud prevention agencies can hold your personal data for different time periods, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.

3.6) As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct, or is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity. You have rights in relation to automated decision making: if you want to know more, please read section 7.

3.7) If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services or financing you have requested or to employ you, or we may stop providing existing services to you.

3.8) A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing, or employment to you. If you have any questions about this, please contact us on the details below.

3.9) Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.

4. Data collected by DotBroker

4.1) The types of personal data that we collect and process about you will depend on your interactions with DotBroker and what products, you use.

The data collected may fall into the below categories:

  • Examples of Contact and Identity Data:

    • Name

    • Address

    • Date of Birth

    • Telephone Number

    • Email Address

    • Photo ID

    • Marital Status

    • Financial Dependents

    • Gender

    • Username and password

    • Purchases made by you

    • Your interests and preferences

    • Feedback and survey response

  • Examples of Special Category Data:

    • Ethnicity and race

    • Details of criminal offence/convictions,

    • Details about vulnerable people in your household, such as children or elderly people (and we may ask for their ages and dates of birth and information about any special requirements they may have)

    • Information we may require to comply with guidelines on matters of public health or concern (e.g. Covid-19).

  • Example of Financial Data:

    • Credit Worthiness

    • Outstanding Credit commitments

    • Financial History

    • Bank account details

    • Incomings and outgoings

    • Tax Status

    • Changes in your circumstances may affect your ability to repay

  • Examples of Operational Data:

    • Communications between us

    • Complaints

    • Logins

    • Data subject access requests

    • Correction requests
      details about payments to and from you and other services you have purchased through us

  • Examples of Techincal Data:

    • Internet protocol address

    • login information

    • browser type and version

    • time zone setting

    • browser plug-in types and versions
      operating system and platform

    • identification number
      online identified

    • location data and other similar identifying information required for the customer’s device(s) to communicate with websites and applications on the internet

  • Examples of Usage Data:

    • how you use our website products and services

    • the full uniform resource locators clickstream to, through and from our site (including date and time)

    • download errors

    • lengths of visit to certain pages

    • page interaction information

    • methods to browse away from the page

    • any phone numbers you use to call us

  • Example of Marketing and Communications Data:

    • your marketing preferences from us and our third parties and your communication preferences

4.2) We will collect the information below in different ways depending on how you decide to contact us.

Direct – where you have come to DotBroker directly through our website.

  • Information provided when you apply for any of our products or services

  • Information provided when you use any of our online forms

  • Information provided or that we collect when using our website

  • Information provided when communicating with us in writing, email, or phone

  • Information we obtain when you engage with us across social media platforms

Third Party – where a broker has introduced you to DotBroker or a third party is acting on your behalf and we have authority for them to act:

  • Information that the third party provides as part of the application process, or on any of our online forms

  • Information the third party provided when communicating with us in writing, via email, SMS or by phone

  • Information provided to us on your behalf by your representatives engaging with us for you

Comparison Sites:

  • Information you have entered on the comparison site as part of the application process

4.3) Special Category data

Data protection law requires us to treat special category data carefully. Special category data includes biometric data whether that be physical, physiological, or behavioural characteristics about you, health data, criminal convictions, and any religious or political data.

We’ll only use special category data in the following scenarios:

  • detecting and preventing financial crime,

  • comply with guidelines on matters of public health or concern (e.g., Covid-19)

  • verifying your identity using biometric data; and

  • making our services accessible to customers.

We will also only process special categories of information where we’ve obtained your consent or where one of the limited grounds on which we can process special category data applies.

4.4) We do not monitor your use of the Internet, but we do use cookie technology to monitor your use of DotBroker. This information is not stored alongside your personal data and will only be used on an anonymous, aggregated basis. We may process your personal data in conjunction with the documents and forms downloaded in order to maintain and improve the facilities we offer and to send you alerts about important updates to such content.

5. Information we collect from other sources

5.1) We may on occasion obtain information from other sources, this helps us to offer you our products and services and to operate our platform. This will, on occasion, include personal information and may be obtained from sources such as:

  • Our group companies

  • Companies that introduce you to us

  • Credit Reference Agencies

  • Comparison Websites

  • Social Networks

  • Fraud Prevention Agencies

  • Public Information services such as Companies House

  • Land Registry

  • Government Agencies

  • Law Enforcement Agencies

6. How we use your data

6.1) The General Data Protection Regulation states that we can only use personal information if we have a genuine reason to do.  This includes providing it to third parties outside of DotBroker

We will only use your personal information for one of the following reasons

  • To fulfil a contract, we have with you

    • When it is our legal duty

    • When you consent to us

    • When it is in our legitimate interest

A legitimate interest is when we have a business or commercial reason to use your information.

Below is a list of all the ways in which we can use your personal information and the reason we rely on to do so.

  • When we use it:
    Ensuring customers have a clear understanding of the product they may be accepted for without having a detrimental effect on their credit rating

  • When we use it: Fulfilling Contracts

  • When we use it: Fulfilling Contracts or consent

  • When we use it: Fulfilling Contracts or consent

  • When we use it: Identifying relevant customer groups and their needs and preferences, developing appropriate products and services, what we charge for them and who we provide them to, ensuring products are suitable for customers and meet expectations, so we can continue to improve our customers’ experience.

  • When we use it: Complying with due diligence requirements and running the business efficiently

  • When we use it: Our Legal Duty

  • When we use it: Our Legal Duty

  • When we use it: Our Legal Duty

  • When we use it: Our Legal Duty

  • When we use it: Developing products and services that promote responsible lending and promoting products to interested parties with similar needs and wants

  • When we use it:
    Keeping new/existing customers up to date with the products and services that have and with other products and services we offer

  • When we use it: Being efficient as to how we fulfil our legal duties, ensuring customers have a clear understanding of the product they have or may have in the future

  • When we use it: Developing products and services, looking at charges and who we will provide them to

  • When we use it: Fulfilling Contracts

  • When we use it: Fulfilling Contracts

  • When we use it: Fulfilling Contracts

  • When we use it: Fulfilling Contracts

  • When we use it: Fulfilling Contracts

  • When we use it: Our Legal Duty

  • When we use it: Developing products and services, looking at charges and who we will provide them to, complying with regulations that apply to us and monitoring and mitigating risks

7. Automated Decisions

We sometimes use systems to make automated decisions using the personal information we have from you and other sources. Automating decisions allows us to make consistent and efficient decisions regarding the products and services we offer. These automated decisions can affect the products and services we may offer you now or in the future, or the price that we charge you for them.

Below are details of the automated decisions we make which are necessary for entering into or performing a contract:

  • What Automation Occurs:
    Where you have requested a mortgage/Insurance cover, we will decide what rate of interest to charge based on what we know about you from your application and other sources.

  • What Automation Occurs:
    We may place customers in or monitor certain customer groups – who have similar characteristics. We use this to learn about customer needs and wants so we can make better and more informed decisions. This also helps us tailor our products and services to our customer’s needs.When we use it: Fulfilling Contracts

  • What Automation Occurs:
    We use your personal information to monitor and assess if your account is being used or suspected to be used for fraud or money laundering. We look for traits adopted by fraudsters or look for trends of activity that do not match your usual activity.

  • What Automation Occurs:
    When you apply for an account, we will check that the product or service is suitable for you. We will also check that you meet the requirements to open an account or receive the product or service applied for.

  • What Automation Occurs:
    When you have a mortgage/insurance cover arranged through DotBroker, we will periodically assess the performance of your products. Dependent upon the assessment outcome this may result in us contacting you to further understand your current situation.

8. Retaining your information

We will hold your personal information for as long as you have a relationship with us, e.g., you have applied for a product or you are an existing customer of ours, and for a period of time after our relationship ends e.g., your application was declined, you have closed your account.  How long we hold your information depends on the nature of our relationship, the type of information and the purposes for which we hold it.

The information we will retain will be such that helps us to:

  • comply with legal and regulatory requirements, e.g., anti-money laundering laws and laws that require us to keep details of transactions we have been party to (loan repayments, investor payments)

    • establish, exercise, and defend legal claims

    • prevent and detect fraud

    • pursue our or third party’s legitimate interest

    • deal with any complaints regarding our services

    • ensure we do not send any marketing to people who have opted out

    • maintain business records for analysis and audit purpose

9. Sharing your personal data

9.1) We may share your information with some of our business partners, service providers and subcontractors in connection with the performance of any contract we enter with you or them.

9.2) We may also disclose your information to third parties where you have consented for us to do so, where we are under a legal, regulatory, or professional obligation to do so, where we need to enforce or apply our various terms, policies and other agreements, or if it becomes necessary to protect the rights, property or safety of DotBroker, our customers or any other person.

9.3) If we merge, re-organise or transfer all or part of our business, we may disclose the information we hold about you to successors (and potential successors) of the business.

9.4) If we refer any dispute between us to the ODR Platform http://ec.europa.eu/consumers/odr, and/or we agree to engage in any alternative dispute resolution (“ADR”) procedure with you through the ODR Platform, then to the extent that your personal data is relevant to the dispute we may disclose it to the European Commission, as operator of the ODR Platform, and to any ADR provider appointed to deal with the dispute.

10. Your rights as a data subject

You may have some or all the following rights dependent upon how and why your information was collected and how we are using your information:

  • Right to Access – You may have a right to request access to the personal information we hold about you (this is also known as a subject access request).

  • Right to Rectification – You can request at any time that we update and correct any out of date or inaccurate personal information we hold about you; You can do this by contacting us at hello@DotBroker.co.uk

  • Right to Erasure – In some circumstances you can request that we remove all personal information we hold about you if there is no need for us to keep it; You can do this by contacting us at hello@DotBroker.co.uk

  • Right to Restrict Processing and Object to Processing – If we process your data, you can request that we stop or restrict the processing of your personal information; Email preferences can be changed using the ‘Email Preferences link in ‘My Preferences’.

  • Right to Withdraw Consent – You can withdraw your consent at any time by contacting DotBroker.co.uk, once consent is received,DotBroker.co.uk will stop processing your personal data and where consent is the lawful basis for us processing your personal data; and

  • Right to Data Portability – You can make a request for us to provide personal information you have supplied to DotBroker.co.uk to a third party.

There may be regulatory or legal reasons why we cannot satisfy your requests, but we will advise you of this when a request is made.

For further information on each of these rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO).

11. Accessing your data

11.1) All personal data provided by you during registration onto the Platform, along with details of your download history, can be accessed via ‘My Account’.

11.2) If you wish to make a data subject access request, please do so in writing, sent to the email or postal address shown below, clearly marking your correspondence as a subject access request.

11.3) We do not normally charge for subject access requests unless they are ‘manifestly unfounded or excessive (e.g., repetitive). We will respond to your subject access request within one month of receiving it. In the unlikely event that your request is particularly complex, a further two months may be required but we will keep you informed if this is the case.

12. Cookie technology

12.1) We use the following cookies:

  • 12.1.1) Strictly necessary cookies: These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website. They do not gather information about you that could be used for marketing purposes or remembering where you’ve been on the Internet.

  • 12.1.2) Analytical/Performance cookies: They allow us to collect information about how you use our website, such as, how you move around our website and if you experience any errors. These cookies do not collect any information that could identify you; all the information collected is anonymous and is only used to help us improve the way our website works, understand what interests our users and measure how effective our advertising is.

  • 12.1.3) Functionality cookies: These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences and improve your visit.

  • 12.1.4) NextRoll and our advertising partners use cookies and similar technologies on this site and around the web that collect and use personal data (e.g., your IP address) to select and deliver measurable personalised advertising from this site and other advertisers in NextRoll’s network, as well as to analyse and understand your use of our websites using NextRoll’s services. By clicking “Allow”, you consent to the placement and use of cookies and similar technologies by NextRoll and its advertising partners. If you select “Reject”, NextRoll will not serve you personalized advertising. You may still receive advertising that is not targeted or is served by other third parties that are not affiliated with NextRoll. If you “Allow” now, you have the right to withdraw your consent at any time. To manage NextRoll’s partners and learn more,visit https://d.adroll.com/consent/choices

  • 12.2) Generally, cookies that are strictly necessary for the operation of the website will expire when you leave the website. Other cookies may be more permanent or not expire unless you actively delete them.

13. Credit Reference Agencies (CRAs) and Fraud Prevention Agencies (FPAs)

If we carry out credit and/or identity checks when you apply for a product or service. We use CRAs to help us with this.

If you use our products or services, from time to time we may also search for information that the CRAs have about you, to help us manage those accounts.

To do this, we will supply your personal information to CRAs and FPAs and they will give us information about you. This will include information about your financial situation and financial history. CRAs and FPAs will give us publicly available information about you (including information from the electoral register) and privately held information which will include your credit history, your current financial situation, financial history information and fraud prevention information.

When we use your information and share it with CRAs and FPAs, we do so as a necessary step to assess whether or not we can enter into a contract with you. Where your loan application is approved and you choose to enter a loan through DotBroker, it will continue to be necessary for us to carry out these checks from time to time to perform the contract we have with you.

We will use the information that we receive from CRAs and FPAs to:

  • Help us assess whether or not we think you can afford to take out the requested loan and meet your loan obligations

  • Make sure that the offers we can provide to you are fair and appropriate to your circumstances and check the information that you have provided to us is accurate

  • Meet our legal obligations to help prevent criminal activity, fraud, and money laundering

  • Manage your account(s)

  • Trace and recover debts where we have been unable to make contact with you via any other means that we hold your information (i.e. phone, email, letter)

When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders and other similar companies or organisations. When FPAs receive a search from us they will keep a log of the searches that we have carried out, but this will not be shared with any CRAs.

If you are making a joint application or tell us that you have a spouse or financial associate, we will link your records together, you should make them aware of how their personal information will be used by us before you complete the application. In addition, you should both also be aware that CRAs will also link your records together and these links will remain on both of your files until an approved request is received by the CRAs confirming that the financial relationship no longer exists.

We will continue to exchange information about you with CRAs and FPAs while you have a relationship with us. We will also inform the CRAs once you have finished repaying a loan with us. If you borrow money through DotBroker and do not make all your repayments in full and on time this information will be shared with CRAs who will record that information as part of your credit history. It is possible that the CRAs will then share this information with other organisations that have a relationship with them.

If you give us false or inaccurate information or if we suspect or identify fraud, we will record this and will also pass this information to FPAs and other organisations involved in crime and fraud prevention, including law enforcement agencies.

We and other organisations may access and use this information to prevent fraud, money laundering or other criminal activity. If we, or an FPA, determine that you pose a fraud or money laundering risk, we may refuse to provide the products and services you have requested, or we may stop providing existing services to you.

Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years and may result in other companies or organisations refusing to provide services, financing, or employment to you.

If you have any questions about this, please contact us at hello@DotBroker.co.uk

The links below will provide you with further information on

  • the identities of the CRAs

    • their role as FPAs

    • the information they hold about you

    • the ways in which they use and share personal information

    • the length of time that they will hold on to your information

    • your data protection rights

TransUnion CRAIN

Equifax CRAIN

Experian CRAIN

14. Direct marketing

When you register with DotBroker we’ll give you the option to opt-out of receiving different categories of messages from us. These categories relate to letting you know about new products, promoting our existing products and general marketing.

We only send these messages if there is something worthwhile to tell you about. If you don’t want to receive these messages you can log into your account and change your settings

We’ll still send you messages relating to DotBroker products you have where this is necessary to provide you with good service. There also may be some messages that we’re required by law or regulation to send you even if you ask us not to.

15. Contacting Us

15.1) To contact DotBroker about anything to do with your personal data and data protection, including to make a subject access request, please use the following details and we will respond as soon as possible: hello@DotBroker.co.uk

16. Making a complaint and dispute resolution

We hope that we can resolve any query or concern that you raise about our use of your information, so please get in touch with us on the above details if you have any questions or issues with this privacy policy or with how we are using your personal information in general.

If you are dissatisfied with any response you receive from us, you may refer your complaint to the ICO. Find out more on their website.

Note:
We may change our Privacy Policy from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection. Any changes will be notified to you the first time you log into DotBroker.co.uk after the changes have been made.