Privacy Policy | Wessex Fleet Solutions Ltd
1. Introduction
This policy is applicable to the entirety of Wessex Fleet Solutions including Directors and Partners, all staff employed by the company, whether permanent, temporary, agency or contract, any other person or persons associated with us (including third parties), or any of our subsidiaries or their employees, no matter where they are located (within or outside of the UK)
The following Data Privacy Policy explains the circumstance in which Wessex Fleet Solutions Ltd (Wessex) will collect personal data, why it is collected, how we will use it and to whom we might disclose it to if necessary. Wessex strongly believe in the importance of keeping clients' personal information personal. Should we ask customers to provide certain information by which they can be identified, then they can be assured that it will only be used in accordance with this privacy policy.
This policy should be read in conjunction with the Data Retention Policy and the IT Security Policy
2. What Data is Being Collected and Processed?
For us to be able to supply quotations, process finance applications, and enter into leasing broker service agreements we will collect, store, and use the following data:
- Full name and job title
- Contact information including email address and telephone numbers
- Address history
- Date of birth
- Employment history
- Income and expenditure details
- Bank account details
- Other information to support the application as requested by credit underwriters
This processing of information is a contractual requirement. Where necessary we will ask for consent to collect and process personal data. Any personal data we collect will not be transferred outside the European Economic Area.
3. Email and Telephone Call Monitoring
We record and store telephone and email records for training and monitoring purposes.
4. Cookies
A cookie is a text file automatically issued to a computer when a customer visits a website. Cookies are used to track the flow of traffic through a website and identify the computer on any future visits to our site.
The information stored in a cookie is not used to identify a particular user, just the computer used to access the site.
By accepting a cookie, the customer allows information about their computer, such as the internet browser type, screen resolution and location country, to compile anonymous statistics about visits to the website.
The Wessex website uses cookies for the invoice payment process only areas, this is to stop customers having to enter their details for each stage of the payment, only the partial form data is stored in the cookie no other personal information is stored in the cookie. The cookie is also only session based and all the information stored in that cookie is cleared as soon as the customer closes the browser.
Overall, cookies help us to provide a better website, but in no way, gives us access to the computer or any information, other than the data the customer chooses to share with us.
Customers can choose to accept or decline cookies. Most web browsers automatically accept cookies, but browser setting can be set to decline cookies.
5. Email Marketing Communications and Tracking
If a customer chooses to opt-in to our direct marketing communications, we will use their information to tell them about products and services available from us which may be of interest.
We use analytics tracking data to monitor the results of our email marketing campaigns in the following ways:
- Email read; this makes use of a ‘clear image’ (gif) to track the reads of the email campaign. Users can disable tracking in emails by turning off images on the email itself.
- Clicks; when a subscriber clicks on a weblink, the details of the link that they have clicked (plus the date and the time of the click) are automatically reported back to our analytics.
- Unsubscribes; when a user clicks on the unsubscribe link their email address is automatically removed from our database and placed in our suppressed list to prevent future accidental mailing. The date and time of the unsubscribe request is recorded.
The customer must have the right to opt-out of our email marketing communications at any time. Opt-out can be by following the Unsubscribe instructions at the bottom of the communication or by contacting us via phone, letter, or email.
6. Social Media Use
Wessex uses social media for the purposes of promoting and communicating our services, products and offers. By signing up to, liking, following, or using any of the Wessex social media pages, the user is subject to the data and privacy policies of these organisations, not Wessex
7. Data Retention Period
We will not store any personal data for longer than necessary and we will delete data that is no longer required for any purposed for which it is collected or otherwise processed, or if consent has been withdrawn for its processing and retention.
We will store the data for a period of seven years after the contract has ended for compliance with our general legal obligations and for the exercise or defence of any legal claims.
Under the GDPR, a customer has the right to ‘block’ or request the deletion or removal of personal data to prevent further processing. This right to erasure is also known as ‘the right to be forgotten.’ Specific circumstances in which a request for the deletion or removal of personal data includes:
- Where the personal data is no longer necessary for the purposes for which it is collected or otherwise processed
- Where consent is withdrawn
- When there is an objection to the processing and there is no overriding legitimate interest for continuing the processing
- Where the personal data was unlawfully processed (i.e., otherwise in breach of the GDPR)
- Where the personal data must be erased to comply with a legal obligation
- In case a deletion is not possible due to legal, statutory, or contractual retention periods, or if it requires disproportionate efforts or prejudices legitimate interests, the data will be blocked instead of deleted
8. Sharing of Data with Other Data Controllers
To administer a contract, we may need to share personal information with other data controllers. This processing is necessary for the purposes of delivering our services.
We will gain agreement to share personal data with any of our finance partners or suppliers to allow us to provide services and products, such as to process finance applications, arrange delivery of a vehicle, to collect a vehicle or notify of a vehicle safety recall. Other data controllers which we may share this information with may include:
- The finance provider (to generate the finance agreement and deal with any in-life queries)
- The supplying dealer group (to order and deliver the vehicle)
- Claims handling and fraud prevention agencies (to investigate or prevent crimes)
We will only share personal information with other data controllers outside when:
- Consent has been given
- It is necessary for the performance of an agreement
- To obtain professional advice (e.g., legal advice)
- We or others need to investigate or prevent crime (e.g., to fraud prevention agencies)
- The law permits or requires it
- Regulatory or governmental body requests or requires it, even without consent, or
- There is a duty to the public to reveal the information
9. Google's Advertising Consent Mode V2
“Advertisers must adhere to the EU consent policy to use ad personalisation. In 2024, enforcement action will also impact measurement features and apply to data from:
- Websites: Tags that send data to Google.
- Apps: SDKs that send data to Google.
- Data uploads: Tools to upload data from non-Google sources, such as offline conversion imports or store sales.
To keep using measurement, ad personalisation, and remarketing features, we must collect consent for the use of personal data from end users based in the EEA and share consent signals with Google. The requirements also apply if we are using Google Analytics data with a Google service.”
10. Credit Reference Agencies
In considering an application, the lender will search records at credit reference agencies. A record of any search and the application will be seen by other organisations that make comparable searches.
Directors and Partners of firms applying for credit or hire may also be searched. On occasion, we may request a credit check with more than one finance provider.
If there are joint applicants or other financial association with another person, or a director of a firm which is applying for a facility, the customer declares they are entitled to:
- Disclose information about the joint applicant, fellow directors, and anyone else referred to us by the customer
- Authorise us to search, link or record information at credit reference agencies about the customer and anyone else referred to by them
A credit scoring system will be used when assessing the application.
The lender will add details of any agreements to the customer’s credit file, including the payments they make under the agreement and any default or failure to keep to its terms and conditions. The records will be shared with other organisations and will be used to make future decisions about credit and/or credit related services like insurance. It will also be used to trace debtors; recover debt and manage the credit account.
11. Fraud Prevention
If the customer gives us false or inaccurate information and we identify that fraud has taken place, fraud prevention agencies will be informed. The follow information will be shared with organisations to prevent fraud and money laundering:
- Credit related accounts and facilities
- Application details for credit and credit related activities
- Debt recovery
- Applications and claims for all types of insurance
- Job applicants and Employees
In addition, law enforcement agencies may access and use this information.
12. Keeping Data Secure
Personal data collected by us is kept as safe as possible and all our systems are password protected. All our staff are aware of our company managing data security policy.
Whilst we will use all reasonable efforts to safeguard such personal data, we acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data which is transferred from, or to, the customer via the internet. The customer therefore agrees that the use of the internet is entirely at their own risk.
13. Updating Personal Data
If a customer believes the personal data we hold about them is inaccurate or incomplete, they have the right to rectification. Where possible, we will also inform any third parties to whom we have disclosed the personal data in question to so they can rectify their records.
14. Subject Access Requests
The customer has the right to request access to a copy of the personal data that we hold about them. This information is provided free of charge however, we can refuse to respond if we deem it to be manifestly unfounded or excessive. Legal costs may be sought in the event of a request made.
15. Complaints
A customer can contact us by telephone or in writing and the complaint will be resolved by the appropriate person in the shortest possible time. Whilst we will try to resolve the complaint immediately, this may not be possible. We will inform the customer of the progress of our investigations and provide our final response in writing, providing our finding and any proposed resolution, if applicable.
16. IP Addresses and Server Logs
The WFS site records IP addresses and produces server logs. this information is used solely for monitoring the volume of traffic the site receives and measuring the number of Clients.
17. Review
The effectiveness of the Policy Statement will be monitored and reviewed at least annually to ensure the Company’s continuing compliance with any relevant legislation. As statutory and online requirements change so this policy document may change. Any changes will be highlighted across the site to ensure that all Clients have the opportunity to respond to these changes.
Last Updated: 19/03/2024