This website [www.lendermarket.com] (the “Site”) is operated by Lendermarket Limited.
We will use your Data only for the purposes and in the manner set forth below, which describes the steps we take to ensure the processing of your Data is in compliance with the Data Protection Act 2018, the Swiss Federal Act on Data Protection (FADP) and any subsequent data protection and privacy legislation, European Union Law including Regulation (EU) 2016/679, known as the General Data Protection Regulation or GDPR and any subsequent amendments (collectively referred to as “Data Protection Legislation”).
For the purposes of the Data Protection Legislation, the Data Controller of the Site is Lendermarket Limited, having its registered office at 77 Sir John Rogerson’s Quay, Block C, Grand Canal Docklands, Dublin 2, D02 VK60, Ireland
The contact details of our DPO are as follows:
Email address: [email protected]
Mobile phone: +353 16 917 618
We collect your Data from a number of sources.
The Data we collect about you may include the following:
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
We collect and process information about you for the purposes of complying with our legal duties and for other legitimate purposes. We may use your Data, collected from direct interaction, automated forms and third parties to:
For some processing activities, we consider that more than one lawful basis may be relevant – depending on the circumstances.
The following are the basis for the processing of your personal data:
We consider your Data to be private and confidential.
From time to time, we may collect and share your Data with third parties, including third party service providers or other entities within our group (i.e. Creditstar Group AS). We may access and/or disclose your Data if required to do so by law or in good faith and belief that such action is necessary to: (a) conform with the law or comply with legal process served on us; (b) protect and defend our rights or property including, without limitation the security and integrity of our network and systems; or (c) act under exigent circumstances to protect the personal safety of users of our services or members of the public.
We use third party service providers who work for us in the provision of our services, for example, communications, marketing, IT service providers, verification agencies and other business support companies. In providing the services, your Data will, where applicable, be processed by the service provider on our behalf.
We will check any third party that we use to ensure that they can provide sufficient guarantees regarding the confidentiality and security of your Data. We will have written contracts with them which provide assurances regarding the protections that they will give to your Data and their compliance with our data security standards and international transfer restrictions.
Disclosure to Third Parties:
In certain circumstances, we may share and/or are obliged to share your Data with third parties for the purposes described above and in accordance with Data Protection Legislation.
These organisations will also use your Data as a “Data Controller” – they will have their own privacy notices which you should read, and they have their own responsibilities to comply with applicable Data Protection Legislation.
Your Data may be transferred, stored and processed in one or more countries outside the European Economic Area (“EEA”), for example, when one of our service providers use employees or equipment based outside the EEA. For transfers of your personal data to third parties outside of the EEA, we take additional steps in line with Data Protection Legislation. We have put in place adequate safeguards with respect to the protection of your privacy, fundamental rights and freedoms, and the exercise of your rights, e.g. we establish an adequate level of data protection through EU Standard Contractual Clauses based on the EU commission’s model clauses.
If you would like to see a copy of any relevant provisions, please contact the DPO (see “Contact Details of the Data Protection Officer” section above).
We keep your personal data for as long as it is necessary to do so to fulfil the purposes for which it was collected as described above, including for the purposes of satisfying any legal, accounting, or reporting requirements. This may mean that some information is held for longer than other information, for example, we may need to retain some Data for up to ten years. The criteria we use to determine data retention periods for personal data includes the following:
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
The Site contains links to and from other websites and web platforms. In addition, third parties websites may also provide links to the Site. If you follow a link to any of those websites or web platforms, please note that those websites and web platforms have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data to those websites.
We will use appropriate technical and physical security measures to protect your personal data which is transmitted, stored or otherwise processed by us, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access.
Access is only granted to Data on a need-to-know basis to those people whose roles require them to process your personal data. In addition, our service providers are also selected carefully and required to use appropriate protective measures.
As effective as modern security practices are, no physical or electronic security system is entirely secure. The transmission of information via the internet is not completely secure. Although we will do our best to protect your Data, we cannot guarantee the security of your Data transmitted to the Site. Any transmission of Data is at your own risk. Once we receive your Data, we will use appropriate security measures to seek to prevent unauthorised access. We will continue to revise policies and implement additional security features as new technologies become available.
You may have various rights under Data Protection Legislation. However, in certain circumstances, these rights may be restricted. In particular, your rights may be restricted where this is necessary: (i) for the prevention, detection, investigation and prosecution of criminal offences, and/or (ii) in contemplation of or for the establishment, exercise or defence of a legal claim or legal proceedings (whether before a court, tribunal, statutory body or an administrative or out-of-court procedure).
Subject to the above, your rights under Data Protection Legislation may include (as relevant) the right to:
If you want to review, verify, correct or request erasure of your Data, object to its Processing, or request that we transfer a copy of your Data to another party, please contact the DPO (see “Contact Details of the Data Protection Officer” section above).
If you are unhappy about any aspect of the way we collect, share or use your Data, please let us know by contacting our DPO:
Email address of DPO: [email protected]
You also have a right to complain to the Office of the Data Protection Commission at:
Telephone: +353 (0)761 104 800 or Lo Call Number 1890 252 231.
E-mail: [email protected]
Postal Address: Data Protection Commission, Canal House, Station Road, Portarlington, Co. Laois, R32 AP23.